Unverified Commit fe20826b authored by Steve Holme's avatar Steve Holme
Browse files

http_ntlm_wb: Move the type-2 message processing into a dedicated function 

This brings the code inline with the other HTTP authentication mechanisms.

Closes #3890
parent ab4616f8

lib/curl_ntlm_wb.c

+26 −0
Original line number Diff line number Diff line
@@ -53,6 +53,8 @@ 
#include "url.h"

#include "strerror.h"

#include "strdup.h"

#include "strcase.h"



/* The last 3 #include files should be in this order */

#include "curl_printf.h"

#include "curl_memory.h"
@@ -333,6 +335,30 @@ done: 
  return CURLE_REMOTE_ACCESS_DENIED;

}



CURLcode Curl_input_ntlm_wb(struct connectdata *conn,

                            bool proxy,

                            const char *header)

{

  (void) proxy;



  if(!checkprefix("NTLM", header))

    return CURLE_BAD_CONTENT_ENCODING;



  header += strlen("NTLM");

  while(*header && ISSPACE(*header))

    header++;



  if(*header) {

    conn->challenge_header = strdup(header);

    if(!conn->challenge_header)

      return CURLE_OUT_OF_MEMORY;

  }

  else

    return CURLE_BAD_CONTENT_ENCODING;



  return CURLE_OK;

}



/*

 * This is for creating ntlm header output by delegating challenge/response

 * to Samba's winbind daemon helper ntlm_auth.

lib/curl_ntlm_wb.h

+5 −2
Original line number Diff line number Diff line
@@ -27,8 +27,11 @@ 
#if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \

    defined(NTLM_WB_ENABLED)



/* this is for creating ntlm header output by delegating challenge/response

   to Samba's winbind daemon helper ntlm_auth */

/* this is for ntlm header input */

CURLcode Curl_input_ntlm_wb(struct connectdata *conn, bool proxy,

                            const char *header);



/* this is for creating ntlm header output */

CURLcode Curl_output_ntlm_wb(struct connectdata *conn, bool proxy);



void Curl_http_auth_cleanup_ntlm_wb(struct connectdata *conn);

lib/http.c

+4 −13
Original line number Diff line number Diff line
@@ -919,19 +919,10 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, 
                *availp |= CURLAUTH_NTLM_WB;

                authp->avail |= CURLAUTH_NTLM_WB;



                /* Get the challenge-message which will be passed to

                 * ntlm_auth for generating the type 3 message later */

                while(*auth && ISSPACE(*auth))

                  auth++;

                if(checkprefix("NTLM", auth)) {

                  auth += strlen("NTLM");

                  while(*auth && ISSPACE(*auth))

                    auth++;

                  if(*auth) {

                    conn->challenge_header = strdup(auth);

                    if(!conn->challenge_header)

                      return CURLE_OUT_OF_MEMORY;

                  }

                result = Curl_input_ntlm_wb(conn, proxy, auth);

                if(result) {

                  infof(data, "Authentication problem. Ignoring this.\n");

                  data->state.authproblem = TRUE;

                }

              }

#endif