diff options
| author | Steve Holme <steve_holme@hotmail.com> | 2019-05-13 21:42:35 +0100 |
|---|---|---|
| committer | Steve Holme <steve_holme@hotmail.com> | 2019-05-15 00:32:42 +0100 |
| commit | e832d1ef74f260146cdab59cbac1d6969836663a (patch) | |
| tree | 2b06c75083bc17ab2cb274c7bae9feedf44fdfad /lib/http_negotiate.c | |
| parent | 85bef18ca1afc356df3bb28e27ac74e4332affa1 (diff) | |
http_negotiate: Move the Negotiate state out of the negotiatedata structure
Given that this member variable is not used by the SASL based protocols
there is no need to have it here.
Closes #3882
Diffstat (limited to 'lib/http_negotiate.c')
| -rw-r--r-- | lib/http_negotiate.c | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index 7930cf67b..c8f406444 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -49,6 +49,7 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, /* Point to the correct struct with this */ struct negotiatedata *neg_ctx; + curlnegotiate state; if(proxy) { userp = conn->http_proxy.user; @@ -57,6 +58,7 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, data->set.str[STRING_PROXY_SERVICE_NAME] : "HTTP"; host = conn->http_proxy.host.name; neg_ctx = &conn->proxyneg; + state = conn->proxy_negotiate_state; } else { userp = conn->user; @@ -65,6 +67,7 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, data->set.str[STRING_SERVICE_NAME] : "HTTP"; host = conn->host.name; neg_ctx = &conn->negotiate; + state = conn->http_negotiate_state; } /* Not set means empty */ @@ -82,11 +85,11 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, len = strlen(header); neg_ctx->havenegdata = len != 0; if(!len) { - if(neg_ctx->state == GSS_AUTHSUCC) { + if(state == GSS_AUTHSUCC) { infof(conn->data, "Negotiate auth restarted\n"); Curl_http_auth_cleanup_negotiate(conn); } - else if(neg_ctx->state != GSS_AUTHNONE) { + else if(state != GSS_AUTHNONE) { /* The server rejected our authentication and hasn't supplied any more negotiation mechanisms */ Curl_http_auth_cleanup_negotiate(conn); @@ -104,7 +107,7 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, host, header, neg_ctx); if(result) - Curl_auth_cleanup_spnego(neg_ctx); + Curl_http_auth_cleanup_negotiate(conn); return result; } @@ -115,6 +118,8 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) &conn->negotiate; struct auth *authp = proxy ? &conn->data->state.authproxy : &conn->data->state.authhost; + curlnegotiate *state = proxy ? &conn->proxy_negotiate_state : + &conn->http_negotiate_state; char *base64 = NULL; size_t len = 0; char *userp; @@ -122,24 +127,24 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) authp->done = FALSE; - if(neg_ctx->state == GSS_AUTHRECV) { + if(*state == GSS_AUTHRECV) { if(neg_ctx->havenegdata) { neg_ctx->havemultiplerequests = TRUE; } } - else if(neg_ctx->state == GSS_AUTHSUCC) { + else if(*state == GSS_AUTHSUCC) { if(!neg_ctx->havenoauthpersist) { neg_ctx->noauthpersist = !neg_ctx->havemultiplerequests; } } if(neg_ctx->noauthpersist || - (neg_ctx->state != GSS_AUTHDONE && neg_ctx->state != GSS_AUTHSUCC)) { + (*state != GSS_AUTHDONE && *state != GSS_AUTHSUCC)) { - if(neg_ctx->noauthpersist && neg_ctx->state == GSS_AUTHSUCC) { + if(neg_ctx->noauthpersist && *state == GSS_AUTHSUCC) { infof(conn->data, "Curl_output_negotiate, " "no persistent authentication: cleanup existing context"); - Curl_auth_cleanup_spnego(neg_ctx); + Curl_http_auth_cleanup_negotiate(conn); } if(!neg_ctx->context) { result = Curl_input_negotiate(conn, proxy, "Negotiate"); @@ -176,23 +181,23 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) return CURLE_OUT_OF_MEMORY; } - neg_ctx->state = GSS_AUTHSENT; + *state = GSS_AUTHSENT; #ifdef HAVE_GSSAPI if(neg_ctx->status == GSS_S_COMPLETE || neg_ctx->status == GSS_S_CONTINUE_NEEDED) { - neg_ctx->state = GSS_AUTHDONE; + *state = GSS_AUTHDONE; } #else #ifdef USE_WINDOWS_SSPI if(neg_ctx->status == SEC_E_OK || neg_ctx->status == SEC_I_CONTINUE_NEEDED) { - neg_ctx->state = GSS_AUTHDONE; + *state = GSS_AUTHDONE; } #endif #endif } - if(neg_ctx->state == GSS_AUTHDONE || neg_ctx->state == GSS_AUTHSUCC) { + if(*state == GSS_AUTHDONE || *state == GSS_AUTHSUCC) { /* connection is already authenticated, * don't send a header in future requests */ authp->done = TRUE; @@ -205,6 +210,9 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) void Curl_http_auth_cleanup_negotiate(struct connectdata *conn) { + conn->http_negotiate_state = GSS_AUTHNONE; + conn->proxy_negotiate_state = GSS_AUTHNONE; + Curl_auth_cleanup_spnego(&conn->negotiate); Curl_auth_cleanup_spnego(&conn->proxyneg); } |