From fe20826b580aa221f8f796cba236d08dc0fd80fd Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Wed, 15 May 2019 16:10:56 +0100 Subject: [PATCH] http_ntlm_wb: Move the type-2 message processing into a dedicated function This brings the code inline with the other HTTP authentication mechanisms. Closes #3890 --- lib/curl_ntlm_wb.c | 26 ++++++++++++++++++++++++++ lib/curl_ntlm_wb.h | 7 +++++-- lib/http.c | 17 ++++------------- 3 files changed, 35 insertions(+), 15 deletions(-) diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c index 865f1396b..2400ff091 100644 --- a/lib/curl_ntlm_wb.c +++ b/lib/curl_ntlm_wb.c @@ -53,6 +53,8 @@ #include "url.h" #include "strerror.h" #include "strdup.h" +#include "strcase.h" + /* The last 3 #include files should be in this order */ #include "curl_printf.h" #include "curl_memory.h" @@ -333,6 +335,30 @@ done: return CURLE_REMOTE_ACCESS_DENIED; } +CURLcode Curl_input_ntlm_wb(struct connectdata *conn, + bool proxy, + const char *header) +{ + (void) proxy; + + if(!checkprefix("NTLM", header)) + return CURLE_BAD_CONTENT_ENCODING; + + header += strlen("NTLM"); + while(*header && ISSPACE(*header)) + header++; + + if(*header) { + conn->challenge_header = strdup(header); + if(!conn->challenge_header) + return CURLE_OUT_OF_MEMORY; + } + else + return CURLE_BAD_CONTENT_ENCODING; + + return CURLE_OK; +} + /* * This is for creating ntlm header output by delegating challenge/response * to Samba's winbind daemon helper ntlm_auth. diff --git a/lib/curl_ntlm_wb.h b/lib/curl_ntlm_wb.h index 919e9636a..3cf841cf2 100644 --- a/lib/curl_ntlm_wb.h +++ b/lib/curl_ntlm_wb.h @@ -27,8 +27,11 @@ #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \ defined(NTLM_WB_ENABLED) -/* this is for creating ntlm header output by delegating challenge/response - to Samba's winbind daemon helper ntlm_auth */ +/* this is for ntlm header input */ +CURLcode Curl_input_ntlm_wb(struct connectdata *conn, bool proxy, + const char *header); + +/* this is for creating ntlm header output */ CURLcode Curl_output_ntlm_wb(struct connectdata *conn, bool proxy); void Curl_http_auth_cleanup_ntlm_wb(struct connectdata *conn); diff --git a/lib/http.c b/lib/http.c index 222f7f53d..68259f817 100644 --- a/lib/http.c +++ b/lib/http.c @@ -919,19 +919,10 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy, *availp |= CURLAUTH_NTLM_WB; authp->avail |= CURLAUTH_NTLM_WB; - /* Get the challenge-message which will be passed to - * ntlm_auth for generating the type 3 message later */ - while(*auth && ISSPACE(*auth)) - auth++; - if(checkprefix("NTLM", auth)) { - auth += strlen("NTLM"); - while(*auth && ISSPACE(*auth)) - auth++; - if(*auth) { - conn->challenge_header = strdup(auth); - if(!conn->challenge_header) - return CURLE_OUT_OF_MEMORY; - } + result = Curl_input_ntlm_wb(conn, proxy, auth); + if(result) { + infof(data, "Authentication problem. Ignoring this.\n"); + data->state.authproblem = TRUE; } } #endif -- 2.40.0