aboutsummaryrefslogtreecommitdiff
path: root/lib/curl_sasl_sspi.c
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2014-11-06 15:05:36 +0000
committerSteve Holme <steve_holme@hotmail.com>2014-11-06 14:59:53 +0000
commit500d2db302bea1544e9750b44cd1531a1a50d8fe (patch)
tree825a76bcda224ab6c77c9e8ac5a2af04a6532bf4 /lib/curl_sasl_sspi.c
parent6d45f952e6c61695a1aa6b17d2103442a049e883 (diff)
http_digest: Reworked the SSPI based input token storage
Reworked the input token (challenge message) storage as what is passed to the buf and desc in the response generation are typically blobs of data rather than strings, so this is more in keeping with other areas of the SSPI code, such as the NTLM message functions.
Diffstat (limited to 'lib/curl_sasl_sspi.c')
-rw-r--r--lib/curl_sasl_sspi.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/lib/curl_sasl_sspi.c b/lib/curl_sasl_sspi.c
index ec3f2ca8c..45aca8ac4 100644
--- a/lib/curl_sasl_sspi.c
+++ b/lib/curl_sasl_sspi.c
@@ -37,6 +37,7 @@
#include "warnless.h"
#include "curl_memory.h"
#include "curl_multibyte.h"
+#include "strdup.h"
#define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h>
@@ -288,14 +289,18 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
CURLcode Curl_sasl_decode_digest_http_message(const char *chlg,
struct digestdata *digest)
{
+ size_t chlglen = strlen(chlg);
+
/* Clean up any former leftovers and initialise to defaults */
Curl_sasl_digest_cleanup(digest);
/* Simply store the challenge for use later */
- digest->input_token = (BYTE *) strdup(chlg);
+ digest->input_token = (BYTE *) Curl_memdup(chlg, chlglen);
if(!digest->input_token)
return CURLE_OUT_OF_MEMORY;
+ digest->input_token_len = chlglen;
+
return CURLE_OK;
}
@@ -392,8 +397,7 @@ CURLcode Curl_sasl_create_digest_http_message(struct SessionHandle *data,
chlg_desc.pBuffers = chlg_buf;
chlg_buf[0].BufferType = SECBUFFER_TOKEN;
chlg_buf[0].pvBuffer = digest->input_token;
- chlg_buf[0].cbBuffer = curlx_uztoul(strlen((const char *)
- digest->input_token));
+ chlg_buf[0].cbBuffer = curlx_uztoul(digest->input_token_len);
chlg_buf[1].BufferType = SECBUFFER_PKG_PARAMS;
chlg_buf[1].pvBuffer = (void *)request;
chlg_buf[1].cbBuffer = curlx_uztoul(strlen((const char *) request));
@@ -472,6 +476,9 @@ void Curl_sasl_digest_cleanup(struct digestdata *digest)
{
/* Free the input token */
Curl_safefree(digest->input_token);
+
+ /* Reset any variables */
+ digest->input_token_len = 0;
}
#endif /* !CURL_DISABLE_CRYPTO_AUTH */
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 19:27:10 +0000