Am Sonntag, 14. Juli 2013, 00:47:48 schrieb Giuseppe Scrivano: > Darshit Shah <dar...@gmail.com> writes: > >> Do you know a test HTTP server that supports auth-int ? > >> If yes, we could try to implement it. > >> > >> In the Test Suite I am currently writing, I had the server to simply send > > > > a qop=auth-int without really supporting it to see how Wget responds. > > I can implement auth-int support in that server too if we have any > > intentions of adding support to Wget. > > > >> You are right: > >> At the moment any other qop value than 'auth' or missing qop return > >> throws > >> out > >> > >> logprintf (LOG_NOTQUIET, _("Unsupported quality of protection > >> > >> '%s'.\n"), > >> qop); > >> and returns NULL, wich in turn just removes the Authenticate header but > >> doesn't stop the GET request (in gethttp()). > >> > >> If we want that, digest_authentication_encode() would need to return a > >> status/error code. > >> > >> Yes. A way to exit out of the loop instantly. > > > > But this issue should not stop Guiseppe's patch. > > > >> His patch is already pushed. > > I think we can address this issue separately. It is a nice optimization > to have but I wouldn't consider it as a blocking bug for the release.
Darshit, could you please test this patch ? ####### diff --git a/src/http.c b/src/http.c index 669f0fe..d50f20e 100644 --- a/src/http.c +++ b/src/http.c @@ -2379,28 +2379,38 @@ read_header: else if (!basic_auth_finished || !BEGINS_WITH (www_authenticate, "Basic")) { - char *pth; - pth = url_full_path (u); - request_set_header (req, "Authorization", - create_authorization_line (www_authenticate, - user, passwd, - request_method (req), - pth, - &auth_finished), - rel_value); - if (BEGINS_WITH (www_authenticate, "NTLM")) - ntlm_seen = true; - else if (!u->user && BEGINS_WITH (www_authenticate, "Basic")) + char *pth = url_full_path (u); + const char *value; + + value = create_authorization_line (www_authenticate, + user, passwd, + request_method (req), + pth, + &auth_finished); + + if (value) + { + request_set_header (req, "Authorization", value, rel_value); + + if (BEGINS_WITH (www_authenticate, "NTLM")) + ntlm_seen = true; + else if (!u->user && BEGINS_WITH (www_authenticate, "Basic")) + { + /* Need to register this host as using basic auth, + * so we automatically send creds next time. */ + register_basic_auth_host (u->host); + } + + xfree (pth); + xfree_null (message); + resp_free (resp); + xfree (head); + goto retry_with_auth; + } + else { - /* Need to register this host as using basic auth, - * so we automatically send creds next time. */ - register_basic_auth_host (u->host); + /* Creating the Authorization header went wrong */ } - xfree (pth); - xfree_null (message); - resp_free (resp); - xfree (head); - goto retry_with_auth; } else { #######
signature.asc
Description: This is a digitally signed message part.