mirror of https://github.com/moparisthebest/curl
ntlm: Ensure the HTTP header data is not stored in the challenge/response
This commit is contained in:
parent
5cd0f5cc7f
commit
f41deddde8
|
@ -108,8 +108,8 @@ static void ntlm_wb_cleanup(struct ntlmdata *ntlm)
|
||||||
ntlm->ntlm_auth_hlpr_pid = 0;
|
ntlm->ntlm_auth_hlpr_pid = 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
Curl_safefree(ntlm->challenge_header);
|
Curl_safefree(ntlm->challenge);
|
||||||
Curl_safefree(ntlm->response_header);
|
Curl_safefree(ntlm->response);
|
||||||
}
|
}
|
||||||
|
|
||||||
static CURLcode ntlm_wb_init(struct connectdata *conn, struct ntlmdata *ntlm,
|
static CURLcode ntlm_wb_init(struct connectdata *conn, struct ntlmdata *ntlm,
|
||||||
|
@ -325,9 +325,9 @@ static CURLcode ntlm_wb_response(struct connectdata *conn,
|
||||||
(buf[0]!='A' || buf[1]!='F' || buf[2]!=' '))
|
(buf[0]!='A' || buf[1]!='F' || buf[2]!=' '))
|
||||||
goto done;
|
goto done;
|
||||||
|
|
||||||
ntlm->response_header = aprintf("NTLM %.*s", len_out - 4, buf + 3);
|
ntlm->response = aprintf("%.*s", len_out - 4, buf + 3);
|
||||||
free(buf);
|
free(buf);
|
||||||
if(!ntlm->response_header)
|
if(!ntlm->response)
|
||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
return CURLE_OK;
|
return CURLE_OK;
|
||||||
done:
|
done:
|
||||||
|
@ -350,8 +350,8 @@ CURLcode Curl_input_ntlm_wb(struct connectdata *conn,
|
||||||
header++;
|
header++;
|
||||||
|
|
||||||
if(*header) {
|
if(*header) {
|
||||||
ntlm->challenge_header = strdup(header);
|
ntlm->challenge = strdup(header);
|
||||||
if(!ntlm->challenge_header)
|
if(!ntlm->challenge)
|
||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
|
|
||||||
*state = NTLMSTATE_TYPE2; /* We got a type-2 message */
|
*state = NTLMSTATE_TYPE2; /* We got a type-2 message */
|
||||||
|
@ -443,17 +443,17 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
|
||||||
return res;
|
return res;
|
||||||
|
|
||||||
free(*allocuserpwd);
|
free(*allocuserpwd);
|
||||||
*allocuserpwd = aprintf("%sAuthorization: %s\r\n",
|
*allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n",
|
||||||
proxy ? "Proxy-" : "",
|
proxy ? "Proxy-" : "",
|
||||||
ntlm->response_header);
|
ntlm->response);
|
||||||
DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd));
|
DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd));
|
||||||
Curl_safefree(ntlm->response_header);
|
Curl_safefree(ntlm->response);
|
||||||
if(!*allocuserpwd)
|
if(!*allocuserpwd)
|
||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
case NTLMSTATE_TYPE2: {
|
case NTLMSTATE_TYPE2: {
|
||||||
char *input = aprintf("TT %s\n", ntlm->challenge_header);
|
char *input = aprintf("TT %s\n", ntlm->challenge);
|
||||||
if(!input)
|
if(!input)
|
||||||
return CURLE_OUT_OF_MEMORY;
|
return CURLE_OUT_OF_MEMORY;
|
||||||
res = ntlm_wb_response(conn, ntlm, input, *state);
|
res = ntlm_wb_response(conn, ntlm, input, *state);
|
||||||
|
@ -462,9 +462,9 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
|
||||||
return res;
|
return res;
|
||||||
|
|
||||||
free(*allocuserpwd);
|
free(*allocuserpwd);
|
||||||
*allocuserpwd = aprintf("%sAuthorization: %s\r\n",
|
*allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n",
|
||||||
proxy ? "Proxy-" : "",
|
proxy ? "Proxy-" : "",
|
||||||
ntlm->response_header);
|
ntlm->response);
|
||||||
DEBUG_OUT(fprintf(stderr, "**** %s\n ", *allocuserpwd));
|
DEBUG_OUT(fprintf(stderr, "**** %s\n ", *allocuserpwd));
|
||||||
*state = NTLMSTATE_TYPE3; /* we sent a type-3 */
|
*state = NTLMSTATE_TYPE3; /* we sent a type-3 */
|
||||||
authp->done = TRUE;
|
authp->done = TRUE;
|
||||||
|
|
|
@ -372,8 +372,8 @@ struct ntlmdata {
|
||||||
/* used for communication with Samba's winbind daemon helper ntlm_auth */
|
/* used for communication with Samba's winbind daemon helper ntlm_auth */
|
||||||
curl_socket_t ntlm_auth_hlpr_socket;
|
curl_socket_t ntlm_auth_hlpr_socket;
|
||||||
pid_t ntlm_auth_hlpr_pid;
|
pid_t ntlm_auth_hlpr_pid;
|
||||||
char *challenge_header;
|
char *challenge; /* The received base64 encoded ntlm type-2 message */
|
||||||
char *response_header;
|
char *response; /* The generated base64 ntlm type-1/type-3 message */
|
||||||
#endif
|
#endif
|
||||||
#endif
|
#endif
|
||||||
};
|
};
|
||||||
|
|
Loading…
Reference in New Issue