libsoup r1113 - in trunk: . libsoup tests
- From: danw svn gnome org
- To: svn-commits-list gnome org
- Subject: libsoup r1113 - in trunk: . libsoup tests
- Date: Wed, 19 Mar 2008 18:58:08 +0000 (GMT)
Author: danw
Date: Wed Mar 19 18:58:08 2008
New Revision: 1113
URL: http://svn.gnome.org/viewvc/libsoup?rev=1113&view=rev
Log:
* libsoup/soup-auth.c (soup_auth_new): compare WWW-Authenticate
auth schemes case-insensitively.
* libsoup/soup-auth-digest.c (update): allow Digest
WWW-Authenticate header with no "qop" option. (The original RFC
2069 style of Digest auth.)
(soup_auth_digest_parse_qop): this returns a bitfield, so don't
return -1 if there are no recognized values.
* tests/httpd.conf.in: use "AuthDigestQop none" in /Digest/realm3
so we test that
Fixes #498484 (Digest auth against Apple's Calendar Server).
Modified:
trunk/ChangeLog
trunk/libsoup/soup-auth-digest.c
trunk/libsoup/soup-auth.c
trunk/tests/httpd.conf.in
Modified: trunk/libsoup/soup-auth-digest.c
==============================================================================
--- trunk/libsoup/soup-auth-digest.c (original)
+++ trunk/libsoup/soup-auth-digest.c Wed Mar 19 18:58:08 2008
@@ -125,18 +125,16 @@
GSList *qop_values, *iter;
SoupAuthDigestQop out = 0;
- if (qop) {
- qop_values = soup_header_parse_list (qop);
- for (iter = qop_values; iter; iter = iter->next) {
- if (!g_ascii_strcasecmp (iter->data, "auth"))
- out |= SOUP_AUTH_DIGEST_QOP_AUTH;
- else if (!g_ascii_strcasecmp (iter->data, "auth-int"))
- out |= SOUP_AUTH_DIGEST_QOP_AUTH_INT;
- else
- out = -1;
- }
- soup_header_free_list (qop_values);
+ g_return_val_if_fail (qop != NULL, 0);
+
+ qop_values = soup_header_parse_list (qop);
+ for (iter = qop_values; iter; iter = iter->next) {
+ if (!g_ascii_strcasecmp (iter->data, "auth"))
+ out |= SOUP_AUTH_DIGEST_QOP_AUTH;
+ else if (!g_ascii_strcasecmp (iter->data, "auth-int"))
+ out |= SOUP_AUTH_DIGEST_QOP_AUTH_INT;
}
+ soup_header_free_list (qop_values);
return out;
}
@@ -162,7 +160,7 @@
update (SoupAuth *auth, SoupMessage *msg, GHashTable *auth_params)
{
SoupAuthDigestPrivate *priv = SOUP_AUTH_DIGEST_GET_PRIVATE (auth);
- const char *stale;
+ const char *stale, *qop;
guint qop_options;
gboolean ok = TRUE;
@@ -176,11 +174,15 @@
priv->nonce = g_strdup (g_hash_table_lookup (auth_params, "nonce"));
priv->opaque = g_strdup (g_hash_table_lookup (auth_params, "opaque"));
- qop_options = soup_auth_digest_parse_qop (g_hash_table_lookup (auth_params, "qop"));
- /* We're just going to do qop=auth for now */
- if (qop_options == -1 || !(qop_options & SOUP_AUTH_DIGEST_QOP_AUTH))
- ok = FALSE;
- priv->qop = SOUP_AUTH_DIGEST_QOP_AUTH;
+ qop = g_hash_table_lookup (auth_params, "qop");
+ if (qop) {
+ qop_options = soup_auth_digest_parse_qop (qop);
+ /* We only support auth */
+ if (!(qop_options & SOUP_AUTH_DIGEST_QOP_AUTH))
+ ok = FALSE;
+ priv->qop = qop_options;
+ } else
+ priv->qop = 0;
priv->algorithm = soup_auth_digest_parse_algorithm (g_hash_table_lookup (auth_params, "algorithm"));
if (priv->algorithm == -1)
Modified: trunk/libsoup/soup-auth.c
==============================================================================
--- trunk/libsoup/soup-auth.c (original)
+++ trunk/libsoup/soup-auth.c Wed Mar 19 18:58:08 2008
@@ -212,7 +212,7 @@
NULL);
scheme = soup_auth_get_scheme_name (auth);
- if (strncmp (auth_header, scheme, strlen (scheme)) != 0) {
+ if (g_ascii_strncasecmp (auth_header, scheme, strlen (scheme)) != 0) {
g_object_unref (auth);
return NULL;
}
Modified: trunk/tests/httpd.conf.in
==============================================================================
--- trunk/tests/httpd.conf.in (original)
+++ trunk/tests/httpd.conf.in Wed Mar 19 18:58:08 2008
@@ -279,4 +279,6 @@
AuthUserFile @srcdir@/htdigest
AuthDigestDomain /Digest/realm3
Require valid-user
+ # test RFC2069-style Digest
+ AuthDigestQop none
</Location>
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]