modified

author: Daniel Stenberg <daniel@haxx.se> 2003-06-12 23:03:08 +0000
committer: Daniel Stenberg <daniel@haxx.se> 2003-06-12 23:03:08 +0000
commit: d13202f43bcb3fdc7b3625e031e568cc44c52e2d (patch)
tree: f1f0ceeac2db0cd76fe1ed0364331d9b23bab4a6 /lib
parent: 9d139a6b357d38ee1192c8d6361e0e08a9e9c08b (diff)
3 files changed, 43 insertions, 29 deletions
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index af0d960a7..4c2dddbb8 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -204,10 +204,17 @@ static void mkhash(char *password,
   unsigned char lmbuffer[21];
   unsigned char ntbuffer[21];
   
-  unsigned char pw[256]; /* for maximum 128-letter passwords! */
-  int len = strlen(password);
-  unsigned char magic[] = { 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 };
+  unsigned char *pw;
+  static const unsigned char magic[] = {
+    0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25
+  };
   int i;
+  int len = strlen(password);
+
+  /* make it fit at least 14 bytes */
+  pw = malloc(len<7?14:len*2);
+  if(!pw)
+    return; /* this will lead to a badly generated package */
 
   if (len > 14)
     len = 14;
@@ -249,12 +256,14 @@ static void mkhash(char *password,
     MD4_Update(&MD4, pw, 2*len);
     MD4_Final(ntbuffer, &MD4);
 
-    memset(ntbuffer+16, 0, 5);
+    memset(ntbuffer+16, 0, 8);
   }
 
   /* create responses */
   calc_resp(lmbuffer, nonce, lmresp);
   calc_resp(ntbuffer, nonce, ntresp);
+
+  free(pw);
 }
 
 /* convert an ascii string to upper case unicode, the destination buffer
@@ -399,8 +408,8 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
     int lmrespoff;
     int ntrespoff;
     int useroff;
-    unsigned char lmresp[0x18+1];
-    unsigned char ntresp[0x18+1];
+    unsigned char lmresp[0x18]; /* fixed-size */
+    unsigned char ntresp[0x18]; /* fixed-size */
 
     int userlen = strlen(data->state.user);
     
diff --git a/lib/transfer.c b/lib/transfer.c
index a8c4f46de..771ec53c6 100644
--- a/lib/transfer.c
+++ b/lib/transfer.c
@@ -291,6 +291,7 @@ CURLcode Curl_readwrite(struct connectdata *conn,
             int hbufp_index;
             int rest_length;
             int full_length;
+            int writetype;
               
             /* str_start is start of line within buf */
             k->str_start = k->str;
@@ -437,13 +438,13 @@ CURLcode Curl_readwrite(struct connectdata *conn,
 
               /* now, only output this if the header AND body are requested:
                */
-              k->writetype = CLIENTWRITE_HEADER;
+              writetype = CLIENTWRITE_HEADER;
               if (data->set.http_include_header)
-                k->writetype |= CLIENTWRITE_BODY;
+                writetype |= CLIENTWRITE_BODY;
 
               headerlen = k->p - data->state.headerbuff;
 
-              result = Curl_client_write(data, k->writetype,
+              result = Curl_client_write(data, writetype,
                                          data->state.headerbuff,
                                          headerlen);
               if(result)
@@ -795,8 +796,6 @@ CURLcode Curl_readwrite(struct connectdata *conn,
                   *ptr = '\0';   /* zero terminate */
                   conn->newurl = strdup(start); /* clone string */
                   *ptr = backup; /* restore ending letter */
-
-                  k->returnbeforebody = TRUE; /* don't wait for contents */
                 }
               }
 #if 0 /* for consideration */
@@ -812,16 +811,15 @@ CURLcode Curl_readwrite(struct connectdata *conn,
              * End of header-checks. Write them to the client.
              */
 
-            k->writetype = CLIENTWRITE_HEADER;
+            writetype = CLIENTWRITE_HEADER;
             if (data->set.http_include_header)
-              k->writetype |= CLIENTWRITE_BODY;
+              writetype |= CLIENTWRITE_BODY;
 
             if(data->set.verbose)
               Curl_debug(data, CURLINFO_HEADER_IN,
                          k->p, k->hbuflen);
 
