url.c: CURLOPT_HTTPAUTH and CURLOPT_PROXYAUTH fixes
Fail with CURLE_NOT_BUILT_IN when none of requested auth methods is supported. Reject CURLAUTH_ONLY bit when given alone or with CURLAUTH_NONE.
This commit is contained in:
Yang Tse
Родитель
9421b06397
Коммит
df4205c10a
38
lib/url.c
38
lib/url.c
|
|
@ -1397,8 +1397,15 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
|
||||||
* Set HTTP Authentication type BITMASK.
|
* Set HTTP Authentication type BITMASK.
|
||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
|
int bitcheck;
|
||||||
|
bool authbits;
|
||||||
unsigned long auth = va_arg(param, unsigned long);
|
unsigned long auth = va_arg(param, unsigned long);
|
||||||
|
|
||||||
|
if(auth == CURLAUTH_NONE) {
|
||||||
|
data->set.httpauth = auth;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
/* the DIGEST_IE bit is only used to set a special marker, for all the
|
/* the DIGEST_IE bit is only used to set a special marker, for all the
|
||||||
rest we need to handle it as normal DIGEST */
|
rest we need to handle it as normal DIGEST */
|
||||||
data->state.authhost.iestyle = (auth & CURLAUTH_DIGEST_IE)?TRUE:FALSE;
|
data->state.authhost.iestyle = (auth & CURLAUTH_DIGEST_IE)?TRUE:FALSE;
|
||||||
|
|
@ -1419,7 +1426,17 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
|
||||||
auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
|
auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
|
||||||
WINDOWS_SSPI */
|
WINDOWS_SSPI */
|
||||||
#endif
|
#endif
|
||||||
if(!auth)
|
|
||||||
|
/* check if any auth bit lower than CURLAUTH_ONLY is still set */
|
||||||
|
bitcheck = 0;
|
||||||
|
authbits = FALSE;
|
||||||
|
while(bitcheck < 31) {
|
||||||
|
if(auth & (1UL << bitcheck++)) {
|
||||||
|
authbits = TRUE;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(!authbits)
|
||||||
return CURLE_NOT_BUILT_IN; /* no supported types left! */
|
return CURLE_NOT_BUILT_IN; /* no supported types left! */
|
||||||
|
|
||||||
data->set.httpauth = auth;
|
data->set.httpauth = auth;
|
||||||
|
|
@ -1461,8 +1478,15 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
|
||||||
* Set HTTP Authentication type BITMASK.
|
* Set HTTP Authentication type BITMASK.
|
||||||
*/
|
*/
|
||||||
{
|
{
|
||||||
|
int bitcheck;
|
||||||
|
bool authbits;
|
||||||
unsigned long auth = va_arg(param, unsigned long);
|
unsigned long auth = va_arg(param, unsigned long);
|
||||||
|
|
||||||
|
if(auth == CURLAUTH_NONE) {
|
||||||
|
data->set.proxyauth = auth;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
/* the DIGEST_IE bit is only used to set a special marker, for all the
|
/* the DIGEST_IE bit is only used to set a special marker, for all the
|
||||||
rest we need to handle it as normal DIGEST */
|
rest we need to handle it as normal DIGEST */
|
||||||
data->state.authproxy.iestyle = (auth & CURLAUTH_DIGEST_IE)?TRUE:FALSE;
|
data->state.authproxy.iestyle = (auth & CURLAUTH_DIGEST_IE)?TRUE:FALSE;
|
||||||
|
|
@ -1482,7 +1506,17 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
|
||||||
auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
|
auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
|
||||||
WINDOWS_SSPI */
|
WINDOWS_SSPI */
|
||||||
#endif
|
#endif
|
||||||
if(!auth)
|
|
||||||
|
/* check if any auth bit lower than CURLAUTH_ONLY is still set */
|
||||||
|
bitcheck = 0;
|
||||||
|
authbits = FALSE;
|
||||||
|
while(bitcheck < 31) {
|
||||||
|
if(auth & (1UL << bitcheck++)) {
|
||||||
|
authbits = TRUE;
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if(!authbits)
|
||||||
return CURLE_NOT_BUILT_IN; /* no supported types left! */
|
return CURLE_NOT_BUILT_IN; /* no supported types left! */
|
||||||
|
|
||||||
data->set.proxyauth = auth;
|
data->set.proxyauth = auth;
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче