/*
- * "$Id$"
- *
* Get/put file functions for CUPS.
*
- * Copyright 2007-2014 by Apple Inc.
+ * Copyright 2007-2018 by Apple Inc.
* Copyright 1997-2006 by Easy Software Products.
*
- * These coded instructions, statements, and computer programs are the
- * property of Apple Inc. and are protected by Federal copyright
- * law. Distribution and use rights are outlined in the file "LICENSE.txt"
- * which should have been included with this file. If this file is
- * file is missing or damaged, see the license at "http://www.cups.org/".
- *
- * This file is subject to the Apple OS-Developed Software exception.
+ * Licensed under Apache License v2.0. See the file "LICENSE" for more
+ * information.
*/
/*
*/
#include "cups-private.h"
+#include "debug-internal.h"
#include <fcntl.h>
#include <sys/stat.h>
-#if defined(WIN32) || defined(__EMX__)
+#if defined(_WIN32) || defined(__EMX__)
# include <io.h>
#else
# include <unistd.h>
-#endif /* WIN32 || __EMX__ */
+#endif /* _WIN32 || __EMX__ */
/*
*
* This function returns @code HTTP_STATUS_OK@ when the file is successfully retrieved.
*
- * @since CUPS 1.1.20/OS X 10.4@
+ * @since CUPS 1.1.20/macOS 10.4@
*/
http_status_t /* O - HTTP status */
http_status_t status; /* HTTP status from server */
char if_modified_since[HTTP_MAX_VALUE];
/* If-Modified-Since header */
+ int new_auth = 0; /* Using new auth information? */
+ int digest; /* Are we using Digest authentication? */
/*
* Range check input...
*/
- DEBUG_printf(("cupsGetFd(http=%p, resource=\"%s\", fd=%d)", http,
- resource, fd));
+ DEBUG_printf(("cupsGetFd(http=%p, resource=\"%s\", fd=%d)", (void *)http, resource, fd));
if (!resource || fd < 0)
{
}
httpClearFields(http);
- httpSetField(http, HTTP_FIELD_AUTHORIZATION, http->authstring);
httpSetField(http, HTTP_FIELD_IF_MODIFIED_SINCE, if_modified_since);
+ digest = http->authstring && !strncmp(http->authstring, "Digest ", 7);
+
+ if (digest && !new_auth)
+ {
+ /*
+ * Update the Digest authentication string...
+ */
+
+ _httpSetDigestAuthString(http, http->nextnonce, "GET", resource);
+ }
+
+#ifdef HAVE_GSSAPI
+ if (http->authstring && !strncmp(http->authstring, "Negotiate", 9) && !new_auth)
+ {
+ /*
+ * Do not use cached Kerberos credentials since they will look like a
+ * "replay" attack...
+ */
+
+ _cupsSetNegotiateAuthString(http, "GET", resource);
+ }
+#endif /* HAVE_GSSAPI */
+
+ httpSetField(http, HTTP_FIELD_AUTHORIZATION, http->authstring);
+
if (httpGet(http, resource))
{
if (httpReconnect2(http, 30000, NULL))
}
}
+ new_auth = 0;
+
while ((status = httpUpdate(http)) == HTTP_STATUS_CONTINUE);
if (status == HTTP_STATUS_UNAUTHORIZED)
* See if we can do authentication...
*/
+ new_auth = 1;
+
if (cupsDoAuthentication(http, "GET", resource))
{
status = HTTP_STATUS_CUPS_AUTHORIZATION_CANCELED;
*
* This function returns @code HTTP_STATUS_OK@ when the file is successfully retrieved.
*
- * @since CUPS 1.1.20/OS X 10.4@
+ * @since CUPS 1.1.20/macOS 10.4@
*/
http_status_t /* O - HTTP status */
* This function returns @code HTTP_STATUS_CREATED@ when the file is stored
* successfully.
*
- * @since CUPS 1.1.20/OS X 10.4@
+ * @since CUPS 1.1.20/macOS 10.4@
*/
http_status_t /* O - HTTP status */
int retries; /* Number of retries */
char buffer[8192]; /* Buffer for file */
http_status_t status; /* HTTP status from server */
+ int new_auth = 0; /* Using new auth information? */
+ int digest; /* Are we using Digest authentication? */
/*
* Range check input...
*/
- DEBUG_printf(("cupsPutFd(http=%p, resource=\"%s\", fd=%d)", http,
- resource, fd));
+ DEBUG_printf(("cupsPutFd(http=%p, resource=\"%s\", fd=%d)", (void *)http, resource, fd));
if (!resource || fd < 0)
{
http->authstring));
httpClearFields(http);
- httpSetField(http, HTTP_FIELD_AUTHORIZATION, http->authstring);
httpSetField(http, HTTP_FIELD_TRANSFER_ENCODING, "chunked");
httpSetExpect(http, HTTP_STATUS_CONTINUE);
+ digest = http->authstring && !strncmp(http->authstring, "Digest ", 7);
+
+ if (digest && !new_auth)
+ {
+ /*
+ * Update the Digest authentication string...
+ */
+
+ _httpSetDigestAuthString(http, http->nextnonce, "PUT", resource);
+ }
+
+#ifdef HAVE_GSSAPI
+ if (http->authstring && !strncmp(http->authstring, "Negotiate", 9) && !new_auth)
+ {
+ /*
+ * Do not use cached Kerberos credentials since they will look like a
+ * "replay" attack...
+ */
+
+ _cupsSetNegotiateAuthString(http, "PUT", resource);
+ }
+#endif /* HAVE_GSSAPI */
+
+ httpSetField(http, HTTP_FIELD_AUTHORIZATION, http->authstring);
+
if (httpPut(http, resource))
{
if (httpReconnect2(http, 30000, NULL))
DEBUG_printf(("2cupsPutFd: status=%d", status));
+ new_auth = 0;
+
if (status == HTTP_STATUS_UNAUTHORIZED)
{
/*
* See if we can do authentication...
*/
+ new_auth = 1;
+
if (cupsDoAuthentication(http, "PUT", resource))
{
status = HTTP_STATUS_CUPS_AUTHORIZATION_CANCELED;
* This function returns @code HTTP_CREATED@ when the file is stored
* successfully.
*
- * @since CUPS 1.1.20/OS X 10.4@
+ * @since CUPS 1.1.20/macOS 10.4@
*/
http_status_t /* O - HTTP status */
return (status);
}
-
-
-/*
- * End of "$Id$".
- */
projects / thirdparty / cups.git / blobdiff