aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/http.c4
-rw-r--r--lib/http_ntlm.c21
-rw-r--r--lib/http_ntlm.h11
3 files changed, 16 insertions, 20 deletions
diff --git a/lib/http.c b/lib/http.c
index 97c904342..4952ddd64 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -767,9 +767,9 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
if(authp->picked == CURLAUTH_NTLM ||
authp->picked == CURLAUTH_NTLM_SSO) {
/* NTLM authentication is picked and activated */
- CURLntlm ntlm =
+ CURLcode ntlm =
Curl_input_ntlm(conn, (bool)(httpcode == 407), start);
- if(CURLNTLM_BAD != ntlm) {
+ if(CURLE_OK == ntlm) {
data->state.authproblem = FALSE;
#ifdef WINBIND_NTLM_AUTH_ENABLED
if(authp->picked == CURLAUTH_NTLM_SSO) {
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index ed2f05b3b..98d9ad890 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -265,7 +265,7 @@ static unsigned int readint_le(unsigned char *buf)
from the beginning of the NTLM message.
*/
-CURLntlm Curl_input_ntlm(struct connectdata *conn,
+CURLcode Curl_input_ntlm(struct connectdata *conn,
bool proxy, /* if proxy or not */
const char *header) /* rest of the www-authenticate:
header */
@@ -275,10 +275,12 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
#ifndef USE_WINDOWS_SSPI
static const char type2_marker[] = { 0x02, 0x00, 0x00, 0x00 };
#endif
+ CURLcode result = CURLE_OK;
#ifdef USE_NSS
- if(CURLE_OK != Curl_nss_force_init(conn->data))
- return CURLNTLM_BAD;
+ result = Curl_nss_force_init(conn->data);
+ if(result)
+ return result;
#endif
ntlm = proxy ? &conn->proxyntlm : &conn->ntlm;
@@ -314,7 +316,7 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
unsigned char *buffer;
size = Curl_base64_decode(header, &buffer);
if(!buffer)
- return CURLNTLM_BAD;
+ return CURLE_OUT_OF_MEMORY;
ntlm->state = NTLMSTATE_TYPE2; /* we got a type-2 */
@@ -334,7 +336,8 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
(memcmp(buffer + 8, type2_marker, sizeof(type2_marker)) != 0)) {
/* This was not a good enough type-2 message */
free(buffer);
- return CURLNTLM_BAD;
+ infof(conn->data, "NTLM handshake failure (bad type-2 message)\n");
+ return CURLE_REMOTE_ACCESS_DENIED;
}
ntlm->flags = readint_le(&buffer[20]);
@@ -352,14 +355,16 @@ CURLntlm Curl_input_ntlm(struct connectdata *conn,
free(buffer);
}
else {
- if(ntlm->state >= NTLMSTATE_TYPE1)
- return CURLNTLM_BAD;
+ if(ntlm->state >= NTLMSTATE_TYPE1) {
+ infof(conn->data, "NTLM handshake failure (internal error)\n");
+ return CURLE_REMOTE_ACCESS_DENIED;
+ }
ntlm->state = NTLMSTATE_TYPE1; /* we should sent away a type-1 */
}
}
- return CURLNTLM_FINE;
+ return result;
}
#ifndef USE_WINDOWS_SSPI
diff --git a/lib/http_ntlm.h b/lib/http_ntlm.h
index c80bb09ff..d3b79ed2c 100644
--- a/lib/http_ntlm.h
+++ b/lib/http_ntlm.h
@@ -22,17 +22,8 @@
*
***************************************************************************/
-typedef enum {
- CURLNTLM_NONE, /* not a ntlm */
- CURLNTLM_BAD, /* an ntlm, but one we don't like */
- CURLNTLM_FIRST, /* the first 401-reply we got with NTLM */
- CURLNTLM_FINE, /* an ntlm we act on */
-
- CURLNTLM_LAST /* last entry in this enum, don't use */
-} CURLntlm;
-
/* this is for ntlm header input */
-CURLntlm Curl_input_ntlm(struct connectdata *conn, bool proxy,
+CURLcode Curl_input_ntlm(struct connectdata *conn, bool proxy,
const char *header);
/* this is for creating ntlm header output */