[w3m-dev 04064] authentication

closes: Bug#:244029: w3m: HTTP basic authentication annoyance * fm.h (auth_cookie): deleted * proto.h (find_auth_cookie): deleted (add_auth_cookie): deleted (add_auth_user_passwd): added (invalidate_auth_user_passwd): added * etc.c (auth_pass): add bad flag delete file (dir_under): deleted (add_auth_pass_entry): add override flag no need to check file (find_auth_pass_entry): delete file check bad flag check uname (find_auth_user_passwd): find by pu->user (add_auth_user_passwd): added (invalidate_auth_user_passwd): added (parsePasswd): add no override ignore file (find_auth): deleted (find_auth_cookie): deleted (dump_auth_cookie): deleted (add_auth_cookie): deleted * file.c (getAuthCookie): add *uname, *pwd rewrite (loadGeneralFile): delete ss, add uname, pwd use add_auth_user_passwd instead of add_auth_cookie * url.c (HTTPrequest): don't authorization here it should be done in getAuthCookie in loadGeneralFile through extra_header * ftp.c (openFTPStream): add uname use find_auth_user_passwd instead of find_auth_cookie use add_auth_user_passwd instead of add_auth_cookie
author: Fumitoshi UKAI <ukai@debian.or.jp> 2004-04-16 18:47:18 +0000
committer: Fumitoshi UKAI <ukai@debian.or.jp> 2004-04-16 18:47:18 +0000
commit: d02cc0c7de1154894ded7a4861bfea9790935cd2 (patch)
tree: 6e59dd7eaf9a69c70d3bdb183bd686d14fcd8a28 /file.c
parent: [w3m-dev 04063] about Makefile (diff)
download: w3m-d02cc0c7de1154894ded7a4861bfea9790935cd2.tar.gz
w3m-d02cc0c7de1154894ded7a4861bfea9790935cd2.zip
1 files changed, 79 insertions, 71 deletions
diff --git a/file.c b/file.c
index 69f8eeb..18346e9 100644
--- a/file.c
+++ b/file.c
@@ -1,4 +1,4 @@
-/* $Id: file.c,v 1.234 2003/12/08 16:08:01 ukai Exp $ */
+/* $Id: file.c,v 1.235 2004/04/16 18:47:19 ukai Exp $ */
 #include "fm.h"
 #include <sys/types.h>
 #include "myctype.h"
@@ -1388,22 +1388,26 @@ findAuthentication(struct http_auth *hauth, Buffer *buf, char *auth_field)
     return hauth->scheme ? hauth : NULL;
 }
 
-static Str
+static void
 getAuthCookie(struct http_auth *hauth, char *auth_header,
 	      TextList *extra_header, ParsedURL *pu, HRequest *hr,
-	      FormList *request)
+	      FormList *request,
+	      volatile Str *uname, volatile Str *pwd)
 {
     Str ss = NULL;
-    Str uname, pwd;
     Str tmp;
     TextListItem *i;
     int a_found;
     int auth_header_len = strlen(auth_header);
     char *realm = NULL;
+    int proxy;
 
     if (hauth)
 	realm = qstr_unquote(get_auth_param(hauth->param, "realm"))->ptr;
 
+    if (!realm)
+	return;
+
     a_found = FALSE;
     for (i = extra_header->first; i != NULL; i = i->next) {
 	if (!strncasecmp(i->ptr, auth_header, auth_header_len)) {
@@ -1411,9 +1415,9 @@ getAuthCookie(struct http_auth *hauth, char *auth_header,
 	    break;
 	}
     }
+    proxy = !strncasecmp("Proxy-Authorization:", auth_header,
+			 auth_header_len);
     if (a_found) {
-	if (!realm)
-	    return NULL;
 	/* This means that *-Authenticate: header is received after
 	 * Authorization: header is sent to the server. 
 	 */
@@ -1424,79 +1428,81 @@ getAuthCookie(struct http_auth *hauth, char *auth_header,
 	else
 	    fprintf(stderr, "Wrong username or password\n");
 	sleep(1);
-	ss = NULL;
 	/* delete Authenticate: header from extra_header */
 	delText(extra_header, i);
-
+	invalidate_auth_user_passwd(pu, realm, *uname, *pwd, proxy);
     }
-    if (realm && ss == NULL) {
-	int proxy = !strncasecmp("Proxy-Authorization:", auth_header,
-				 auth_header_len);
+    *uname = NULL;
+    *pwd = NULL;
 
