http_digest: Reworked the SSPI based input token storage

Reworked the input token (challenge message) storage as what is passed
to the buf and desc in the response generation are typically blobs of
data rather than strings, so this is more in keeping with other areas
of the SSPI code, such as the NTLM message functions.

diff --git a/lib/curl_sasl_sspi.c b/lib/curl_sasl_sspi.c
index ec3f2ca8cba279da76b25d1bde72cc00d6852b06..45aca8ac49a19a297aa794595984aeefb34e7767 100644 (file)
--- a/lib/curl_sasl_sspi.c
+++ b/lib/curl_sasl_sspi.c
@@ -37,6 +37,7 @@
 #include "warnless.h"
 #include "curl_memory.h"
 #include "curl_multibyte.h"
+#include "strdup.h"
 
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -288,14 +289,18 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
 CURLcode Curl_sasl_decode_digest_http_message(const char *chlg,
                                               struct digestdata *digest)
 {
+  size_t chlglen = strlen(chlg);
+
   /* Clean up any former leftovers and initialise to defaults */
   Curl_sasl_digest_cleanup(digest);
 
   /* Simply store the challenge for use later */
-  digest->input_token = (BYTE *) strdup(chlg);
+  digest->input_token = (BYTE *) Curl_memdup(chlg, chlglen);
   if(!digest->input_token)
     return CURLE_OUT_OF_MEMORY;
 
+  digest->input_token_len = chlglen;
+
   return CURLE_OK;
 }
 
@@ -392,8 +397,7 @@ CURLcode Curl_sasl_create_digest_http_message(struct SessionHandle *data,
   chlg_desc.pBuffers     = chlg_buf;
   chlg_buf[0].BufferType = SECBUFFER_TOKEN;
   chlg_buf[0].pvBuffer   = digest->input_token;
-  chlg_buf[0].cbBuffer   = curlx_uztoul(strlen((const char *)
-                                                digest->input_token));
+  chlg_buf[0].cbBuffer   = curlx_uztoul(digest->input_token_len);
   chlg_buf[1].BufferType = SECBUFFER_PKG_PARAMS;
   chlg_buf[1].pvBuffer   = (void *)request;
   chlg_buf[1].cbBuffer   = curlx_uztoul(strlen((const char *) request));
@@ -472,6 +476,9 @@ void Curl_sasl_digest_cleanup(struct digestdata *digest)
 {
   /* Free the input token */
   Curl_safefree(digest->input_token);
+
+  /* Reset any variables */
+  digest->input_token_len = 0;
 }
 #endif /* !CURL_DISABLE_CRYPTO_AUTH */
 

diff --git a/lib/urldata.h b/lib/urldata.h
index f0f903844ca024ad1f4cf7b0e8f671a203fa9d8a..6238f6204869d45e737bcf5eb423eb0378cfa6a3 100644 (file)
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -393,6 +393,7 @@ struct curl_ssl_session {
 struct digestdata {
 #if defined(USE_WINDOWS_SSPI)
   BYTE *input_token;
+  size_t input_token_len;
 #else
   char *nonce;
   char *cnonce;