From fe20826b580aa221f8f796cba236d08dc0fd80fd Mon Sep 17 00:00:00 2001
From: Steve Holme <steve_holme@hotmail.com>
Date: Wed, 15 May 2019 16:10:56 +0100
Subject: http_ntlm_wb: Move the type-2 message processing into a dedicated
 function

This brings the code inline with the other HTTP authentication mechanisms.

Closes #3890
---
 lib/curl_ntlm_wb.c | 26 ++++++++++++++++++++++++++
 lib/curl_ntlm_wb.h |  7 +++++--
 lib/http.c         | 17 ++++-------------
 3 files changed, 35 insertions(+), 15 deletions(-)

diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c
index 865f1396b..2400ff091 100644
--- a/lib/curl_ntlm_wb.c
+++ b/lib/curl_ntlm_wb.c
@@ -53,6 +53,8 @@
 #include "url.h"
 #include "strerror.h"
 #include "strdup.h"
+#include "strcase.h"
+
 /* The last 3 #include files should be in this order */
 #include "curl_printf.h"
 #include "curl_memory.h"
@@ -333,6 +335,30 @@ done:
   return CURLE_REMOTE_ACCESS_DENIED;
 }
 
+CURLcode Curl_input_ntlm_wb(struct connectdata *conn,
+                            bool proxy,
+                            const char *header)
+{
+  (void) proxy;
+
+  if(!checkprefix("NTLM", header))
+    return CURLE_BAD_CONTENT_ENCODING;
+
+  header += strlen("NTLM");
+  while(*header && ISSPACE(*header))
+    header++;
+
+  if(*header) {
+    conn->challenge_header = strdup(header);
+    if(!conn->challenge_header)
+      return CURLE_OUT_OF_MEMORY;
+  }
+  else
+    return CURLE_BAD_CONTENT_ENCODING;
+
+  return CURLE_OK;
+}
+
 /*
  * This is for creating ntlm header output by delegating challenge/response
  * to Samba's winbind daemon helper ntlm_auth.
diff --git a/lib/curl_ntlm_wb.h b/lib/curl_ntlm_wb.h
index 919e9636a..3cf841cf2 100644
--- a/lib/curl_ntlm_wb.h
+++ b/lib/curl_ntlm_wb.h
@@ -27,8 +27,11 @@
 #if !defined(CURL_DISABLE_HTTP) && defined(USE_NTLM) && \
     defined(NTLM_WB_ENABLED)
 
-/* this is for creating ntlm header output by delegating challenge/response
-   to Samba's winbind daemon helper ntlm_auth */
+/* this is for ntlm header input */
+CURLcode Curl_input_ntlm_wb(struct connectdata *conn, bool proxy,
+                            const char *header);
+
+/* this is for creating ntlm header output */
 CURLcode Curl_output_ntlm_wb(struct connectdata *conn, bool proxy);
 
 void Curl_http_auth_cleanup_ntlm_wb(struct connectdata *conn);
diff --git a/lib/http.c b/lib/http.c
index 222f7f53d..68259f817 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -919,19 +919,10 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
                 *availp |= CURLAUTH_NTLM_WB;
                 authp->avail |= CURLAUTH_NTLM_WB;
 
-                /* Get the challenge-message which will be passed to
-                 * ntlm_auth for generating the type 3 message later */
-                while(*auth && ISSPACE(*auth))
-                  auth++;
-                if(checkprefix("NTLM", auth)) {
-                  auth += strlen("NTLM");
-                  while(*auth && ISSPACE(*auth))
-                    auth++;
-                  if(*auth) {
-                    conn->challenge_header = strdup(auth);
-                    if(!conn->challenge_header)
-                      return CURLE_OUT_OF_MEMORY;
-                  }
+                result = Curl_input_ntlm_wb(conn, proxy, auth);
+                if(result) {
+                  infof(data, "Authentication problem. Ignoring this.\n");
+                  data->state.authproblem = TRUE;
                 }
               }
 #endif
-- 
cgit v1.2.3