From cdccb422671aebd198ed338ac6111cfde303f1cc Mon Sep 17 00:00:00 2001
From: Steve Holme <steve_holme@hotmail.com>
Date: Wed, 30 Oct 2013 21:33:28 +0000
Subject: [PATCH] http: Added authentication message header value extraction

...following recent changes to Curl_base64_decode() rather than trying
to parse a header line for the authentication mechanisms which is CRLF
terminated and inline zero terminate it.
---
 lib/curl_ntlm.c   |  4 ----
 lib/http.c        | 64 +++++++++++++++++++++++++++----------------------------
 lib/http_digest.c |  4 ----
 3 files changed, 32 insertions(+), 40 deletions(-)

diff --git a/lib/curl_ntlm.c b/lib/curl_ntlm.c
index 4d126a5..389ff66 100644
--- a/lib/curl_ntlm.c
+++ b/lib/curl_ntlm.c
@@ -77,10 +77,6 @@ CURLcode Curl_input_ntlm(struct connectdata *conn,
 
   ntlm = proxy ? &conn->proxyntlm : &conn->ntlm;
 
-  /* skip initial whitespaces */
-  while(*header && ISSPACE(*header))
-    header++;
-
   if(checkprefix("NTLM", header)) {
     header += strlen("NTLM");
 
diff --git a/lib/http.c b/lib/http.c
index 3b18c63..55a8166 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -701,7 +701,7 @@ Curl_http_output_auth(struct connectdata *conn,
 
 CURLcode Curl_http_input_auth(struct connectdata *conn,
                               int httpcode,
-                              const char *header) /* the first non-space */
+                              const char *auth) /* the first non-space */
 {
   /*
    * This resource requires authentication
@@ -709,24 +709,17 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
   struct SessionHandle *data = conn->data;
 
   unsigned long *availp;
-  const char *start;
   struct auth *authp;
 
   if(httpcode == 407) {
-    start = header+strlen("Proxy-authenticate:");
     availp = &data->info.proxyauthavail;
     authp = &data->state.authproxy;
   }
   else {
-    start = header+strlen("WWW-Authenticate:");
     availp = &data->info.httpauthavail;
     authp = &data->state.authhost;
   }
 
-  /* pass all white spaces */
-  while(*start && ISSPACE(*start))
-    start++;
-
   /*
    * Here we check if we want the specific single authentication (using ==) and
    * if we do, we initiate usage of it.
@@ -744,10 +737,10 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
    *
    */
 
-  while(*start) {
+  while(*auth) {
 #ifdef USE_HTTP_NEGOTIATE
-    if(checkprefix("GSS-Negotiate", start) ||
-       checkprefix("Negotiate", start)) {
+    if(checkprefix("GSS-Negotiate", auth) ||
+       checkprefix("Negotiate", auth)) {
       int neg;
       *availp |= CURLAUTH_GSSNEGOTIATE;
       authp->avail |= CURLAUTH_GSSNEGOTIATE;
@@ -760,7 +753,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
           data->state.authproblem = TRUE;
         }
         else {
-          neg = Curl_input_negotiate(conn, (bool)(httpcode == 407), start);
+          neg = Curl_input_negotiate(conn, (bool)(httpcode == 407), auth);
           if(neg == 0) {
             DEBUGASSERT(!data->req.newurl);
             data->req.newurl = strdup(data->change.url);
@@ -779,14 +772,14 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
 #endif
 #ifdef USE_NTLM
       /* NTLM support requires the SSL crypto libs */
-      if(checkprefix("NTLM", start)) {
+      if(checkprefix("NTLM", auth)) {
         *availp |= CURLAUTH_NTLM;
         authp->avail |= CURLAUTH_NTLM;
         if(authp->picked == CURLAUTH_NTLM ||
            authp->picked == CURLAUTH_NTLM_WB) {
           /* NTLM authentication is picked and activated */
           CURLcode ntlm =
-            Curl_input_ntlm(conn, (httpcode == 407)?TRUE:FALSE, start);
+            Curl_input_ntlm(conn, (httpcode == 407)?TRUE:FALSE, auth);
           if(CURLE_OK == ntlm) {
             data->state.authproblem = FALSE;
 #ifdef NTLM_WB_ENABLED
@@ -798,14 +791,14 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
 
