aboutsummaryrefslogtreecommitdiff
path: root/lib/vauth
diff options
context:
space:
mode:
Diffstat (limited to 'lib/vauth')
-rw-r--r--lib/vauth/spnego_gssapi.c6
-rw-r--r--lib/vauth/spnego_sspi.c13
2 files changed, 10 insertions, 9 deletions
diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c
index cf1fcf0d6..fd9a0ef7a 100644
--- a/lib/vauth/spnego_gssapi.c
+++ b/lib/vauth/spnego_gssapi.c
@@ -87,8 +87,8 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
return CURLE_LOGIN_DENIED;
}
- /* Generate our SPN */
if(!nego->spn) {
+ /* Generate our SPN */
char *spn = Curl_auth_build_gssapi_spn(service, host);
if(!spn)
return CURLE_OUT_OF_MEMORY;
@@ -113,7 +113,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
free(spn);
}
- if(chlg64 && strlen(chlg64)) {
+ if(chlg64 && *chlg64) {
/* Decode the base-64 encoded challenge message */
if(*chlg64 != '=') {
result = Curl_base64_decode(chlg64, &chlg, &chlglen);
@@ -144,6 +144,8 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
&output_token,
TRUE,
NULL);
+
+ /* Free the decoded challenge as it is not required anymore */
Curl_safefree(input_token.value);
nego->status = major_status;
diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index acab2bc9d..3dc5ccaeb 100644
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -88,8 +88,8 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
return CURLE_LOGIN_DENIED;
}
- /* Generate our SPN */
if(!nego->spn) {
+ /* Generate our SPN */
nego->spn = Curl_auth_build_spn(service, host);
if(!nego->spn)
return CURLE_OUT_OF_MEMORY;
@@ -115,6 +115,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
}
if(!nego->credentials) {
+ /* Do we have credientials to use or are we using single sign-on? */
if(user && *user) {
/* Populate our identity structure */
result = Curl_create_sspi_identity(user, password, &nego->identity);
@@ -153,7 +154,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
memset(nego->context, 0, sizeof(CtxtHandle));
}
- if(chlg64 && strlen(chlg64)) {
+ if(chlg64 && *chlg64) {
/* Decode the base-64 encoded challenge message */
if(*chlg64 != '=') {
result = Curl_base64_decode(chlg64, &chlg, &chlglen);
@@ -197,8 +198,10 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
&resp_desc, &attrs,
&expiry);
+ /* Free the decoded challenge as it is not required anymore */
+ free(chlg);
+
if(GSS_ERROR(nego->status)) {
- free(chlg);
return CURLE_OUT_OF_MEMORY;
}
@@ -206,16 +209,12 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
nego->status == SEC_I_COMPLETE_AND_CONTINUE) {
nego->status = s_pSecFn->CompleteAuthToken(nego->context, &resp_desc);
if(GSS_ERROR(nego->status)) {
- free(chlg);
return CURLE_RECV_ERROR;
}
}
nego->output_token_length = resp_buf.cbBuffer;
- /* Free the decoded challenge */
- free(chlg);
-
return result;
}