* src/ne_auth.c (basic_challenge): Skip calculating the scope path for

the proxy CONNECT auth case.
author: Joe Orton <joe@manyfish.uk> 2021-03-06 10:20:42 +0000
committer: Joe Orton <joe@manyfish.uk> 2021-03-06 10:20:42 +0000
commit: 4a75a0adab5b6593cc43e321a5a6a2a55e287840 (patch)
tree: 83d6a06d932164dee84e7220b2eb9f6ff8532b3f
parent: cf4079d04c0212940db090d36f860a421e667946 (diff)
download: neon-git-4a75a0adab5b6593cc43e321a5a6a2a55e287840.tar.gz
1 files changed, 12 insertions, 4 deletions
diff --git a/src/ne_auth.c b/src/ne_auth.c
index 73a11bc..ad36382 100644
--- a/src/ne_auth.c
+++ b/src/ne_auth.c
@@ -489,15 +489,23 @@ static int basic_challenge(auth_session *sess, int attempt,
     sess->basic = ne_base64((unsigned char *)tmp, strlen(tmp));
     ne_free(tmp);
 
+    /* Paranoia. */
+    memset(password, 0, sizeof password);
+
+    if (sess->context == AUTH_CONNECT) {
+        /* For proxy auth w/TLS, auth is limited to handling CONNECT
+         * request, no need to derive the "scope" path. */
+        return 0;
+    }
+
     if (sess->ndomains != 1) {
         sess->domains = ne_realloc(sess->domains, sizeof(*sess->domains));
         sess->ndomains = 1;
     }
-    sess->domains[0] = get_scope_path(uri);
-    NE_DEBUG(NE_DBG_HTTPAUTH, "auth: Basic auth scope is: %s\n", sess->domains[0]);
 
-    /* Paranoia. */
-    memset(password, 0, sizeof password);
+    sess->domains[0] = get_scope_path(uri);
+    NE_DEBUG(NE_DBG_HTTPAUTH, "auth: Basic auth scope is: %s\n",
+             sess->domains[0]);
 
     return 0;
 }
author	Joe Orton <joe@manyfish.uk>	2021-03-06 10:20:42 +0000
committer	Joe Orton <joe@manyfish.uk>	2021-03-06 10:20:42 +0000
commit	4a75a0adab5b6593cc43e321a5a6a2a55e287840 (patch)
tree	83d6a06d932164dee84e7220b2eb9f6ff8532b3f
parent	cf4079d04c0212940db090d36f860a421e667946 (diff)
download	neon-git-4a75a0adab5b6593cc43e321a5a6a2a55e287840.tar.gz