Am Sonntag, 14. Juli 2013, 00:47:48 schrieb Giuseppe Scrivano: > Darshit Shah <[email protected]> writes: > >> Do you know a test HTTP server that supports auth-int ? > >> If yes, we could try to implement it. > >> > >> In the Test Suite I am currently writing, I had the server to simply send > > > > a qop=auth-int without really supporting it to see how Wget responds. > > I can implement auth-int support in that server too if we have any > > intentions of adding support to Wget. > > > >> You are right: > >> At the moment any other qop value than 'auth' or missing qop return > >> throws > >> out > >> > >> logprintf (LOG_NOTQUIET, _("Unsupported quality of protection > >> > >> '%s'.\n"), > >> qop); > >> and returns NULL, wich in turn just removes the Authenticate header but > >> doesn't stop the GET request (in gethttp()). > >> > >> If we want that, digest_authentication_encode() would need to return a > >> status/error code. > >> > >> Yes. A way to exit out of the loop instantly. > > > > But this issue should not stop Guiseppe's patch. > > > >> His patch is already pushed. > > I think we can address this issue separately. It is a nice optimization > to have but I wouldn't consider it as a blocking bug for the release.
Darshit, could you please test this patch ?
#######
diff --git a/src/http.c b/src/http.c
index 669f0fe..d50f20e 100644
--- a/src/http.c
+++ b/src/http.c
@@ -2379,28 +2379,38 @@ read_header:
else if (!basic_auth_finished
|| !BEGINS_WITH (www_authenticate, "Basic"))
{
- char *pth;
- pth = url_full_path (u);
- request_set_header (req, "Authorization",
- create_authorization_line
(www_authenticate,
- user, passwd,
- request_method
(req),
- pth,
- &auth_finished),
- rel_value);
- if (BEGINS_WITH (www_authenticate, "NTLM"))
- ntlm_seen = true;
- else if (!u->user && BEGINS_WITH (www_authenticate, "Basic"))
+ char *pth = url_full_path (u);
+ const char *value;
+
+ value = create_authorization_line (www_authenticate,
+ user, passwd,
+ request_method (req),
+ pth,
+ &auth_finished);
+
+ if (value)
+ {
+ request_set_header (req, "Authorization", value,
rel_value);
+
+ if (BEGINS_WITH (www_authenticate, "NTLM"))
+ ntlm_seen = true;
+ else if (!u->user && BEGINS_WITH (www_authenticate,
"Basic"))
+ {
+ /* Need to register this host as using basic auth,
+ * so we automatically send creds next time. */
+ register_basic_auth_host (u->host);
+ }
+
+ xfree (pth);
+ xfree_null (message);
+ resp_free (resp);
+ xfree (head);
+ goto retry_with_auth;
+ }
+ else
{
- /* Need to register this host as using basic auth,
- * so we automatically send creds next time. */
- register_basic_auth_host (u->host);
+ /* Creating the Authorization header went wrong */
}
- xfree (pth);
- xfree_null (message);
- resp_free (resp);
- xfree (head);
- goto retry_with_auth;
}
else
{
#######
signature.asc
Description: This is a digitally signed message part.
