diff options
Diffstat (limited to 'auth/auth_digest.c')
-rw-r--r-- | auth/auth_digest.c | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/auth/auth_digest.c b/auth/auth_digest.c index 2e29180..1c4adf0 100644 --- a/auth/auth_digest.c +++ b/auth/auth_digest.c @@ -358,13 +358,15 @@ serf__init_digest_connection(int code, } apr_status_t -serf__setup_request_digest_auth(int code, +serf__setup_request_digest_auth(peer_t peer, + int code, serf_connection_t *conn, + serf_request_t *request, const char *method, const char *uri, serf_bucket_t *hdrs_bkt) { - digest_authn_info_t *digest_info = (code == 401) ? conn->authn_baton : + digest_authn_info_t *digest_info = (peer == HOST) ? conn->authn_baton : conn->proxy_authn_baton; apr_status_t status = APR_SUCCESS; @@ -372,11 +374,13 @@ serf__setup_request_digest_auth(int code, const char *value; apr_uri_t parsed_uri; - /* extract path from uri */ + /* TODO: per request pool? */ + + /* Extract path from uri. */ status = apr_uri_parse(conn->pool, uri, &parsed_uri); /* Build a new Authorization header. */ - digest_info->header = (code == 401) ? "Authorization" : + digest_info->header = (peer == HOST) ? "Authorization" : "Proxy-Authorization"; value = build_auth_header(digest_info, parsed_uri.path, method, conn->pool); @@ -384,13 +388,19 @@ serf__setup_request_digest_auth(int code, serf_bucket_headers_setn(hdrs_bkt, digest_info->header, value); digest_info->digest_nc++; + + /* Store the uri of this request on the serf_request_t object, to make + it available when validating the Authentication-Info header of the + matching response. */ + request->auth_baton = parsed_uri.path; } return status; } apr_status_t -serf__validate_response_digest_auth(int code, +serf__validate_response_digest_auth(peer_t peer, + int code, serf_connection_t *conn, serf_request_t *request, serf_bucket_t *response, @@ -403,13 +413,13 @@ serf__validate_response_digest_auth(int code, const char *qop = NULL; const char *nc_str = NULL; serf_bucket_t *hdrs; - digest_authn_info_t *digest_info = (code == 401) ? conn->authn_baton : + digest_authn_info_t *digest_info = (peer == HOST) ? conn->authn_baton : conn->proxy_authn_baton; hdrs = serf_bucket_response_get_headers(response); /* Need a copy cuz we're going to write NUL characters into the string. */ - if (code == 401) + if (peer == HOST) auth_attr = apr_pstrdup(pool, serf_bucket_headers_get(hdrs, "Authentication-Info")); else @@ -457,8 +467,9 @@ serf__validate_response_digest_auth(int code, if (rspauth) { const char *ha2, *tmp, *resp_hdr_hex; unsigned char resp_hdr[APR_MD5_DIGESTSIZE]; + const char *req_uri = request->auth_baton; - ha2 = build_digest_ha2(conn->host_info.path, "", qop, pool); + ha2 = build_digest_ha2(req_uri, "", qop, pool); tmp = apr_psprintf(pool, "%s:%s:%s:%s:%s:%s", digest_info->ha1, digest_info->nonce, nc_str, digest_info->cnonce, digest_info->qop, ha2); |