libsoup r1113 - in trunk: . libsoup tests

[danw svn gnome org]

Author: danw
Date: Wed Mar 19 18:58:08 2008
New Revision: 1113
URL: http://svn.gnome.org/viewvc/libsoup?rev=1113&view=rev

Log:
	* libsoup/soup-auth.c (soup_auth_new): compare WWW-Authenticate
	auth schemes case-insensitively.

	* libsoup/soup-auth-digest.c (update): allow Digest
	WWW-Authenticate header with no "qop" option. (The original RFC
	2069 style of Digest auth.)
	(soup_auth_digest_parse_qop): this returns a bitfield, so don't
	return -1 if there are no recognized values.

	* tests/httpd.conf.in: use "AuthDigestQop none" in /Digest/realm3
	so we test that

	Fixes #498484 (Digest auth against Apple's Calendar Server).


Modified:
   trunk/ChangeLog
   trunk/libsoup/soup-auth-digest.c
   trunk/libsoup/soup-auth.c
   trunk/tests/httpd.conf.in

Modified: trunk/libsoup/soup-auth-digest.c
==============================================================================
--- trunk/libsoup/soup-auth-digest.c	(original)
+++ trunk/libsoup/soup-auth-digest.c	Wed Mar 19 18:58:08 2008
@@ -125,18 +125,16 @@
 	GSList *qop_values, *iter;
 	SoupAuthDigestQop out = 0;
 
-	if (qop) {
-		qop_values = soup_header_parse_list (qop);
-		for (iter = qop_values; iter; iter = iter->next) {
-			if (!g_ascii_strcasecmp (iter->data, "auth"))
-				out |= SOUP_AUTH_DIGEST_QOP_AUTH;
-			else if (!g_ascii_strcasecmp (iter->data, "auth-int"))
-				out |= SOUP_AUTH_DIGEST_QOP_AUTH_INT;
-			else
-				out = -1;
-		}
-		soup_header_free_list (qop_values);
+	g_return_val_if_fail (qop != NULL, 0);
+
+	qop_values = soup_header_parse_list (qop);
+	for (iter = qop_values; iter; iter = iter->next) {
+		if (!g_ascii_strcasecmp (iter->data, "auth"))
+			out |= SOUP_AUTH_DIGEST_QOP_AUTH;
+		else if (!g_ascii_strcasecmp (iter->data, "auth-int"))
+			out |= SOUP_AUTH_DIGEST_QOP_AUTH_INT;
 	}
+	soup_header_free_list (qop_values);
 
 	return out;
 }
@@ -162,7 +160,7 @@
 update (SoupAuth *auth, SoupMessage *msg, GHashTable *auth_params)
 {
 	SoupAuthDigestPrivate *priv = SOUP_AUTH_DIGEST_GET_PRIVATE (auth);
-	const char *stale;
+	const char *stale, *qop;
 	guint qop_options;
 	gboolean ok = TRUE;
 
@@ -176,11 +174,15 @@
 	priv->nonce = g_strdup (g_hash_table_lookup (auth_params, "nonce"));
 	priv->opaque = g_strdup (g_hash_table_lookup (auth_params, "opaque"));
 
-	qop_options = soup_auth_digest_parse_qop (g_hash_table_lookup (auth_params, "qop"));
-	/* We're just going to do qop=auth for now */
-	if (qop_options == -1 || !(qop_options & SOUP_AUTH_DIGEST_QOP_AUTH))
-		ok = FALSE;
-	priv->qop = SOUP_AUTH_DIGEST_QOP_AUTH;
+	qop = g_hash_table_lookup (auth_params, "qop");
+	if (qop) {
+		qop_options = soup_auth_digest_parse_qop (qop);
+		/* We only support auth */
+		if (!(qop_options & SOUP_AUTH_DIGEST_QOP_AUTH))
+			ok = FALSE;
+		priv->qop = qop_options;
+	} else
+		priv->qop = 0;
 
 	priv->algorithm = soup_auth_digest_parse_algorithm (g_hash_table_lookup (auth_params, "algorithm"));
 	if (priv->algorithm == -1)

Modified: trunk/libsoup/soup-auth.c
==============================================================================
--- trunk/libsoup/soup-auth.c	(original)
+++ trunk/libsoup/soup-auth.c	Wed Mar 19 18:58:08 2008
@@ -212,7 +212,7 @@
 			     NULL);
 
 	scheme = soup_auth_get_scheme_name (auth);
-	if (strncmp (auth_header, scheme, strlen (scheme)) != 0) {
+	if (g_ascii_strncasecmp (auth_header, scheme, strlen (scheme)) != 0) {
 		g_object_unref (auth);
 		return NULL;
 	}

Modified: trunk/tests/httpd.conf.in
==============================================================================
--- trunk/tests/httpd.conf.in	(original)
+++ trunk/tests/httpd.conf.in	Wed Mar 19 18:58:08 2008
@@ -279,4 +279,6 @@
   AuthUserFile @srcdir@/htdigest
   AuthDigestDomain /Digest/realm3
   Require valid-user
+  # test RFC2069-style Digest
+  AuthDigestQop none
 </Location>