+2001-08-24 Alex Graveley <alex@ximian.com>
+
+ * src/soup-core/soup-queue.c (soup_queue_connect_cb): Always
+ regenerate req->priv->req_header.
+
+ * src/soup-core/soup-ntlm.c (soup_ntlm_lanmanager_hash): pass 15
+ byte buffer to work around array bounds read by setup_schedule.
+
+ * src/soup-core/soup-message.c (authorize_handler): No need to
+ free msg->priv->req_header as it is generated on each request now.
+ (soup_message_set_request_header): Ditto.
+
+ * src/soup-core/soup-auth.c (ntlm_auth): Only return
+ auth->response one time. Subsequent calls return NULL.
+
+ * src/soup-core/soup-queue.c (soup_encode_http_auth): Check for
+ NULL auth response.
+
2001-08-23 Alex Graveley <alex@ximian.com>
* src/soup-core/soup-auth.c (ntlm_new): Fix under-allocation.
typedef struct {
SoupAuth auth;
- gchar *request;
gchar *response;
} SoupAuthNTLM;
return TRUE;
}
+/*
+ * SoupAuthNTLMs are one time use. Just return the response, and set our
+ * reference to NULL so future requests do not include this header.
+ */
static gchar *
ntlm_auth (SoupAuth *sa, SoupMessage *msg)
{
SoupAuthNTLM *auth = (SoupAuthNTLM *) sa;
+ gchar *ret;
+
+ ret = auth->response;
+ auth->response = NULL;
- return auth->response ? auth->response : auth->request;
+ return ret;
}
+static inline gchar *
+ntlm_get_authmech_token (const SoupUri *uri, gchar *key)
+{
+ gchar *idx;
+ gint len;
+
+ if (!uri->authmech) return NULL;
+
+ idx = strstr (uri->authmech, key);
+ if (idx) {
+ idx += strlen (key);
+
+ len = strcspn (idx, ",; ");
+ if (len)
+ return g_strndup (idx, len);
+ else
+ return g_strdup (idx);
+ }
+
+ return NULL;
+}
/*
* FIXME: Because NTLM is a two step process, we parse the host and domain out
{
SoupAuthNTLM *auth = (SoupAuthNTLM *) sa;
const SoupUri *uri = soup_context_get_uri (auth->auth.context);
- gchar *idx, *host = NULL, *domain = NULL;
+ gchar *host, *domain;
- /*
- idx = strchr (uri->host, '.');
- if (idx)
- host = g_strndup (uri->host, idx - uri->host);
- else
- host = g_strdup (uri->host);
-
- if (uri->authmech) {
- idx = strstr (uri->authmech, "domain=");
- if (idx) {
- gint len;
-
- idx += sizeof ("domain=") - 1;
-
- len = strcspn (idx, ",; ");
- if (len)
- domain = g_strndup (idx, len);
- else
- domain = g_strdup (idx);
- }
- }
-
- soup_debug_print_uri (uri);
- */
-
- host = "FAKEHOST";
- domain = "FAKEDOMAIN";
+ host = ntlm_get_authmech_token (uri, "host=");
+ domain = ntlm_get_authmech_token (uri, "domain=");
if (strlen (header) < sizeof ("NTLM"))
- auth->request = soup_ntlm_request (host,
- domain ? domain : "UNKNOWN");
+ auth->response =
+ soup_ntlm_request (host ? host : "UNKNOWN",
+ domain ? domain : "UNKNOWN");
else {
gchar lm_hash [21], nt_hash [21];
uri->user,
(gchar *) &lm_hash,
(gchar *) &nt_hash,
- host,
+ host ? host : "UNKNOWN",
domain ? domain : "UNKNOWN");
}
- /*
g_free (host);
g_free (domain);
- */
}
static void
{
SoupAuthNTLM *auth = (SoupAuthNTLM *) sa;
- g_free (auth->request);
g_free (auth->response);
g_free (auth);
}
return (SoupAuth *) auth;
}
+
/*
* Generic Authentication Interface
*/
ctx->auth = auth;
- if (msg->priv->req_header) {
- g_string_free (msg->priv->req_header, TRUE);
- msg->priv->req_header = NULL;
- }
-
soup_message_queue (msg, msg->priv->callback, msg->priv->user_data);
return SOUP_ERROR_NONE;
g_return_if_fail (req != NULL);
g_return_if_fail (name != NULL || name [0] != '\0');
- if (req->priv->req_header) {
- g_string_free (req->priv->req_header, TRUE);
- req->priv->req_header = NULL;
- }
-
soup_message_set_header (&req->request_headers, name, value);
}
soup_encode_http_auth (SoupMessage *msg, GString *header, gboolean proxy_auth)
{
SoupContext *ctx;
+ char *token;
ctx = proxy_auth ? soup_get_proxy () : msg->context;
if (ctx->auth) {
- char *token;
-
token = soup_auth_authorize (ctx->auth, msg);
-
- g_string_sprintfa (
- header,
- "%s: %s\r\n",
- proxy_auth ? "Proxy-Authorization" : "Authorization",
- token);
-
- g_free (token);
+ if (token) {
+ g_string_sprintfa (
+ header,
+ "%s: %s\r\n",
+ proxy_auth ?
+ "Proxy-Authorization" :
+ "Authorization",
+ token);
+
+ g_free (token);
+ }
}
}
return;
}
- if (!req->priv->req_header)
- req->priv->req_header = soup_get_request_header (req);
+ if (req->priv->req_header) {
+ g_string_free (req->priv->req_header, TRUE);
+ req->priv->req_header = NULL;
+ }
+
+ req->priv->req_header = soup_get_request_header (req);
channel = soup_connection_get_iochannel (conn);