romenskiy2012/curl
1
0
Fork 0
mirror of https://github.com/curl/curl.git synced 2026-05-17 02:26:21 +03:00
Code Issues Projects Releases Packages Wiki Activity
curl/lib/http_digest.c
Daniel Stenberg 37b2403f48
lib: drop support for CURLAUTH_DIGEST_IE 
This bit was used to do Digest authentication like Internet Explorer
before version 7 (released on October 18, 2006). Presumably no one uses
this anymore and since it is hard to use and does broken auth, starting
in 8.21.0 this bit does nothing (except setting the actual Digest bit).

Closes #21486
2026-05-11 13:43:47 +02:00

149 lines
4.1 KiB
C
Raw Blame History

/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at https://curl.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
* SPDX-License-Identifier: curl
*
***************************************************************************/
#include "curl_setup.h"
#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_DIGEST_AUTH)
#include "urldata.h"
#include "strcase.h"
#include "vauth/vauth.h"
#include "http_digest.h"
#include "curlx/strparse.h"
/* Test example headers:
WWW-Authenticate: Digest realm="testrealm", nonce="1053604598"
Proxy-Authenticate: Digest realm="testrealm", nonce="1053604598"
*/
CURLcode Curl_input_digest(struct Curl_easy *data,
bool proxy,
const char *header) /* rest of the *-authenticate:
header */
{
/* Point to the correct struct with this */
struct digestdata *digest;
if(proxy) {
digest = &data->state.proxydigest;
}
else {
digest = &data->state.digest;
}
if(!checkprefix("Digest", header) || !ISBLANK(header[6]))
return CURLE_BAD_CONTENT_ENCODING;
header += strlen("Digest");
curlx_str_passblanks(&header);
return Curl_auth_decode_digest_http_message(header, digest);
}
CURLcode Curl_output_digest(struct Curl_easy *data,
bool proxy,
const unsigned char *request,
const unsigned char *uripath)
{
CURLcode result;
char *response;
size_t len;
bool have_chlg;
/* Point to the address of the pointer that holds the string to send to the
server, which is for a plain host or for an HTTP proxy */
char **allocuserpwd;
/* Point to the name and password for this */
const char *userp;
const char *passwdp;
/* Point to the correct struct with this */
struct digestdata *digest;
struct auth *authp;
if(proxy) {
#ifdef CURL_DISABLE_PROXY
return CURLE_NOT_BUILT_IN;
#else
digest = &data->state.proxydigest;
allocuserpwd = &data->req.hd_proxy_auth;
userp = data->state.aptr.proxyuser;
passwdp = data->state.aptr.proxypasswd;
authp = &data->state.authproxy;
#endif
}
else {
digest = &data->state.digest;
allocuserpwd = &data->req.hd_auth;
userp = data->state.aptr.user;
passwdp = data->state.aptr.passwd;
authp = &data->state.authhost;
}
curlx_safefree(*allocuserpwd);
/* not set means empty */
if(!userp)
userp = "";
if(!passwdp)
passwdp = "";
#ifdef USE_WINDOWS_SSPI
have_chlg = !!digest->input_token;
#else
have_chlg = !!digest->nonce;
#endif
if(!have_chlg) {
authp->done = FALSE;
return CURLE_OK;
}
result = Curl_auth_create_digest_http_message(data, userp, passwdp,
request, uripath, digest,
&response, &len);
if(result)
return result;
*allocuserpwd = curl_maprintf("%sAuthorization: Digest %s\r\n",
proxy ? "Proxy-" : "", response);
curlx_free(response);
if(!*allocuserpwd)
return CURLE_OUT_OF_MEMORY;
authp->done = TRUE;
return CURLE_OK;
}
void Curl_http_auth_cleanup_digest(struct Curl_easy *data)
{
Curl_auth_digest_cleanup(&data->state.digest);
Curl_auth_digest_cleanup(&data->state.proxydigest);
}
#endif
Reference in a new issue View git blame Copy permalink