You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
186 lines
5.4 KiB
186 lines
5.4 KiB
#include <wininetp.h>
|
|
#include <splugin.hxx>
|
|
#include "htuu.h"
|
|
|
|
/*---------------------------------------------------------------------------
|
|
BASIC_CTX
|
|
---------------------------------------------------------------------------*/
|
|
|
|
|
|
/*---------------------------------------------------------------------------
|
|
Constructor
|
|
---------------------------------------------------------------------------*/
|
|
BASIC_CTX::BASIC_CTX(HTTP_REQUEST_HANDLE_OBJECT *pRequest, BOOL fIsProxy,
|
|
SPMData* pSPM, AUTH_CREDS* pCreds)
|
|
: AUTHCTX(pSPM, pCreds)
|
|
{
|
|
_fIsProxy = fIsProxy;
|
|
_pRequest = pRequest;
|
|
}
|
|
|
|
|
|
/*---------------------------------------------------------------------------
|
|
Destructor
|
|
---------------------------------------------------------------------------*/
|
|
BASIC_CTX::~BASIC_CTX()
|
|
{}
|
|
|
|
|
|
/*---------------------------------------------------------------------------
|
|
PreAuthUser
|
|
---------------------------------------------------------------------------*/
|
|
DWORD BASIC_CTX::PreAuthUser(IN LPSTR pBuf, IN OUT LPDWORD pcbBuf)
|
|
{
|
|
DWORD dwRetVal = ERROR_WINHTTP_INTERNAL_ERROR;
|
|
LPSTR pszUserPass = NULL;
|
|
DWORD cbUserPass;
|
|
LPSTR lpszPass = NULL;
|
|
|
|
if (!_pCreds->lpszUser || !(lpszPass = _pCreds->GetPass()))
|
|
{
|
|
dwRetVal = ERROR_INVALID_PARAMETER;
|
|
goto done;
|
|
}
|
|
|
|
// Prefix the header value with the auth type.
|
|
const static BYTE szBasic[] = "Basic ";
|
|
const DWORD BASIC_LEN = sizeof(szBasic) - 1;
|
|
|
|
if (*pcbBuf < BASIC_LEN)
|
|
{
|
|
dwRetVal = ERROR_INSUFFICIENT_BUFFER;
|
|
goto done;
|
|
}
|
|
|
|
memcpy (pBuf, szBasic, BASIC_LEN);
|
|
pBuf += BASIC_LEN;
|
|
|
|
// Generate rest of header value by uuencoding user:pass.
|
|
DWORD cbMaxUserPathLen = strlen(_pCreds->lpszUser) + 1
|
|
+ strlen(lpszPass) + 1
|
|
+ 10;
|
|
// HTUU_encode() parse the buffer 3 bytes at a time;
|
|
// In the worst case we will be two bytes short, so add at least 2 here.
|
|
// longer buffer doesn't matter, HTUU_encode will adjust appropreiately.
|
|
|
|
pszUserPass = New CHAR[cbMaxUserPathLen];
|
|
|
|
if (pszUserPass == NULL)
|
|
{
|
|
dwRetVal = ERROR_NOT_ENOUGH_MEMORY;
|
|
goto done;
|
|
}
|
|
|
|
cbUserPass = wsprintf(pszUserPass, "%s:%s", _pCreds->lpszUser, lpszPass);
|
|
|
|
INET_ASSERT (cbUserPass < cbMaxUserPathLen);
|
|
|
|
if( -1 == HTUU_encode ((PBYTE) pszUserPass, cbUserPass, pBuf, *pcbBuf - BASIC_LEN))
|
|
goto done;
|
|
|
|
*pcbBuf = BASIC_LEN + lstrlen (pBuf);
|
|
|
|
_pvContext = (LPVOID) 1;
|
|
|
|
dwRetVal = ERROR_SUCCESS;
|
|
|
|
done:
|
|
if (pszUserPass != NULL)
|
|
delete [] pszUserPass;
|
|
|
|
if (lpszPass)
|
|
{
|
|
SecureZeroMemory(lpszPass, strlen(lpszPass));
|
|
FREE_MEMORY(lpszPass);
|
|
}
|
|
|
|
return dwRetVal;
|
|
}
|
|
|
|
/*---------------------------------------------------------------------------
|
|
UpdateFromHeaders
|
|
---------------------------------------------------------------------------*/
|
|
DWORD BASIC_CTX::UpdateFromHeaders(HTTP_REQUEST_HANDLE_OBJECT *pRequest, BOOL fIsProxy)
|
|
{
|
|
DWORD dwAuthIdx, cbRealm, dwError;
|
|
LPSTR szRealm = NULL;
|
|
|
|
// Get the associated header.
