mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 23:58:49 -05:00
ntlm_wb: Fix hard-coded limit on NTLM auth packet size
Bumping it to 1KiB in commit aaaf9e50ec
is all very well, but having hit
a hard limit once let's just make it cope by reallocating as necessary.
This commit is contained in:
parent
df5169fa35
commit
9008f3d564
@ -227,11 +227,11 @@ done:
|
||||
static CURLcode ntlm_wb_response(struct connectdata *conn,
|
||||
const char *input, curlntlm state)
|
||||
{
|
||||
ssize_t size;
|
||||
char buf[NTLM_BUFSIZE];
|
||||
char *tmpbuf = buf;
|
||||
size_t len_in = strlen(input);
|
||||
size_t len_out = sizeof(buf);
|
||||
char *buf = malloc(NTLM_BUFSIZE);
|
||||
size_t len_in = strlen(input), len_out = 0;
|
||||
|
||||
if(!buf)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
while(len_in > 0) {
|
||||
ssize_t written = swrite(conn->ntlm_auth_hlpr_socket, input, len_in);
|
||||
@ -246,8 +246,11 @@ static CURLcode ntlm_wb_response(struct connectdata *conn,
|
||||
len_in -= written;
|
||||
}
|
||||
/* Read one line */
|
||||
while(len_out > 0) {
|
||||
size = sread(conn->ntlm_auth_hlpr_socket, tmpbuf, len_out);
|
||||
while(1) {
|
||||
ssize_t size;
|
||||
char *newbuf;
|
||||
|
||||
size = sread(conn->ntlm_auth_hlpr_socket, buf + len_out, NTLM_BUFSIZE);
|
||||
if(size == -1) {
|
||||
if(errno == EINTR)
|
||||
continue;
|
||||
@ -255,22 +258,28 @@ static CURLcode ntlm_wb_response(struct connectdata *conn,
|
||||
}
|
||||
else if(size == 0)
|
||||
goto done;
|
||||
else if(tmpbuf[size - 1] == '\n') {
|
||||
tmpbuf[size - 1] = '\0';
|
||||
|
||||
len_out += size;
|
||||
if(buf[len_out - 1] == '\n') {
|
||||
buf[len_out - 1] = '\0';
|
||||
goto wrfinish;
|
||||
}
|
||||
tmpbuf += size;
|
||||
len_out -= size;
|
||||
newbuf = realloc(buf, len_out + NTLM_BUFSIZE);
|
||||
if(!newbuf) {
|
||||
free(buf);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
buf = newbuf;
|
||||
}
|
||||
goto done;
|
||||
wrfinish:
|
||||
/* Samba/winbind installed but not configured */
|
||||
if(state == NTLMSTATE_TYPE1 &&
|
||||
size == 3 &&
|
||||
len_out == 3 &&
|
||||
buf[0] == 'P' && buf[1] == 'W')
|
||||
return CURLE_REMOTE_ACCESS_DENIED;
|
||||
/* invalid response */
|
||||
if(size < 4)
|
||||
if(len_out < 4)
|
||||
goto done;
|
||||
if(state == NTLMSTATE_TYPE1 &&
|
||||
(buf[0]!='Y' || buf[1]!='R' || buf[2]!=' '))
|
||||
@ -280,9 +289,11 @@ wrfinish:
|
||||
(buf[0]!='A' || buf[1]!='F' || buf[2]!=' '))
|
||||
goto done;
|
||||
|
||||
conn->response_header = aprintf("NTLM %.*s", size - 4, buf + 3);
|
||||
conn->response_header = aprintf("NTLM %.*s", len_out - 4, buf + 3);
|
||||
free(buf);
|
||||
return CURLE_OK;
|
||||
done:
|
||||
free(buf);
|
||||
return CURLE_REMOTE_ACCESS_DENIED;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user