diff options
Diffstat (limited to 'lib/curl_ntlm_msgs.c')
| -rw-r--r-- | lib/curl_ntlm_msgs.c | 88 |
1 files changed, 11 insertions, 77 deletions
diff --git a/lib/curl_ntlm_msgs.c b/lib/curl_ntlm_msgs.c index 050ffe25d..e222b73b7 100644 --- a/lib/curl_ntlm_msgs.c +++ b/lib/curl_ntlm_msgs.c @@ -346,17 +346,15 @@ CURLcode Curl_ntlm_decode_type2_message(struct SessionHandle *data, void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm) { Curl_safefree(ntlm->type_2); + if(ntlm->has_handles) { s_pSecFn->DeleteSecurityContext(&ntlm->c_handle); s_pSecFn->FreeCredentialsHandle(&ntlm->handle); ntlm->has_handles = 0; } - if(ntlm->p_identity) { - Curl_safefree(ntlm->identity.User); - Curl_safefree(ntlm->identity.Password); - Curl_safefree(ntlm->identity.Domain); - ntlm->p_identity = NULL; - } + + Curl_sspi_free_identity(ntlm->p_identity); + ntlm->p_identity = NULL; } #endif @@ -420,84 +418,20 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp, SecBufferDesc desc; SECURITY_STATUS status; unsigned long attrs; - xcharp_u useranddomain; - xcharp_u user, dup_user; - xcharp_u domain, dup_domain; - xcharp_u passwd, dup_passwd; - size_t domlen = 0; TimeStamp tsDummy; /* For Windows 9x compatibility of SSPI calls */ - domain.const_tchar_ptr = TEXT(""); - Curl_ntlm_sspi_cleanup(ntlm); if(userp && *userp) { + CURLcode result; - /* null initialize ntlm identity's data to allow proper cleanup */ - ntlm->p_identity = &ntlm->identity; - memset(ntlm->p_identity, 0, sizeof(*ntlm->p_identity)); - - useranddomain.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)userp); - if(!useranddomain.tchar_ptr) - return CURLE_OUT_OF_MEMORY; - - user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('\\')); - if(!user.const_tchar_ptr) - user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('/')); - - if(user.tchar_ptr) { - domain.tchar_ptr = useranddomain.tchar_ptr; - domlen = user.tchar_ptr - useranddomain.tchar_ptr; - user.tchar_ptr++; - } - else { - user.tchar_ptr = useranddomain.tchar_ptr; - domain.const_tchar_ptr = TEXT(""); - domlen = 0; - } + /* Populate our identity structure */ + result = Curl_create_sspi_identity(userp, passwdp, &ntlm->identity); + if(result) + return result; - /* setup ntlm identity's user and length */ - dup_user.tchar_ptr = _tcsdup(user.tchar_ptr); - if(!dup_user.tchar_ptr) { - Curl_unicodefree(useranddomain.tchar_ptr); - return CURLE_OUT_OF_MEMORY; - } - ntlm->identity.User = dup_user.tbyte_ptr; - ntlm->identity.UserLength = curlx_uztoul(_tcslen(dup_user.tchar_ptr)); - dup_user.tchar_ptr = NULL; - - /* setup ntlm identity's domain and length */ - dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1)); - if(!dup_domain.tchar_ptr) { - Curl_unicodefree(useranddomain.tchar_ptr); - return CURLE_OUT_OF_MEMORY; - } - _tcsncpy(dup_domain.tchar_ptr, domain.tchar_ptr, domlen); - *(dup_domain.tchar_ptr + domlen) = TEXT('\0'); - ntlm->identity.Domain = dup_domain.tbyte_ptr; - ntlm->identity.DomainLength = curlx_uztoul(domlen); - dup_domain.tchar_ptr = NULL; - - Curl_unicodefree(useranddomain.tchar_ptr); - - /* setup ntlm identity's password and length */ - passwd.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)passwdp); - if(!passwd.tchar_ptr) - return CURLE_OUT_OF_MEMORY; - dup_passwd.tchar_ptr = _tcsdup(passwd.tchar_ptr); - if(!dup_passwd.tchar_ptr) { - Curl_unicodefree(passwd.tchar_ptr); - return CURLE_OUT_OF_MEMORY; - } - ntlm->identity.Password = dup_passwd.tbyte_ptr; - ntlm->identity.PasswordLength = - curlx_uztoul(_tcslen(dup_passwd.tchar_ptr)); - dup_passwd.tchar_ptr = NULL; - - Curl_unicodefree(passwd.tchar_ptr); - - /* setup ntlm identity's flags */ - ntlm->identity.Flags = SECFLAG_WINNT_AUTH_IDENTITY; + /* Allow proper cleanup of the identity structure */ + ntlm->p_identity = &ntlm->identity; } else ntlm->p_identity = NULL; |