[libsoup] SoupAuthManagerNTLM: allow non-ASCII usernames/passwords
- From: Dan Winship <danw src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [libsoup] SoupAuthManagerNTLM: allow non-ASCII usernames/passwords
- Date: Sun, 13 Nov 2011 20:13:10 +0000 (UTC)
commit 67824e6224409f77fa397a0d6bb2eab5e6cc8081
Author: Dan Winship <danw gnome org>
Date: Thu Oct 20 17:27:34 2011 -0400
SoupAuthManagerNTLM: allow non-ASCII usernames/passwords
Switch to using the Unicode-encoded form of NTLM, so that non-ASCII
usernames/passwords will work.
Also, add a "-n" option to tests/get to make it use NTLM, and make
SoupAuthManagerNTLM allow passwords-in-URLs.
Based on a patch from Joachim Breitner, sponsored by ITOMIG GmbH and
the City of BÃblingen.
https://bugzilla.gnome.org/show_bug.cgi?id=576838
libsoup/soup-auth-manager-ntlm.c | 46 ++++++++++++++++++++++++++-----------
tests/get.c | 10 ++++++-
tests/ntlm-test.c | 2 +-
3 files changed, 41 insertions(+), 17 deletions(-)
---
diff --git a/libsoup/soup-auth-manager-ntlm.c b/libsoup/soup-auth-manager-ntlm.c
index 7c3f239..a1b76c7 100644
--- a/libsoup/soup-auth-manager-ntlm.c
+++ b/libsoup/soup-auth-manager-ntlm.c
@@ -12,6 +12,7 @@
#include <ctype.h>
#include <string.h>
+#include <glib.h>
#ifdef USE_NTLM_AUTH
#include <stdlib.h>
@@ -387,6 +388,7 @@ ntlm_authorize_pre (SoupMessage *msg, gpointer ntlm)
SOUP_AUTH_MANAGER_NTLM_GET_PRIVATE (ntlm);
SoupNTLMConnection *conn;
const char *val;
+ SoupURI *uri;
conn = get_connection_for_msg (priv, msg);
if (!conn)
@@ -423,8 +425,14 @@ ntlm_authorize_pre (SoupMessage *msg, gpointer ntlm)
}
#endif
conn->state = SOUP_NTLM_RECEIVED_CHALLENGE;
- soup_auth_manager_emit_authenticate (SOUP_AUTH_MANAGER (ntlm), msg,
- conn->auth, FALSE);
+
+ uri = soup_message_get_uri (msg);
+ if (uri->password)
+ soup_auth_authenticate (conn->auth, uri->user, uri->password);
+ else {
+ soup_auth_manager_emit_authenticate (SOUP_AUTH_MANAGER (ntlm),
+ msg, conn->auth, FALSE);
+ }
done:
/* Remove the WWW-Authenticate headers so the session won't try
@@ -725,7 +733,7 @@ typedef struct {
#define NTLM_CHALLENGE_DOMAIN_STRING_OFFSET 12
#define NTLM_RESPONSE_HEADER "NTLMSSP\x00\x03\x00\x00\x00"
-#define NTLM_RESPONSE_FLAGS 0x8202
+#define NTLM_RESPONSE_FLAGS 0x8201
typedef struct {
guchar header[12];
@@ -751,7 +759,7 @@ ntlm_set_string (NTLMString *string, int *offset, int len)
static char *
soup_ntlm_request (void)
{
- return g_strdup ("NTLM TlRMTVNTUAABAAAABoIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAAAAAAAAAAwAAAA");
+ return g_strdup ("NTLM TlRMTVNTUAABAAAABYIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAAAAAAAAAAwAAAA");
}
static gboolean
@@ -783,7 +791,9 @@ soup_ntlm_parse_challenge (const char *challenge,
return FALSE;
}
- *default_domain = g_strndup ((char *)chall + domain.offset, domain.length);
+ *default_domain = g_convert ((char *)chall + domain.offset,
+ domain.length, "UTF-8", "UCS-2LE",
+ NULL, NULL, NULL);
}
if (nonce) {
@@ -802,8 +812,10 @@ soup_ntlm_response (const char *nonce,
const char *host,
const char *domain)
{
- int hlen, dlen, ulen, offset;
+ int offset;
+ gsize hlen, dlen, ulen;
guchar hash[21], lm_resp[24], nt_resp[24];
+ char *user_conv, *host_conv, *domain_conv;
NTLMResponse resp;
char *out, *p;
int state, save;
@@ -819,13 +831,15 @@ soup_ntlm_response (const char *nonce,
offset = sizeof (resp);
- dlen = strlen (domain);
- ntlm_set_string (&resp.domain, &offset, dlen);
