From 3b59696a93e7bbc7ec7ad0371ddac02a7d990cd6 Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Sat, 2 Nov 2013 11:18:39 +0000 Subject: [PATCH] http: Added proxy tunnel authentication message header value extraction ...following recent changes to Curl_base64_decode() rather than trying to parse a header line for the authentication mechanisms which is CRLF terminated and inline zero terminate it. --- lib/http.c | 2 +- lib/http.h | 3 ++- lib/http_proxy.c | 11 +++++++++-- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/lib/http.c b/lib/http.c index 55a8166de..3025beff1 100644 --- a/lib/http.c +++ b/lib/http.c @@ -187,7 +187,7 @@ char *Curl_checkheaders(struct SessionHandle *data, const char *thisheader) * case of allocation failure. Returns an empty string if the header value * consists entirely of whitespace. */ -static char *copy_header_value(const char *h) +char *copy_header_value(const char *h) { const char *start; const char *end; diff --git a/lib/http.h b/lib/http.h index a506238a6..d74714d58 100644 --- a/lib/http.h +++ b/lib/http.h @@ -35,11 +35,12 @@ extern const struct Curl_handler Curl_handler_http; extern const struct Curl_handler Curl_handler_https; #endif +/* Header specific function */ bool Curl_compareheader(const char *headerline, /* line to check */ const char *header, /* header keyword _with_ colon */ const char *content); /* content string to find */ - char *Curl_checkheaders(struct SessionHandle *data, const char *thisheader); +char *copy_header_value(const char *h); /* ------------------------------------------------------------------------- */ /* diff --git a/lib/http_proxy.c b/lib/http_proxy.c index 6a555525d..97edc486e 100644 --- a/lib/http_proxy.c +++ b/lib/http_proxy.c @@ -452,8 +452,15 @@ CURLcode Curl_proxyCONNECT(struct connectdata *conn, (401 == k->httpcode)) || (checkprefix("Proxy-authenticate:", line_start) && (407 == k->httpcode))) { - result = Curl_http_input_auth(conn, k->httpcode, - line_start); + + char *auth = copy_header_value(line_start); + if(!auth) + return CURLE_OUT_OF_MEMORY; + + result = Curl_http_input_auth(conn, k->httpcode, auth); + + Curl_safefree(auth); + if(result) return result; }