diff options
author | Joe Orton <joe@manyfish.uk> | 2021-03-06 10:20:42 +0000 |
---|---|---|
committer | Joe Orton <joe@manyfish.uk> | 2021-03-06 10:20:42 +0000 |
commit | 4a75a0adab5b6593cc43e321a5a6a2a55e287840 (patch) | |
tree | 83d6a06d932164dee84e7220b2eb9f6ff8532b3f | |
parent | cf4079d04c0212940db090d36f860a421e667946 (diff) | |
download | neon-git-4a75a0adab5b6593cc43e321a5a6a2a55e287840.tar.gz |
* src/ne_auth.c (basic_challenge): Skip calculating the scope path for
the proxy CONNECT auth case.
-rw-r--r-- | src/ne_auth.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/src/ne_auth.c b/src/ne_auth.c index 73a11bc..ad36382 100644 --- a/src/ne_auth.c +++ b/src/ne_auth.c @@ -489,15 +489,23 @@ static int basic_challenge(auth_session *sess, int attempt, sess->basic = ne_base64((unsigned char *)tmp, strlen(tmp)); ne_free(tmp); + /* Paranoia. */ + memset(password, 0, sizeof password); + + if (sess->context == AUTH_CONNECT) { + /* For proxy auth w/TLS, auth is limited to handling CONNECT + * request, no need to derive the "scope" path. */ + return 0; + } + if (sess->ndomains != 1) { sess->domains = ne_realloc(sess->domains, sizeof(*sess->domains)); sess->ndomains = 1; } - sess->domains[0] = get_scope_path(uri); - NE_DEBUG(NE_DBG_HTTPAUTH, "auth: Basic auth scope is: %s\n", sess->domains[0]); - /* Paranoia. */ - memset(password, 0, sizeof password); + sess->domains[0] = get_scope_path(uri); + NE_DEBUG(NE_DBG_HTTPAUTH, "auth: Basic auth scope is: %s\n", + sess->domains[0]); return 0; } |