|
|
if ((dwError = FindHdrIdxFromScheme(&dwAuthIdx)) != ERROR_SUCCESS)
|
|
goto exit;
|
|
|
|
// Get any realm.
|
|
dwError = GetAuthHeaderData(pRequest, fIsProxy, "Realm",
|
|
&szRealm, &cbRealm, ALLOCATE_BUFFER, dwAuthIdx);
|
|
|
|
// No realm is OK.
|
|
if (dwError != ERROR_SUCCESS)
|
|
szRealm = NULL;
|
|
|
|
// If we already have a Creds, ensure that the realm matches. If not,
|
|
// find or create a new one and set it in the auth context.
|
|
if (_pCreds)
|
|
{
|
|
INET_ASSERT(_pCreds->lpszRealm);
|
|
if (/*_pCreds->lpszRealm && */szRealm && lstrcmp(_pCreds->lpszRealm, szRealm))
|
|
{
|
|
// Realms don't match - create a new Creds entry, release the old.
|
|
delete _pCreds;
|
|
_pCreds = CreateCreds(pRequest, fIsProxy, _pSPMData, szRealm);
|
|
INET_ASSERT(_pCreds->pSPM == _pSPMData);
|
|
}
|
|
}
|
|
// If no password cache is set in the auth context,
|
|
// find or create one and set it in the auth context.
|
|
else
|
|
{
|
|
// Find or create a password cache entry.
|
|
_pCreds = CreateCreds(pRequest, fIsProxy, _pSPMData, szRealm);
|
|
if (!_pCreds)
|
|
{
|
|
dwError = ERROR_WINHTTP_INTERNAL_ERROR;
|
|
goto exit;
|
|
}
|
|
INET_ASSERT(_pCreds->pSPM == _pSPMData);
|
|
// _pCreds->nLockCount++;
|
|
}
|
|
|
|
if (!_pCreds)
|
|
{
|
|
INET_ASSERT(FALSE);
|
|
dwError = ERROR_WINHTTP_INTERNAL_ERROR;
|
|
goto exit;
|
|
}
|
|
|
|
dwError = ERROR_SUCCESS;
|
|
|
|
exit:
|
|
|
|
if (szRealm)
|
|
delete []szRealm;
|
|
|
|
return dwError;
|
|
}
|
|
|
|
|
|
/*---------------------------------------------------------------------------
|
|
PostAuthUser
|
|
---------------------------------------------------------------------------*/
|
|
DWORD BASIC_CTX::PostAuthUser()
|
|
{
|
|
DWORD dwRet;
|
|
|
|
if (! _pvContext && !_pRequest->GetCreds()
|
|
&& _pCreds->lpszUser && _pCreds->xszPass.GetPtr())
|
|
dwRet = ERROR_WINHTTP_FORCE_RETRY;
|
|
else
|
|
dwRet = ERROR_WINHTTP_INCORRECT_PASSWORD;
|
|
|
|
_pRequest->SetCreds(NULL);
|
|
_pvContext = (LPVOID) 1;
|
|
return dwRet;
|
|
}
|
|
|
|
|
|
|
|
|