Am Sonntag, 14. Juli 2013, 00:47:48 schrieb Giuseppe Scrivano:
> Darshit Shah <dar...@gmail.com> writes:
> >> Do you know a test HTTP server that supports auth-int ?
> >> If yes, we could try to implement it.
> >>
> >> In the Test Suite I am currently writing, I had the server to simply send
> >
> > a qop=auth-int without really supporting it to see how Wget responds.
> > I can implement auth-int support in that server too if we have any
> > intentions of adding support to Wget.
> >
> >> You are right:
> >> At the moment any other qop value than 'auth' or missing qop return
> >> throws
> >> out
> >>
> >> logprintf (LOG_NOTQUIET, _("Unsupported quality of protection
> >>
> >> '%s'.\n"),
> >> qop);
> >> and returns NULL, wich in turn just removes the Authenticate header but
> >> doesn't stop the GET request (in gethttp()).
> >>
> >> If we want that, digest_authentication_encode() would need to return a
> >> status/error code.
> >>
> >> Yes. A way to exit out of the loop instantly.
> >
> > But this issue should not stop Guiseppe's patch.
> >
> >> His patch is already pushed.
>
> I think we can address this issue separately. It is a nice optimization
> to have but I wouldn't consider it as a blocking bug for the release.
Darshit, could you please test this patch ?
#######
diff --git a/src/http.c b/src/http.c
index 669f0fe..d50f20e 100644
--- a/src/http.c
+++ b/src/http.c
@@ -2379,28 +2379,38 @@ read_header:
else if (!basic_auth_finished
|| !BEGINS_WITH (www_authenticate, "Basic"))
{
- char *pth;
- pth = url_full_path (u);
- request_set_header (req, "Authorization",
- create_authorization_line
(www_authenticate,
- user, passwd,
- request_method
(req),
- pth,
- &auth_finished),
- rel_value);
- if (BEGINS_WITH (www_authenticate, "NTLM"))
- ntlm_seen = true;
- else if (!u->user && BEGINS_WITH (www_authenticate, "Basic"))
+ char *pth = url_full_path (u);
+ const char *value;
+
+ value = create_authorization_line (www_authenticate,
+ user, passwd,
+ request_method (req),
+ pth,
+ &auth_finished);
+
+ if (value)
+ {
+ request_set_header (req, "Authorization", value,
rel_value);
+
+ if (BEGINS_WITH (www_authenticate, "NTLM"))
+ ntlm_seen = true;
+ else if (!u->user && BEGINS_WITH (www_authenticate,
"Basic"))
+ {
+ /* Need to register this host as using basic auth,
+ * so we automatically send creds next time. */
+ register_basic_auth_host (u->host);
+ }
+
+ xfree (pth);
+ xfree_null (message);
+ resp_free (resp);
+ xfree (head);
+ goto retry_with_auth;
+ }
+ else
{
- /* Need to register this host as using basic auth,
- * so we automatically send creds next time. */
- register_basic_auth_host (u->host);
+ /* Creating the Authorization header went wrong */
}
- xfree (pth);
- xfree_null (message);
- resp_free (resp);
- xfree (head);
- goto retry_with_auth;
}
else
{
#######
signature.asc
Description: This is a digitally signed message part.