-            result = Curl_client_write(data, k->writetype, k->p,
-                                       k->hbuflen);
+            result = Curl_client_write(data, writetype, k->p, k->hbuflen);
             if(result)
               return result;
 
@@ -854,15 +852,22 @@ CURLcode Curl_readwrite(struct connectdata *conn,
                write a piece of the body */
             if(conn->protocol&PROT_HTTP) {
               /* HTTP-only checks */
-              if (conn->newurl && k->returnbeforebody) {
-                /* abort after the headers if "follow Location" is set */
-                infof (data, "Send request to this URL: %s\n", conn->newurl);
-                k->keepon &= ~KEEP_READ;
-                FD_ZERO(&k->rkeepfd);
-                *done = TRUE;
-                return CURLE_OK;
+              if (conn->newurl) {
+                if(conn->bits.close) {
+                  /* Abort after the headers if "follow Location" is set
+                     and we're set to close anyway. */
+                  k->keepon &= ~KEEP_READ;
+                  FD_ZERO(&k->rkeepfd);
+                  *done = TRUE;
+                  return CURLE_OK;
+                }
+                /* We have a new url to load, but since we want to be able
+                   to re-use this connection properly, we read the full
+                   response in "ignore more" */
+                k->ignorebody = TRUE;
+                infof(data, "Ignoring the response-body\n");
               }
-              else if (conn->resume_from &&
+              if (conn->resume_from &&
                        !k->content_range &&
                        (data->set.httpreq==HTTPREQ_GET)) {
                 /* we wanted to resume a download, although the server
@@ -963,7 +968,7 @@ CURLcode Curl_readwrite(struct connectdata *conn,
           if(!conn->bits.chunk && (nread || k->badheader)) {
             /* If this is chunky transfer, it was already written */
 
-            if(k->badheader) {
+            if(k->badheader && !k->ignorebody) {
               /* we parsed a piece of data wrongly assuming it was a header
                  and now we output it as body instead */
               result = Curl_client_write(data, CLIENTWRITE_BODY,
@@ -984,8 +989,9 @@ CURLcode Curl_readwrite(struct connectdata *conn,
                    Content-Encoding header. See Curl_readwrite_init; the
                    memset() call initializes k->content_encoding to zero.
                    08/28/02 jhrg */
-                result = Curl_client_write(data, CLIENTWRITE_BODY, k->str, 
-                                           nread);
+                if(!k->ignorebody)
+                  result = Curl_client_write(data, CLIENTWRITE_BODY, k->str, 
+                                             nread);
 #ifdef HAVE_LIBZ
                 break;
 
@@ -1266,7 +1272,7 @@ CURLcode Curl_readwrite_init(struct connectdata *conn)
   k->maxfd = (conn->sockfd>conn->writesockfd?
               conn->sockfd:conn->writesockfd)+1;
   k->hbufp = data->state.headerbuff;
-  k->returnbeforebody=FALSE;
+  k->ignorebody=FALSE;
 
   Curl_pgrsTime(data, TIMER_PRETRANSFER);
   Curl_speedinit(data);
diff --git a/lib/urldata.h b/lib/urldata.h
index c1e597971..c24e1c0dd 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -340,7 +340,6 @@ struct Curl_transfer_keeper {
   /* for the low speed checks: */
   time_t timeofdoc;
   long bodywrites;
-  int writetype;
 
   char *buf;
   char *uploadbuf;
@@ -360,7 +359,7 @@ struct Curl_transfer_keeper {
   bool upload_done; /* set to TRUE when doing chunked transfer-encoding upload
                        and we're uploading the last chunk */
 
-  bool returnbeforebody; /* if to break transfer after headers */
+  bool ignorebody;  /* we read a response-body but we ignore it! */
 };
 
 /*
author	Daniel Stenberg <daniel@haxx.se>	2003-06-12 23:03:08 +0000
committer	Daniel Stenberg <daniel@haxx.se>	2003-06-12 23:03:08 +0000
commit	d13202f43bcb3fdc7b3625e031e568cc44c52e2d (patch)
tree	f1f0ceeac2db0cd76fe1ed0364331d9b23bab4a6 /lib
parent	9d139a6b357d38ee1192c8d6361e0e08a9e9c08b (diff)