summaryrefslogtreecommitdiffstats
path: root/lib/vauth/digest_sspi.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/vauth/digest_sspi.c')
-rw-r--r--lib/vauth/digest_sspi.c45
1 files changed, 43 insertions, 2 deletions
diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index 0bd9444..a3f96ed 100644
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -352,8 +352,8 @@ CURLcode Curl_auth_decode_digest_http_message(const char *chlg,
if(!Curl_auth_digest_get_pair(p, value, content, &p))
break;
- if(Curl_strcasecompare(value, "stale")
- && Curl_strcasecompare(content, "true")) {
+ if(strcasecompare(value, "stale") &&
+ strcasecompare(content, "true")) {
stale = true;
break;
}
@@ -438,6 +438,20 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
return CURLE_OUT_OF_MEMORY;
}
+ /* If the user/passwd that was used to make the identity for http_context
+ has changed then delete that context. */
+ if((userp && !digest->user) || (!userp && digest->user) ||
+ (passwdp && !digest->passwd) || (!passwdp && digest->passwd) ||
+ (userp && digest->user && strcmp(userp, digest->user)) ||
+ (passwdp && digest->passwd && strcmp(passwdp, digest->passwd))) {
+ if(digest->http_context) {
+ s_pSecFn->DeleteSecurityContext(digest->http_context);
+ Curl_safefree(digest->http_context);
+ }
+ Curl_safefree(digest->user);
+ Curl_safefree(digest->passwd);
+ }
+
if(digest->http_context) {
chlg_desc.ulVersion = SECBUFFER_VERSION;
chlg_desc.cBuffers = 5;
@@ -479,6 +493,10 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
TimeStamp expiry; /* For Windows 9x compatibility of SSPI calls */
TCHAR *spn;
+ /* free the copy of user/passwd used to make the previous identity */
+ Curl_safefree(digest->user);
+ Curl_safefree(digest->passwd);
+
if(userp && *userp) {
/* Populate our identity structure */
if(Curl_create_sspi_identity(userp, passwdp, &identity)) {
@@ -500,6 +518,25 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
/* Use the current Windows user */
p_identity = NULL;
+ if(userp) {
+ digest->user = strdup(userp);
+
+ if(!digest->user) {
+ free(output_token);
+ return CURLE_OUT_OF_MEMORY;
+ }
+ }
+
+ if(passwdp) {
+ digest->passwd = strdup(passwdp);
+
+ if(!digest->passwd) {
+ free(output_token);
+ Curl_safefree(digest->user);
+ return CURLE_OUT_OF_MEMORY;
+ }
+ }
+
/* Acquire our credentials handle */
status = s_pSecFn->AcquireCredentialsHandle(NULL,
(TCHAR *) TEXT(SP_NAME_DIGEST),
@@ -623,6 +660,10 @@ void Curl_auth_digest_cleanup(struct digestdata *digest)
s_pSecFn->DeleteSecurityContext(digest->http_context);
Curl_safefree(digest->http_context);
}
+
+ /* Free the copy of user/passwd used to make the identity for http_context */
+ Curl_safefree(digest->user);
+ Curl_safefree(digest->passwd);
}
#endif /* USE_WINDOWS_SSPI && !CURL_DISABLE_CRYPTO_AUTH */