aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/http_ntlm.c57
1 files changed, 39 insertions, 18 deletions
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index 258e45101..a7888142d 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -45,6 +45,7 @@
#include "strequal.h"
#include "base64.h"
#include "http_ntlm.h"
+#include "url.h"
#define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h>
@@ -269,7 +270,8 @@ static void mkhash(char *password,
(((x) >>16)&0xff), ((x)>>24)
/* this is for creating ntlm header output */
-CURLcode Curl_output_ntlm(struct connectdata *conn)
+CURLcode Curl_output_ntlm(struct connectdata *conn,
+ bool proxy)
{
const char *domain=""; /* empty */
const char *host=""; /* empty */
@@ -279,8 +281,27 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
int domoff; /* domain name offset */
int size;
char *base64=NULL;
-
unsigned char ntlm[256]; /* enough, unless the host/domain is very long */
+
+ /* point to the address of the pointer that holds the string to sent to the
+ server, which is for a plain host or for a HTTP proxy */
+ char **allocuserpwd;
+
+ /* point to the name and password for this */
+ char *userp;
+ char *passwdp;
+
+ if(proxy) {
+ allocuserpwd = &conn->allocptr.proxyuserpwd;
+ userp = conn->proxyuser;
+ passwdp = conn->proxypasswd;
+ }
+ else {
+ allocuserpwd = &conn->allocptr.userpwd;
+ userp = conn->user;
+ passwdp = conn->passwd;
+ }
+
switch(conn->ntlm.state) {
case NTLMSTATE_TYPE1:
default: /* for the weird cases we (re)start here */
@@ -338,10 +359,10 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
size = Curl_base64_encode(ntlm, size, &base64);
if(size >0 ) {
- if(conn->allocptr.userpwd)
- free(conn->allocptr.userpwd);
- conn->allocptr.userpwd = aprintf("Authorization: NTLM %s\r\n",
- base64);
+ Curl_safefree(*allocuserpwd);
+ *allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n",
+ proxy?"Proxy-":"",
+ base64);
free(base64);
}
else
@@ -378,20 +399,20 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
const char *user;
int userlen;
- user = strchr(conn->user, '\\');
+ user = strchr(userp, '\\');
if(!user)
- user = strchr(conn->user, '/');
+ user = strchr(userp, '/');
if (user) {
- domain = conn->user;
+ domain = userp;
domlen = user - domain;
user++;
}
else
- user = conn->user;
+ user = userp;
userlen = strlen(user);
- mkhash(conn->passwd, &conn->ntlm.nonce[0], lmresp
+ mkhash(passwdp, &conn->ntlm.nonce[0], lmresp
#ifdef USE_NTRESPONSES
, ntresp
#endif
@@ -511,10 +532,10 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
size = Curl_base64_encode(ntlm, size, &base64);
if(size >0 ) {
- if(conn->allocptr.userpwd)
- free(conn->allocptr.userpwd);
- conn->allocptr.userpwd = aprintf("Authorization: NTLM %s\r\n",
- base64);
+ Curl_safefree(*allocuserpwd);
+ *allocuserpwd = aprintf("%sAuthorization: NTLM %s\r\n",
+ proxy?"Proxy-":"",
+ base64);
free(base64);
}
else
@@ -528,9 +549,9 @@ CURLcode Curl_output_ntlm(struct connectdata *conn)
case NTLMSTATE_TYPE3:
/* connection is already authenticated,
* don't send a header in future requests */
- if(conn->allocptr.userpwd) {
- free(conn->allocptr.userpwd);
- conn->allocptr.userpwd=NULL;
+ if(*allocuserpwd) {
+ free(*allocuserpwd);
+ *allocuserpwd=NULL;
}
break;
}