static bool pickoneauth(struct auth *pick)
{
bool picked;
- if(pick->avail) {
- /* only deal with authentication we want */
- long avail = pick->avail & pick->want;
- picked = TRUE;
-
- /* The order of these checks is highly relevant, as this will be the order
- of preference in case of the existance of multiple accepted types. */
- if(avail & CURLAUTH_GSSNEGOTIATE)
- pick->picked = CURLAUTH_GSSNEGOTIATE;
- else if(avail & CURLAUTH_DIGEST)
- pick->picked = CURLAUTH_DIGEST;
- else if(avail & CURLAUTH_NTLM)
- pick->picked = CURLAUTH_NTLM;
- else if(avail & CURLAUTH_BASIC)
- pick->picked = CURLAUTH_BASIC;
- else {
- pick->picked = CURLAUTH_NONE; /* none was picked clear it */
- picked = FALSE;
- }
- pick->avail = CURLAUTH_NONE; /* clear it here */
+ /* only deal with authentication we want */
+ long avail = pick->avail & pick->want;
+ picked = TRUE;
+
+ /* The order of these checks is highly relevant, as this will be the order
+ of preference in case of the existance of multiple accepted types. */
+ if(avail & CURLAUTH_GSSNEGOTIATE)
+ pick->picked = CURLAUTH_GSSNEGOTIATE;
+ else if(avail & CURLAUTH_DIGEST)
+ pick->picked = CURLAUTH_DIGEST;
+ else if(avail & CURLAUTH_NTLM)
+ pick->picked = CURLAUTH_NTLM;
+ else if(avail & CURLAUTH_BASIC)
+ pick->picked = CURLAUTH_BASIC;
+ else {
+ pick->picked = CURLAUTH_PICKNONE; /* we select to use nothing */
+ picked = FALSE;
}
- else
- return FALSE;
+ pick->avail = CURLAUTH_NONE; /* clear it here */
return picked;
}
if(data->state.authproblem)
return data->set.http_fail_on_error?CURLE_HTTP_RETURNED_ERROR:CURLE_OK;
- if(conn->bits.user_passwd) {
+ if(conn->bits.user_passwd &&
+ ((conn->keep.httpcode == 401) || conn->bits.authprobe)) {
pickhost = pickoneauth(&data->state.authhost);
- if(!pickhost && (conn->keep.httpcode == 401))
+ if(!pickhost)
data->state.authproblem = TRUE;
}
- if(conn->bits.proxy_user_passwd) {
+ if(conn->bits.proxy_user_passwd &&
+ ((conn->keep.httpcode == 407) || conn->bits.authprobe) ) {
pickproxy = pickoneauth(&data->state.authproxy);
- if(!pickproxy && (conn->keep.httpcode == 407))
+ if(!pickproxy)
data->state.authproblem = TRUE;
}
return CURLE_OK; /* no authentication with no user or password */
}
- if(data->state.authhost.want &&
- !data->state.authhost.picked) {
+ if(data->state.authhost.want && !data->state.authhost.picked)
/* The app has selected one or more methods, but none has been picked
so far by a server round-trip. Then we set the picked one to the
want one, and if this is one single bit it'll be used instantly. */
data->state.authhost.picked = data->state.authhost.want;
- }
- if(data->state.authproxy.want &&
- !data->state.authproxy.picked) {
- /* The app has selected one or more methods, but none has been picked
- so far by a server round-trip. Then we set the picked one to the
- want one, and if this is one single bit it'll be used instantly. */
+ if(data->state.authproxy.want && !data->state.authproxy.picked)
+ /* The app has selected one or more methods, but none has been picked so
+ far by a proxy round-trip. Then we set the picked one to the want one,
+ and if this is one single bit it'll be used instantly. */
data->state.authproxy.picked = data->state.authproxy.want;
- }
/* To prevent the user+password to get sent to other than the original
host due to a location-follow, we do some weirdo checks here */
httpreq = HTTPREQ_HEAD;
request = (char *)"HEAD";
conn->bits.no_body = TRUE;
+ conn->bits.authprobe = TRUE; /* this is a request done to probe for
+ authentication methods */
}
+ else
+ conn->bits.authprobe = FALSE;
Curl_safefree(conn->allocptr.ref);
if(data->change.referer && !checkheaders(data, "Referer:"))
#define __HTTP_H
/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
+ * _ _ ____ _
+ * Project ___| | | | _ \| |
+ * / __| | | | |_) | |
+ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2004, Daniel Stenberg, <daniel@haxx.se>, et al.
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at http://curl.haxx.se/docs/copyright.html.
- *
+ *
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
CURLcode Curl_http_auth_act(struct connectdata *conn);
int Curl_http_should_fail(struct connectdata *conn);
+
+/* If only the PICKNONE bit is set, there has been a round-trip and we
+ selected to use no auth at all. Ie, we actively select no auth, as opposed
+ to not having one selected. The other CURLAUTH_* defines are present in the
+ public curl/curl.h header. */
+#define CURLAUTH_PICKNONE (1<<30) /* don't use auth */
+
#endif
#endif