diff options
| author | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2007-02-06 10:09:10 +0000 |
|---|---|---|
| committer | joe <joe@61a7d7f5-40b7-0310-9c16-bb0ea8cb1845> | 2007-02-06 10:09:10 +0000 |
| commit | 1b27be0f29af5dd98aa6321f891f6d7fb6ee97fe (patch) | |
| tree | ab22885f148a7dc8873aa282ce90372f9cec7f5f | |
| parent | 993328db855f21a1f7c060e382002912cd994c3a (diff) | |
| download | neon-1b27be0f29af5dd98aa6321f891f6d7fb6ee97fe.tar.gz | |
Merge r1152, r1153, r1154, r1155, r1156 from trunk:
* src/ne_sspi.c: Define SECURITY_ENTRYPOINT if missing.
(base64ToBuffer): Fix cast.
* src/ne_locks.c (lk_pre_send): Terminate If header with CRLF not LF.
* src/ne_auth.c (ah_pre_send): Set request idempotent flag
for SSPI to prevent connection closure.
* src/ne_auth.c (verify_negotiate_response): Fix comparison
of Negotiate response header token, and set error message
on failure.
* src/ne_socket.c (write_raw): Work around QNX issue passing large
buffers to send() over loopback; send 8K at a time.
git-svn-id: http://svn.webdav.org/repos/projects/neon/branches/0.26.x@1157 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
| -rw-r--r-- | src/ne_auth.c | 12 | ||||
| -rw-r--r-- | src/ne_locks.c | 2 | ||||
| -rw-r--r-- | src/ne_socket.c | 6 | ||||
| -rw-r--r-- | src/ne_sspi.c | 6 |
4 files changed, 22 insertions, 4 deletions
diff --git a/src/ne_auth.c b/src/ne_auth.c index 084af85..00f2016 100644 --- a/src/ne_auth.c +++ b/src/ne_auth.c @@ -519,8 +519,9 @@ static int verify_negotiate_response(struct auth_request *req, auth_session *ses char *sep, *ptr = strchr(duphdr, ' '); int ret; - if (strncmp(hdr, "Negotiate", ptr - hdr) != 0) { - NE_DEBUG(NE_DBG_HTTPAUTH, "gssapi: Not a Negotiate response!\n"); + if (strncmp(hdr, "Negotiate", ptr - duphdr) != 0) { + ne_set_error(sess->sess, _("Negotiate response verification failed: " + "invalid response header token")); ne_free(duphdr); return NE_ERROR; } @@ -1172,6 +1173,13 @@ static void ah_pre_send(ne_request *r, void *cookie, ne_buffer *request) ne_free(value); } +#ifdef HAVE_SSPI + if (sess->sspi_token) { + /* Prevent connection closure due to use of non-idempotent + * request. Completely broken, but so is the protocol. */ + ne_set_request_flag(r, NE_REQFLAG_IDEMPOTENT, 1); + } +#endif } } diff --git a/src/ne_locks.c b/src/ne_locks.c index 33a39d2..fbe390c 100644 --- a/src/ne_locks.c +++ b/src/ne_locks.c @@ -141,7 +141,7 @@ static void lk_pre_send(ne_request *r, void *userdata, ne_buffer *req) item->lock->token, ">)", NULL); ne_free(uri); } - ne_buffer_czappend(req, "\n"); + ne_buffer_czappend(req, "\r\n"); } } diff --git a/src/ne_socket.c b/src/ne_socket.c index 3642df4..0dadf58 100644 --- a/src/ne_socket.c +++ b/src/ne_socket.c @@ -490,6 +490,12 @@ static ssize_t write_raw(ne_socket *sock, const char *data, size_t length) { ssize_t ret; +#ifdef __QNX__ + /* Test failures seen on QNX over loopback, if passing large + * buffer lengths to send(). */ + if (length > 8192) length = 8192; +#endif + do { ret = send(sock->fd, data, length, 0); } while (ret == -1 && NE_ISINTR(ne_errno)); diff --git a/src/ne_sspi.c b/src/ne_sspi.c index f997715..47e4b09 100644 --- a/src/ne_sspi.c +++ b/src/ne_sspi.c @@ -29,6 +29,10 @@ #define SEC_SUCCESS(Status) ((Status) >= 0) +#ifndef SECURITY_ENTRYPOINT /* Missing in MingW 3.7 */ +#define SECURITY_ENTRYPOINT "InitSecurityInterfaceA" +#endif + struct SSPIContextStruct { CtxtHandle context; char *serverName; @@ -278,7 +282,7 @@ static int base64ToBuffer(const char *token, SecBufferDesc * secBufferDesc) buffer->BufferType = SECBUFFER_TOKEN; buffer->cbBuffer = - ne_unbase64(token, &((unsigned char *) buffer->pvBuffer)); + ne_unbase64(token, (unsigned char **) &buffer->pvBuffer); if (buffer->cbBuffer == 0) { NE_DEBUG(NE_DBG_HTTPAUTH, |