               /* Get the challenge-message which will be passed to
                * ntlm_auth for generating the type 3 message later */
-              while(*start && ISSPACE(*start))
-                start++;
-              if(checkprefix("NTLM", start)) {
-                start += strlen("NTLM");
-                while(*start && ISSPACE(*start))
-                  start++;
-                if(*start)
-                  if((conn->challenge_header = strdup(start)) == NULL)
+              while(*auth && ISSPACE(*auth))
+                auth++;
+              if(checkprefix("NTLM", auth)) {
+                auth += strlen("NTLM");
+                while(*auth && ISSPACE(*auth))
+                  auth++;
+                if(*auth)
+                  if((conn->challenge_header = strdup(auth)) == NULL)
                     return CURLE_OUT_OF_MEMORY;
               }
             }
@@ -820,7 +813,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
       else
 #endif
 #ifndef CURL_DISABLE_CRYPTO_AUTH
-        if(checkprefix("Digest", start)) {
+        if(checkprefix("Digest", auth)) {
           if((authp->avail & CURLAUTH_DIGEST) != 0) {
             infof(data, "Ignoring duplicate digest auth header.\n");
           }
@@ -833,7 +826,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
              * authentication isn't activated yet, as we need to store the
              * incoming data from this header in case we are gonna use
              * Digest. */
-            dig = Curl_input_digest(conn, (httpcode == 407)?TRUE:FALSE, start);
+            dig = Curl_input_digest(conn, (httpcode == 407)?TRUE:FALSE, auth);
 
             if(CURLDIGEST_FINE != dig) {
               infof(data, "Authentication problem. Ignoring this.\n");
@@ -843,7 +836,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
         }
         else
 #endif
-          if(checkprefix("Basic", start)) {
+          if(checkprefix("Basic", auth)) {
             *availp |= CURLAUTH_BASIC;
             authp->avail |= CURLAUTH_BASIC;
             if(authp->picked == CURLAUTH_BASIC) {
@@ -857,12 +850,12 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
           }
 
     /* there may be multiple methods on one line, so keep reading */
-    while(*start && *start != ',') /* read up to the next comma */
-      start++;
-    if(*start == ',') /* if we're on a comma, skip it */
-      start++;
-    while(*start && ISSPACE(*start))
-      start++;
+    while(*auth && *auth != ',') /* read up to the next comma */
+      auth++;
+    if(*auth == ',') /* if we're on a comma, skip it */
+      auth++;
+    while(*auth && ISSPACE(*auth))
+      auth++;
   }
   return CURLE_OK;
 }
@@ -3455,7 +3448,14 @@ CURLcode Curl_http_readwrite_headers(struct SessionHandle *data,
              (401 == k->httpcode)) ||
             (checkprefix("Proxy-authenticate:", k->p) &&
              (407 == k->httpcode))) {
-      result = Curl_http_input_auth(conn, k->httpcode, k->p);
+      char *auth = copy_header_value(k->p);
+      if(!auth)
+        return CURLE_OUT_OF_MEMORY;
+
+      result = Curl_http_input_auth(conn, k->httpcode, auth);
+
+      Curl_safefree(auth);
+
       if(result)
         return result;
     }
diff --git a/lib/http_digest.c b/lib/http_digest.c
index f50f803..e2e6113 100644
--- a/lib/http_digest.c
+++ b/lib/http_digest.c
@@ -141,10 +141,6 @@ CURLdigest Curl_input_digest(struct connectdata *conn,
     d = &data->state.digest;
   }
 
-  /* skip initial whitespaces */
-  while(*header && ISSPACE(*header))
-    header++;
-
   if(checkprefix("Digest", header)) {
     header += strlen("Digest");
 
-- 
2.7.4