#include "curl_setup.h"
-#if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \
- defined(NTLM_WB_ENABLED)
+#if defined(USE_NTLM) && defined(NTLM_WB_ENABLED)
/*
* NTLM details:
#ifdef HAVE_SIGNAL_H
#include <signal.h>
#endif
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
#include "urldata.h"
#include "sendf.h"
char *slash, *domain = NULL;
const char *ntlm_auth = NULL;
char *ntlm_auth_alloc = NULL;
-#if defined(HAVE_GETPWUID_R) && defined(HAVE_GETEUID)
- struct passwd pw, *pw_res;
- char pwbuf[1024];
-#endif
int error;
/* Return if communication with ntlm_auth already set up */
return CURLE_OK;
username = userp;
- /* The real ntlm_auth really doesn't like being invoked with an
- empty username. It won't make inferences for itself, and expects
- the client to do so (mostly because it's really designed for
- servers like squid to use for auth, and client support is an
- afterthought for it). So try hard to provide a suitable username
- if we don't already have one. But if we can't, provide the
- empty one anyway. Perhaps they have an implementation of the
- ntlm_auth helper which *doesn't* need it so we might as well try */
- if(!username || !username[0]) {
- username = getenv("NTLMUSER");
- if(!username || !username[0])
- username = getenv("LOGNAME");
- if(!username || !username[0])
- username = getenv("USER");
-#if defined(HAVE_GETPWUID_R) && defined(HAVE_GETEUID)
- if((!username || !username[0]) &&
- !getpwuid_r(geteuid(), &pw, pwbuf, sizeof(pwbuf), &pw_res) &&
- pw_res) {
- username = pw.pw_name;
- }
-#endif
- if(!username || !username[0])
- username = userp;
- }
slash = strpbrk(username, "\\/");
if(slash) {
if((domain = strdup(username)) == NULL)
static CURLcode ntlm_wb_response(struct connectdata *conn,
const char *input, curlntlm state)
{
- char *buf = malloc(NTLM_BUFSIZE);
- size_t len_in = strlen(input), len_out = 0;
-
- if(!buf)
- return CURLE_OUT_OF_MEMORY;
+ ssize_t size;
+ char buf[NTLM_BUFSIZE];
+ char *tmpbuf = buf;
+ size_t len_in = strlen(input);
+ size_t len_out = sizeof(buf);
while(len_in > 0) {
ssize_t written = swrite(conn->ntlm_auth_hlpr_socket, input, len_in);
len_in -= written;
}
/* Read one line */
- while(1) {
- ssize_t size;
- char *newbuf;
-
- size = sread(conn->ntlm_auth_hlpr_socket, buf + len_out, NTLM_BUFSIZE);
+ while(len_out > 0) {
+ size = sread(conn->ntlm_auth_hlpr_socket, tmpbuf, len_out);
if(size == -1) {
if(errno == EINTR)
continue;
}
else if(size == 0)
goto done;
-
- len_out += size;
- if(buf[len_out - 1] == '\n') {
- buf[len_out - 1] = '\0';
- break;
+ else if(tmpbuf[size - 1] == '\n') {
+ tmpbuf[size - 1] = '\0';
+ goto wrfinish;
}
- newbuf = realloc(buf, len_out + NTLM_BUFSIZE);
- if(!newbuf) {
- free(buf);
- return CURLE_OUT_OF_MEMORY;
- }
- buf = newbuf;
+ tmpbuf += size;
+ len_out -= size;
}
-
+ goto done;
+wrfinish:
/* Samba/winbind installed but not configured */
if(state == NTLMSTATE_TYPE1 &&
- len_out == 3 &&
+ size == 3 &&
buf[0] == 'P' && buf[1] == 'W')
return CURLE_REMOTE_ACCESS_DENIED;
/* invalid response */
- if(len_out < 4)
+ if(size < 4)
goto done;
if(state == NTLMSTATE_TYPE1 &&
(buf[0]!='Y' || buf[1]!='R' || buf[2]!=' '))
(buf[0]!='A' || buf[1]!='F' || buf[2]!=' '))
goto done;
- conn->response_header = aprintf("NTLM %.*s", len_out - 4, buf + 3);
- free(buf);
+ conn->response_header = aprintf("NTLM %.*s", size - 4, buf + 3);
return CURLE_OK;
done:
- free(buf);
return CURLE_REMOTE_ACCESS_DENIED;
}
return CURLE_OK;
}
-#endif /* !CURL_DISABLE_HTTP && USE_NTLM && NTLM_WB_ENABLED */
+#endif /* USE_NTLM && NTLM_WB_ENABLED */