GNOME.org
 

[libsoup/wip/tpopela/negotiate] soup-auth-negotiate: Don't fail, but start again if we get negotiate header with no token set

commit 2d294af6610b02c47705fb9661f27b8e596bd13d
Author: Tomas Popela <tpopela redhat com>
Date:   Tue Feb 23 17:12:07 2016 +0100

    soup-auth-negotiate: Don't fail, but start again if we get negotiate header with no token set
    
    The communication with the server:
    
    > GET /reports HTTP/1.1
    > Soup-Debug-Timestamp: 1456244264
    > Soup-Debug: SoupSession 1 (0xb97fe0), SoupMessage 1 (0xfff300), SoupSocket 1 (0xf89900)
    > Host: example.com
    > Accept-Encoding: gzip, deflate
    > User-Agent: get libsoup/2.53.2
    > Accept-Language: en-us, en;q=0.9
    > Connection: Keep-Alive
    
    < HTTP/1.1 401 Authorization Required
    < Soup-Debug-Timestamp: 1456244265
    < Soup-Debug: SoupMessage 1 (0xfff300)
    < Date: Tue, 23 Feb 2016 16:17:44 GMT
    < Server: Apache
    < WWW-Authenticate: Negotiate
    < WWW-Authenticate: Basic realm="Kerberos 5 Login"
    < Vary: Accept-Encoding
    < Content-Encoding: gzip
    < Content-Length: 290
    < Keep-Alive: timeout=15, max=100
    < Connection: Keep-Alive
    < Content-Type: text/html; charset=iso-8859-1
    <
    < <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
    < <html><head>
    < <title>401 Authorization Required</title>
    < </head><body>
    < <h1>Authorization Required</h1>
    < <p>This server could not verify that you
    < are authorized to access the document
    < requested.  Either you supplied the wrong
    < credentials (e.g., bad password), or your
    < browser doesn't understand how to supply
    < the credentials required.</p>
    < </body></html>
    
    > GET /reports HTTP/1.1
    > Soup-Debug-Timestamp: 1456244265
    > Soup-Debug: SoupSession 1 (0xb97fe0), SoupMessage 1 (0xfff300), SoupSocket 1 (0xf89900), restarted
    > Host: example.com
    > Accept-Encoding: gzip, deflate
    > Accept-Language: en-us, en;q=0.9
    > Connection: Keep-Alive
    > User-Agent: get libsoup/2.53.2
    > Authorization: Negotiate token
    
    < HTTP/1.1 302 Found
    < Soup-Debug-Timestamp: 1456244265
    < Soup-Debug: SoupMessage 1 (0xfff300)
    < Date: Tue, 23 Feb 2016 16:17:45 GMT
    < Server: Apache
    < WWW-Authenticate: Negotiate token
    < Location: https://example.com/reports/dashboard
    < Status: 302
    < Vary: Accept-Encoding
    < Content-Encoding: gzip
    < Content-Length: 115
    < Keep-Alive: timeout=15, max=99
    < Connection: Keep-Alive
    < Content-Type: text/html; charset=utf-8
    
    < HTTP/1.1 401 Authorization Required
    < Soup-Debug-Timestamp: 1456244265
    < Soup-Debug: SoupMessage 2 (0xf68c70)
    < Date: Tue, 23 Feb 2016 16:17:45 GMT
    < Server: Apache
    < WWW-Authenticate: Negotiate
    < WWW-Authenticate: Basic realm="Kerberos 5 Login"
    < Vary: Accept-Encoding
    < Content-Encoding: gzip
    < Content-Length: 290
    < Keep-Alive: timeout=15, max=98
    < Connection: Keep-Alive
    < Content-Type: text/html; charset=iso-8859-1
    
    > GET /reports/dashboard HTTP/1.1
    > Soup-Debug-Timestamp: 1456244265
    > Soup-Debug: SoupSession 1 (0xb97fe0), SoupMessage 2 (0xf68c70), SoupSocket 1 (0xf89900), restarted
    > Host: example.com
    > Accept-Encoding: gzip, deflate
    > Accept-Language: en-us, en;q=0.9
    > Connection: Keep-Alive
    > User-Agent: get libsoup/2.53.2
    > Authorization: Negotiate token
    
    < HTTP/1.1 200 OK
    < Soup-Debug-Timestamp: 1456244272
    < Soup-Debug: SoupMessage 2 (0xf68c70)
    < Date: Tue, 23 Feb 2016 16:17:45 GMT
    < Server: Apache
    < WWW-Authenticate: Negotiate token
    < Status: 200
    < Vary: Accept-Encoding
    < Content-Encoding: gzip
    < Content-Length: 9511
    < Keep-Alive: timeout=15, max=97
    < Connection: Keep-Alive
    < Content-Type: text/html; charset=utf-8

 libsoup/soup-auth-negotiate.c |   11 +++++------
 1 files changed, 5 insertions(+), 6 deletions(-)
---
diff --git a/libsoup/soup-auth-negotiate.c b/libsoup/soup-auth-negotiate.c
index 20d1a96..ef721b5 100644
--- a/libsoup/soup-auth-negotiate.c
+++ b/libsoup/soup-auth-negotiate.c
@@ -149,12 +149,11 @@ soup_auth_negotiate_update_connection (SoupConnectionAuth *auth, SoupMessage *ms
 
        /* Found negotiate header with no token, start negotiate */
        if (strcmp (header, "Negotiate") == 0) {
-               if (conn->state > SOUP_NEGOTIATE_RECEIVED_CHALLENGE) {
-                       /* If we were already negotiating and we get a 401
-                        * with no token, that means we failed. */
-                       conn->state = SOUP_NEGOTIATE_FAILED;
-                       return TRUE;
-               }
+               /* If we were already negotiating and we get a 401
+                * with no token, start again. */
+               if (conn->state == SOUP_NEGOTIATE_SENT_RESPONSE)
+                       conn->initialized = FALSE;
+
                conn->state = SOUP_NEGOTIATE_RECEIVED_CHALLENGE;
                if (soup_gss_build_response (conn, SOUP_AUTH (auth), &err)) {
                        /* Register the callbacks just once */
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]