romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-04-14 22:31:41 +03:00
Code Issues Projects Releases Packages Wiki Activity

vauth: factor base64 conversions out of authentication procedures

Browse source 
Input challenges and returned messages are now in binary.
Conversions from/to base64 are performed by callers (currently curl_sasl.c
and http_ntlm.c).

Closes #6654
This commit is contained in:
Patrick Monnerat 2021-03-17 20:09:55 +01:00 committed by Daniel Stenberg
parent 34cf40321c
commit 19ea52da4d
No known key found for this signature in database
GPG key ID: 5CC908FDB71E12C2
13 changed files with 438 additions and 712 deletions
Download patch file Download diff file Expand all files Collapse all files

86
lib/http_ntlm.c
View file

@ -39,6 +39,7 @@
#include "http_ntlm.h"
#include "curl_ntlm_core.h"
#include "curl_ntlm_wb.h"
#include "curl_base64.h"
#include "vauth/vauth.h"
#include "url.h"
@ -80,7 +81,18 @@ CURLcode Curl_input_ntlm(struct Curl_easy *data,
header++;
if(*header) {
result = Curl_auth_decode_ntlm_type2_message(data, header, ntlm);
unsigned char *hdr;
size_t hdrlen;
result = Curl_base64_decode(header, &hdr, &hdrlen);
if(!result) {
struct bufref hdrbuf;
Curl_bufref_init(&hdrbuf);
Curl_bufref_set(&hdrbuf, hdr, hdrlen, curl_free);
result = Curl_auth_decode_ntlm_type2_message(data, &hdrbuf, ntlm);
Curl_bufref_free(&hdrbuf);
}
if(result)
return result;
@ -116,7 +128,8 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
{
char *base64 = NULL;
size_t len = 0;
CURLcode result;
CURLcode result = CURLE_OK;
struct bufref ntlmmsg;
/* point to the address of the pointer that holds the string to send to the
server, which is for a plain host or for a HTTP proxy */
@ -184,50 +197,52 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
#endif
#endif
Curl_bufref_init(&ntlmmsg);
switch(*state) {
case NTLMSTATE_TYPE1:
default: /* for the weird cases we (re)start here */
/* Create a type-1 message */
result = Curl_auth_create_ntlm_type1_message(data, userp, passwdp,
service, hostname,
ntlm, &base64,
&len);
if(result)
return result;
if(base64) {
free(*allocuserpwd);
*allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n",
proxy ? "Proxy-" : "",
base64);
free(base64);
if(!*allocuserpwd)
return CURLE_OUT_OF_MEMORY;
DEBUG_OUT(fprintf(stderr, "**** Header %s\n ", *allocuserpwd));
ntlm, &ntlmmsg);
if(!result) {
DEBUGASSERT(Curl_bufref_len(&ntlmmsg) != 0);
result = Curl_base64_encode(data,
(const char *) Curl_bufref_ptr(&ntlmmsg),
Curl_bufref_len(&ntlmmsg), &base64, &len);
if(!result) {
free(*allocuserpwd);
*allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n",
proxy ? "Proxy-" : "",
base64);
free(base64);
if(!*allocuserpwd)
result = CURLE_OUT_OF_MEMORY;
}
}
break;
case NTLMSTATE_TYPE2:
/* We already received the type-2 message, create a type-3 message */
result = Curl_auth_create_ntlm_type3_message(data, userp, passwdp,
ntlm, &base64, &len);
if(result)
return result;
if(base64) {
free(*allocuserpwd);
*allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n",
proxy ? "Proxy-" : "",
base64);
free(base64);
if(!*allocuserpwd)
return CURLE_OUT_OF_MEMORY;
DEBUG_OUT(fprintf(stderr, "**** %s\n ", *allocuserpwd));
*state = NTLMSTATE_TYPE3; /* we send a type-3 */
authp->done = TRUE;
ntlm, &ntlmmsg);
if(!result && Curl_bufref_len(&ntlmmsg)) {
result = Curl_base64_encode(data,
(const char *) Curl_bufref_ptr(&ntlmmsg),
Curl_bufref_len(&ntlmmsg), &base64, &len);
if(!result) {
free(*allocuserpwd);
*allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n",
proxy ? "Proxy-" : "",
base64);
free(base64);
if(!*allocuserpwd)
result = CURLE_OUT_OF_MEMORY;
else {
*state = NTLMSTATE_TYPE3; /* we send a type-3 */
authp->done = TRUE;
}
}
}
break;
@ -241,8 +256,9 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
authp->done = TRUE;
break;
}
Curl_bufref_free(&ntlmmsg);
return CURLE_OK;
return result;
}
void Curl_http_auth_cleanup_ntlm(struct connectdata *conn)