The HTTP code did not use a case-insensitive comparison when

checking for the Basic authentication method (STR #407)

The httpEncode() function always added a trailing "=" character,
which is not required by the Base64 encoding specification (STR
#407)

git-svn-id: svn+ssh://src.apple.com/svn/cups/cups.org/trunk@4013 7a7537e8-13f0-0310-91df-b6672ffda945

diff --git a/CHANGES.txt b/CHANGES.txt
index e5cbba4fcad55d7461c29e7c2c32012a976461f4..cd5424018c95ba0971baeb8e62463421dc49a190 100644 (file)
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -3,6 +3,12 @@ CHANGES.txt - 11/19/2003
 
 CHANGES IN CUPS V1.1.20
 
+       - The HTTP code did not use a case-insensitive
+         comparison when checking for the Basic authentication
+         method (STR #407)
+       - The httpEncode() function always added a trailing "="
+         character, which is not required by the Base64
+         encoding specification (STR #407)
        - The signal handlers did not need to call sigset();
          this caused a recursion problem on some versions of
          IRIX (STR #422)

diff --git a/cups/auth.c b/cups/auth.c
index 1f8cb8d3fff75c02b0df0c3f2a6476361ddab2c8..0ade3cdc859ed7a8a6cef1b650a695d1d45b9207 100644 (file)
--- a/cups/auth.c
+++ b/cups/auth.c
@@ -1,5 +1,5 @@
 /*
- * "$Id: auth.c,v 1.2 2003/10/16 19:13:41 mike Exp $"
+ * "$Id: auth.c,v 1.3 2003/11/19 18:05:55 mike Exp $"
  *
  *   Authentication functions for the Common UNIX Printing System (CUPS).
  *
@@ -92,7 +92,7 @@ cupsDoAuthentication(http_t     *http,        /* I - HTTP connection to server */
   * Nope, see if we should retry the current digest password...
   */
 
-  if (strncmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Basic", 5) == 0 ||
+  if (strncasecmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Basic", 5) == 0 ||
       http->digest_tries > 1 || !http->userpass[0])
   {
    /*
@@ -121,7 +121,7 @@ cupsDoAuthentication(http_t     *http,      /* I - HTTP connection to server */
   * Got a password; encode it for the server...
   */
 
-  if (strncmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Basic", 5) == 0)
+  if (strncasecmp(http->fields[HTTP_FIELD_WWW_AUTHENTICATE], "Basic", 5) == 0)
   {
    /*
     * Basic authentication...
@@ -234,5 +234,5 @@ cups_local_auth(http_t *http)               /* I - HTTP connection to server */
 
 
 /*
- * End of "$Id: auth.c,v 1.2 2003/10/16 19:13:41 mike Exp $".
+ * End of "$Id: auth.c,v 1.3 2003/11/19 18:05:55 mike Exp $".
  */

diff --git a/cups/http.c b/cups/http.c
index 403f20046935ed39b84f0cf837a9fcc8cc35a06e..bdf6966d0fa122b224716774989e43648d9561a6 100644 (file)
--- a/cups/http.c
+++ b/cups/http.c
@@ -1,5 +1,5 @@
 /*
- * "$Id: http.c,v 1.126 2003/11/05 18:13:56 mike Exp $"
+ * "$Id: http.c,v 1.127 2003/11/19 18:05:55 mike Exp $"
  *
  *   HTTP routines for the Common UNIX Printing System (CUPS).
  *
@@ -1775,6 +1775,7 @@ httpEncode64(char       *out,     /* I - String to write to */
     in ++;
     if (*in == '\0')
     {
+      *outptr ++ = '=';
       *outptr ++ = '=';
       break;
     }
@@ -1783,12 +1784,14 @@ httpEncode64(char       *out,   /* I - String to write to */
 
     in ++;
     if (*in == '\0')
+    {
+      *outptr ++ = '=';
       break;
+    }
 
     *outptr ++ = base64[in[0] & 63];
   }
 
-  *outptr ++ = '=';
   *outptr = '\0';
 
  /*
@@ -2417,5 +2420,5 @@ CDSAWriteFunc(SSLConnectionRef connection,        /* I  - SSL/TLS connection */
 
 
 /*
- * End of "$Id: http.c,v 1.126 2003/11/05 18:13:56 mike Exp $".
+ * End of "$Id: http.c,v 1.127 2003/11/19 18:05:55 mike Exp $".
  */