- ulen = strlen (user);
- ntlm_set_string (&resp.user, &offset, ulen);
if (!host)
host = "UNKNOWN";
- hlen = strlen (host);
+
+ domain_conv = g_convert (domain, -1, "UCS-2LE", "UTF-8", NULL, &dlen, NULL);
+ user_conv = g_convert (user, -1, "UCS-2LE", "UTF-8", NULL, &ulen, NULL);
+ host_conv = g_convert (host, -1, "UCS-2LE", "UTF-8", NULL, &hlen, NULL);
+
+ ntlm_set_string (&resp.domain, &offset, dlen);
+ ntlm_set_string (&resp.user, &offset, ulen);
ntlm_set_string (&resp.host, &offset, hlen);
ntlm_set_string (&resp.lm_resp, &offset, sizeof (lm_resp));
ntlm_set_string (&resp.nt_resp, &offset, sizeof (nt_resp));
@@ -838,11 +852,11 @@ soup_ntlm_response (const char *nonce,
p += g_base64_encode_step ((const guchar *) &resp, sizeof (resp),
FALSE, p, &state, &save);
- p += g_base64_encode_step ((const guchar *) domain, dlen,
+ p += g_base64_encode_step ((const guchar *) domain_conv, dlen,
FALSE, p, &state, &save);
- p += g_base64_encode_step ((const guchar *) user, ulen,
+ p += g_base64_encode_step ((const guchar *) user_conv, ulen,
FALSE, p, &state, &save);
- p += g_base64_encode_step ((const guchar *) host, hlen,
+ p += g_base64_encode_step ((const guchar *) host_conv, hlen,
FALSE, p, &state, &save);
p += g_base64_encode_step (lm_resp, sizeof (lm_resp),
FALSE, p, &state, &save);
@@ -851,6 +865,10 @@ soup_ntlm_response (const char *nonce,
p += g_base64_encode_close (FALSE, p, &state, &save);
*p = '\0';
+ g_free (domain_conv);
+ g_free (user_conv);
+ g_free (host_conv);
+
return out;
}
diff --git a/tests/get.c b/tests/get.c
index a226e31..55dd735 100644
--- a/tests/get.c
+++ b/tests/get.c
@@ -105,14 +105,14 @@ main (int argc, char **argv)
{
const char *cafile = NULL, *url;
SoupURI *proxy = NULL, *parsed;
- gboolean synchronous = FALSE;
+ gboolean synchronous = FALSE, ntlm = FALSE;
int opt;
g_type_init ();
method = SOUP_METHOD_GET;
- while ((opt = getopt (argc, argv, "c:dhp:qs")) != -1) {
+ while ((opt = getopt (argc, argv, "c:dhnp:qs")) != -1) {
switch (opt) {
case 'c':
cafile = optarg;
@@ -127,6 +127,10 @@ main (int argc, char **argv)
debug = TRUE;
break;
+ case 'n':
+ ntlm = TRUE;
+ break;
+
case 'p':
proxy = soup_uri_new (optarg);
if (!proxy) {
@@ -172,6 +176,7 @@ main (int argc, char **argv)
SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_COOKIE_JAR,
SOUP_SESSION_USER_AGENT, "get ",
SOUP_SESSION_ACCEPT_LANGUAGE_AUTO, TRUE,
+ SOUP_SESSION_USE_NTLM, ntlm,
NULL);
} else {
session = soup_session_async_new_with_options (
@@ -183,6 +188,7 @@ main (int argc, char **argv)
SOUP_SESSION_ADD_FEATURE_BY_TYPE, SOUP_TYPE_COOKIE_JAR,
SOUP_SESSION_USER_AGENT, "get ",
SOUP_SESSION_ACCEPT_LANGUAGE_AUTO, TRUE,
+ SOUP_SESSION_USE_NTLM, ntlm,
NULL);
}
diff --git a/tests/ntlm-test.c b/tests/ntlm-test.c
index cd74b15..46ac46e 100644
--- a/tests/ntlm-test.c
+++ b/tests/ntlm-test.c
@@ -41,7 +41,7 @@ typedef enum {
#define NTLM_CHALLENGE "TlRMTVNTUAACAAAADAAMADAAAAABAoEAASNFZ4mrze8AAAAAAAAAAGIAYgA8AAAARABPAE0AQQBJAE4AAgAMAEQATwBNAEEASQBOAAEADABTAEUAUgBWAEUAUgAEABQAZABvAG0AYQBpAG4ALgBjAG8AbQADACIAcwBlAHIAdgBlAHIALgBkAG8AbQBhAGkAbgAuAGMAbwBtAAAAAAA="
-#define NTLM_RESPONSE_USER(response) ((response)[87] == 'h' ? NTLM_AUTHENTICATED_ALICE : NTLM_AUTHENTICATED_BOB)
+#define NTLM_RESPONSE_USER(response) ((response)[102] == 'E' ? NTLM_AUTHENTICATED_ALICE : NTLM_AUTHENTICATED_BOB)
static void
clear_state (gpointer connections, GObject *ex_connection)
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]