From: hno <> Date: Mon, 7 Nov 2005 05:50:25 +0000 (+0000) Subject: Cleanup of stateful auth schemes X-Git-Tag: SQUID_3_0_PRE4~536 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c9c40182fb96a7c13623722915a4f8d4e87de12b;p=thirdparty%2Fsquid.git Cleanup of stateful auth schemes --- diff --git a/src/auth/negotiate/auth_negotiate.cc b/src/auth/negotiate/auth_negotiate.cc index c67d800880..571fe0d6d6 100644 --- a/src/auth/negotiate/auth_negotiate.cc +++ b/src/auth/negotiate/auth_negotiate.cc @@ -1,6 +1,6 @@ /* - * $Id: auth_negotiate.cc,v 1.5 2005/11/06 21:50:14 hno Exp $ + * $Id: auth_negotiate.cc,v 1.6 2005/11/06 22:50:25 hno Exp $ * * DEBUG: section 29 Negotiate Authenticator * AUTHOR: Robert Collins, Henrik Nordstrom, Francesco Chemolli @@ -396,7 +396,7 @@ authenticateNegotiateHandleReply(void *data, void *lastserver, char *reply) if (!reply) { debug(29, 1) ("authenticateNegotiateHandleReply: Helper '%p' crashed!.\n", lastserver); - reply = "BH Internal error"; + reply = (char *)"BH Internal error"; } auth_user_request = r->auth_user_request; @@ -420,12 +420,14 @@ authenticateNegotiateHandleReply(void *data, void *lastserver, char *reply) /* seperate out the useful data */ blob = strchr(reply, ' '); - while (blob && xisspace(*blob)) { // trim leading spaces in blob + if (blob) { blob++; arg = strchr(blob + 1, ' '); + } else { + arg = NULL; } - if (strncasecmp(reply, "TT ", 3) == 0 && blob != NULL) { + if (strncasecmp(reply, "TT ", 3) == 0) { /* we have been given a blob to send to the client */ if (arg) @@ -442,7 +444,7 @@ authenticateNegotiateHandleReply(void *data, void *lastserver, char *reply) debug(29, 4) ("authenticateNegotiateHandleReply: Need to challenge the client with a server blob '%s'\n", blob); result = S_HELPER_RESERVE; - } else if (strncasecmp(reply, "AF ", 3) == 0 && blob != NULL) { + } else if (strncasecmp(reply, "AF ", 3) == 0 && arg != NULL) { /* we're finished, release the helper */ if (arg) @@ -463,7 +465,7 @@ authenticateNegotiateHandleReply(void *data, void *lastserver, char *reply) result = S_HELPER_RELEASE; debug(29, 4) ("authenticateNegotiateHandleReply: Successfully validated user via NEGOTIATE. Username '%s'\n", blob); - } else if (strncasecmp(reply, "NA ", 3) == 0 && blob != NULL) { + } else if (strncasecmp(reply, "NA ", 3) == 0 && arg != NULL) { /* authentication failure (wrong password, etc.) */ if (arg) @@ -674,9 +676,16 @@ AuthNegotiateUserRequest::authenticate(HttpRequest * request, ConnStateData::Poi /* get header */ proxy_auth = httpHeaderGetStr(&request->header, type); - blob = proxy_auth + strlen("Negotiate"); + /* locate second word */ + blob = proxy_auth; + + while (xisspace(*blob) && *blob) + blob++; + + while (!xisspace(*blob) && *blob) + blob++; - while (xisspace(*blob)) // trim leading spaces in blob + while (xisspace(*blob) && *blob) blob++; switch (auth_state) { diff --git a/src/auth/ntlm/auth_ntlm.cc b/src/auth/ntlm/auth_ntlm.cc index 4254152609..e39895cd1f 100644 --- a/src/auth/ntlm/auth_ntlm.cc +++ b/src/auth/ntlm/auth_ntlm.cc @@ -1,6 +1,6 @@ /* - * $Id: auth_ntlm.cc,v 1.53 2005/11/06 21:50:14 hno Exp $ + * $Id: auth_ntlm.cc,v 1.54 2005/11/06 22:50:25 hno Exp $ * * DEBUG: section 29 NTLM Authenticator * AUTHOR: Robert Collins, Henrik Nordstrom, Francesco Chemolli @@ -364,7 +364,7 @@ authenticateNTLMHandleReply(void *data, void *lastserver, char *reply) if (!reply) { debug(29, 1) ("authenticateNTLMHandleReply: Helper '%p' crashed!.\n", lastserver); - reply = "BH Internal error"; + reply = (char *)"BH Internal error"; } auth_user_request = r->auth_user_request; @@ -388,11 +388,10 @@ authenticateNTLMHandleReply(void *data, void *lastserver, char *reply) /* seperate out the useful data */ blob = strchr(reply, ' '); - while (blob && xisspace(*blob)) { // trim leading spaces in blob + if (blob) blob++; - } - if (strncasecmp(reply, "TT ", 3) == 0 && blob != NULL) { + if (strncasecmp(reply, "TT ", 3) == 0) { /* we have been given a blob to send to the client */ safe_free(ntlm_request->server_blob); ntlm_request->server_blob = xstrdup(blob); @@ -400,7 +399,7 @@ authenticateNTLMHandleReply(void *data, void *lastserver, char *reply) auth_user_request->denyMessage("Authenication in progress"); debug(29, 4) ("authenticateNTLMHandleReply: Need to challenge the client with a server blob '%s'\n", blob); result = S_HELPER_RESERVE; - } else if (strncasecmp(reply, "AF ", 3) == 0 && blob != NULL) { + } else if (strncasecmp(reply, "AF ", 3) == 0) { /* we're finished, release the helper */ ntlm_user->username(blob); auth_user_request->denyMessage("Login successful"); @@ -410,7 +409,7 @@ authenticateNTLMHandleReply(void *data, void *lastserver, char *reply) result = S_HELPER_RELEASE; debug(29, 4) ("authenticateNTLMHandleReply: Successfully validated user via NTLM. Username '%s'\n", blob); - } else if (strncasecmp(reply, "NA ", 3) == 0 && blob != NULL) { + } else if (strncasecmp(reply, "NA ", 3) == 0) { /* authentication failure (wrong password, etc.) */ auth_user_request->denyMessage(blob); ntlm_request->auth_state = AUTHENTICATE_STATE_FAILED; @@ -610,9 +609,16 @@ AuthNTLMUserRequest::authenticate(HttpRequest * request, ConnStateData::Pointer /* get header */ proxy_auth = httpHeaderGetStr(&request->header, type); - blob = proxy_auth + strlen("NTLM"); + /* locate second word */ + blob = proxy_auth; + + while (xisspace(*blob) && *blob) + blob++; + + while (!xisspace(*blob) && *blob) + blob++; - while (xisspace(*blob)) // trim leading spaces in blob + while (xisspace(*blob) && *blob) blob++; switch (auth_state) {