From 44031f32a149e9d4097b77c1e998db03887d209c Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 9 Jan 2004 14:03:06 +0000
Subject: added one assert and a few comments describing how the auth stuff
 works

---
 lib/http.c | 32 +++++++++++++++++++++++++-------
 1 file changed, 25 insertions(+), 7 deletions(-)

diff --git a/lib/http.c b/lib/http.c
index a992fd421..6002ad977 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -158,11 +158,19 @@ static CURLcode Curl_output_basic_proxy(struct connectdata *conn)
   return CURLE_OK;
 }
 
+/*
+ * Curl_http_auth_act() checks what authentication methods that are available
+ * and decides which one (if any) to use. It will set 'newurl' if an auth
+ * metod was picked.
+ */
+
 void Curl_http_auth_act(struct connectdata *conn)
 {
   struct SessionHandle *data = conn->data;
 
   if(data->state.authavail) {
+    /* The order of these checks is highly relevant, as this will be the order
+       of preference in case of the existance of multiple accepted types. */
     if(data->state.authavail & CURLAUTH_GSSNEGOTIATE)
       data->state.authwant = CURLAUTH_GSSNEGOTIATE;
     else if(data->state.authavail & CURLAUTH_DIGEST)
@@ -341,6 +349,15 @@ CURLcode Curl_http_auth(struct connectdata *conn,
   while(*start && isspace((int)*start))
     start++;
 
+  /*
+   * Here we check if we want the specific single authentiction (using ==) and
+   * if we do, we initiate usage of it.
+   *
+   * If the provided authentication is wanted as one out of several accepted
+   * types (using &), we OR this authenticaion type to the authavail
+   * variable.
+   */
+  
 #ifdef HAVE_GSSAPI
   if (checkprefix("GSS-Negotiate", start) ||
       checkprefix("Negotiate", start)) {
@@ -1013,14 +1030,15 @@ CURLcode Curl_http_done(struct connectdata *conn)
 void Curl_http_auth_stage(struct SessionHandle *data,
                           int stage)
 {
-  if(stage == 401)
-    data->state.authwant = data->set.httpauth;
-  else if(stage == 407)
-    data->state.authwant = data->set.proxyauth;
-  else
-    return; /* bad input stage */
+  curlassert((stage == 401) || (stage == 407));
+
+  /* We set none, one or more bits for which authentication types we accept
+     for this stage. */
+  data->state.authwant = (stage == 401)?
+    data->set.httpauth:data->set.proxyauth;
+
   data->state.authstage = stage;
-  data->state.authavail = CURLAUTH_NONE;
+  data->state.authavail = CURLAUTH_NONE; /* no type available yet */
 }
 
 CURLcode Curl_http(struct connectdata *conn)
-- 
cgit v1.2.3