Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Add unused http_auth states, add proxy argument to authorization methods
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
  • Loading branch information
David Woodhouse authored and David Woodhouse committed Feb 20, 2015
1 parent 16059d5 commit 3484aeb
Show file tree
Hide file tree
Showing 6 changed files with 22 additions and 14 deletions.
3 changes: 2 additions & 1 deletion digest.c
Expand Up @@ -78,7 +78,8 @@ static void buf_append_md5(struct oc_text_buf *buf, void *data, int len)
buf_append(buf, "%02x", md5[i]);
}

int digest_authorization(struct openconnect_info *vpninfo, struct http_auth_state *auth_state,
int digest_authorization(struct openconnect_info *vpninfo, int proxy,
struct http_auth_state *auth_state,
struct oc_text_buf *hdrbuf)
{
char *chall;
Expand Down
2 changes: 1 addition & 1 deletion gssapi.c
Expand Up @@ -80,7 +80,7 @@ static int gssapi_setup(struct openconnect_info *vpninfo, const char *service)
#define GSSAPI_CONTINUE 2
#define GSSAPI_COMPLETE 3

int gssapi_authorization(struct openconnect_info *vpninfo,
int gssapi_authorization(struct openconnect_info *vpninfo, int proxy,
struct http_auth_state *auth_state,
struct oc_text_buf *hdrbuf)
{
Expand Down
17 changes: 11 additions & 6 deletions http.c
Expand Up @@ -1376,7 +1376,7 @@ void buf_append_base64(struct oc_text_buf *buf, const void *bytes, int len)
buf->data[buf->pos] = 0;
}

static int basic_authorization(struct openconnect_info *vpninfo,
static int basic_authorization(struct openconnect_info *vpninfo, int proxy,
struct http_auth_state *auth_state,
struct oc_text_buf *hdrbuf)
{
Expand Down Expand Up @@ -1430,7 +1430,7 @@ static int no_gssapi_authorization(struct openconnect_info *vpninfo,
struct auth_method {
int state_index;
const char *name;
int (*authorization)(struct openconnect_info *, struct http_auth_state *, struct oc_text_buf *);
int (*authorization)(struct openconnect_info *, int, struct http_auth_state *, struct oc_text_buf *);
void (*cleanup)(struct openconnect_info *);
} auth_methods[] = {
#if defined(HAVE_GSSAPI) || defined(_WIN32)
Expand All @@ -1445,15 +1445,20 @@ struct auth_method {
};

/* Generate Proxy-Authorization: header for request if appropriate */
static int proxy_authorization(struct openconnect_info *vpninfo, struct oc_text_buf *buf)
static int gen_authorization_hdr(struct openconnect_info *vpninfo, int proxy,
struct oc_text_buf *buf)
{
int ret;
int i;

for (i = 0; i < sizeof(auth_methods) / sizeof(auth_methods[0]); i++) {
struct http_auth_state *auth_state = &vpninfo->proxy_auth[auth_methods[i].state_index];
struct http_auth_state *auth_state;
if (proxy)
auth_state = &vpninfo->proxy_auth[auth_methods[i].state_index];
else
auth_state = &vpninfo->http_auth[auth_methods[i].state_index];
if (auth_state->state > AUTH_UNSEEN) {
ret = auth_methods[i].authorization(vpninfo, auth_state, buf);
ret = auth_methods[i].authorization(vpninfo, proxy, auth_state, buf);
if (ret == -EAGAIN || !ret)
return ret;
}
Expand Down Expand Up @@ -1557,7 +1562,7 @@ static int process_http_proxy(struct openconnect_info *vpninfo)
if (auth) {
int i;

result = proxy_authorization(vpninfo, reqbuf);
result = gen_authorization_hdr(vpninfo, 1, reqbuf);
if (result) {
buf_free(reqbuf);
return result;
Expand Down
2 changes: 1 addition & 1 deletion ntlm.c
Expand Up @@ -962,7 +962,7 @@ static int ntlm_manual_challenge(struct openconnect_info *vpninfo,
return 0;
}

int ntlm_authorization(struct openconnect_info *vpninfo,
int ntlm_authorization(struct openconnect_info *vpninfo, int proxy,
struct http_auth_state *auth_state, struct oc_text_buf *buf)
{
if (auth_state->state == AUTH_AVAILABLE) {
Expand Down
8 changes: 5 additions & 3 deletions openconnect-internal.h
Expand Up @@ -351,6 +351,8 @@ struct openconnect_info {
char *proxy_user;
char *proxy_pass;
int proxy_close_during_auth;
int http_close_during_auth;
struct http_auth_state http_auth[MAX_AUTH_TYPES];
struct http_auth_state proxy_auth[MAX_AUTH_TYPES];
#ifdef HAVE_GSSAPI
gss_name_t gss_target_name;
Expand Down Expand Up @@ -946,16 +948,16 @@ int handle_redirect(struct openconnect_info *vpninfo);
void http_common_headers(struct openconnect_info *vpninfo, struct oc_text_buf *buf);

/* ntlm.c */
int ntlm_authorization(struct openconnect_info *vpninfo, struct http_auth_state *auth_state, struct oc_text_buf *buf);
int ntlm_authorization(struct openconnect_info *vpninfo, int proxy, struct http_auth_state *auth_state, struct oc_text_buf *buf);
void cleanup_ntlm_auth(struct openconnect_info *vpninfo);

/* gssapi.c */
int gssapi_authorization(struct openconnect_info *vpninfo, struct http_auth_state *auth_state, struct oc_text_buf *buf);
int gssapi_authorization(struct openconnect_info *vpninfo, int proxy, struct http_auth_state *auth_state, struct oc_text_buf *buf);
void cleanup_gssapi_auth(struct openconnect_info *vpninfo);
int socks_gssapi_auth(struct openconnect_info *vpninfo);

/* digest.c */
int digest_authorization(struct openconnect_info *vpninfo, struct http_auth_state *auth_state, struct oc_text_buf *buf);
int digest_authorization(struct openconnect_info *vpninfo, int proxy, struct http_auth_state *auth_state, struct oc_text_buf *buf);

/* library.c */
void nuke_opt_values(struct oc_form_opt *opt);
Expand Down
4 changes: 2 additions & 2 deletions sspi.c
Expand Up @@ -54,8 +54,8 @@ static int sspi_setup(struct openconnect_info *vpninfo, const char *service)
return 0;
}

int gssapi_authorization(struct openconnect_info *vpninfo, struct http_auth_state *auth_state,
struct oc_text_buf *hdrbuf)
int gssapi_authorization(struct openconnect_info *vpninfo, int proxy,
struct http_auth_state *auth_state, struct oc_text_buf *hdrbuf)
{
SECURITY_STATUS status;
SecBufferDesc input_desc, output_desc;
Expand Down

0 comments on commit 3484aeb

Please sign in to comment.