-	if (!a_found && find_auth_user_passwd(pu, realm, &uname, &pwd, proxy)) {
-	    /* found username & password in passwd file */ ;
+    if (!a_found && find_auth_user_passwd(pu, realm, (Str*)uname, (Str*)pwd, 
+					  proxy)) {
+	/* found username & password in passwd file */ ;
+    }
+    else {
+	if (QuietMessage)
+	    return;
+	/* input username and password */
+	sleep(2);
+	if (fmInitialized) {
+	    char *pp;
+	    term_raw();
+	    /* FIXME: gettextize? */
+	    if ((pp = inputStr(Sprintf("Username for %s: ", realm)->ptr,
+			       NULL)) == NULL)
+		return;
+	    *uname = Str_conv_to_system(Strnew_charp(pp));
+	    if ((pp = inputLine(Sprintf("Password for %s: ", realm)->ptr, NULL,
+				IN_PASSWORD)) == NULL) {
+		*uname = NULL;
+		return;
+	    }
+	    *pwd = Str_conv_to_system(Strnew_charp(pp));
+	    term_cbreak();
 	}
 	else {
-	    if (QuietMessage)
-		return ss;
-	    /* input username and password */
-	    sleep(2);
-	    if (fmInitialized) {
-		char *pp;
-		term_raw();
+	    /*
+	     * If post file is specified as '-', stdin is closed at this
+	     * point.
+	     * In this case, w3m cannot read username from stdin.
+	     * So exit with error message.
+	     * (This is same behavior as lwp-request.)
+	     */
+	    if (feof(stdin) || ferror(stdin)) {
 		/* FIXME: gettextize? */
-		if ((pp =
-		     inputStr(Sprintf("Username for %s: ", realm)->ptr,
-			      NULL)) == NULL)
-		    return NULL;
-		uname = Str_conv_to_system(Strnew_charp(pp));
-		if ((pp =
-		     inputLine(Sprintf("Password for %s: ", realm)->ptr, NULL,
-			       IN_PASSWORD)) == NULL)
-		    return NULL;
-		pwd = Str_conv_to_system(Strnew_charp(pp));
-		term_cbreak();
+		fprintf(stderr, "w3m: Authorization required for %s\n",
+			realm);
+		exit(1);
 	    }
-	    else {
-		/*
-		 * If post file is specified as '-', stdin is closed at this
-		 * point.
-		 * In this case, w3m cannot read username from stdin.
-		 * So exit with error message.
-		 * (This is same behavior as lwp-request.)
-		 */
-		if (feof(stdin) || ferror(stdin)) {
-		    /* FIXME: gettextize? */
-		    fprintf(stderr, "w3m: Authorization required for %s\n",
-			    realm);
-		    exit(1);
-		}
-
-		/* FIXME: gettextize? */
-		printf(proxy ? "Proxy Username for %s: " : "Username for %s: ",
-		       realm);
-		fflush(stdout);
-		uname = Strfgets(stdin);
-		Strchop(uname);
+	    
+	    /* FIXME: gettextize? */
+	    printf(proxy ? "Proxy Username for %s: " : "Username for %s: ",
+		   realm);
+	    fflush(stdout);
+	    *uname = Strfgets(stdin);
+	    Strchop(*uname);
 #ifdef HAVE_GETPASSPHRASE
-		pwd = Strnew_charp((char *)
-				   getpassphrase(proxy ? "Proxy Password: " :
-						 "Password: "));
+	    *pwd = Strnew_charp((char *)
+				getpassphrase(proxy ? "Proxy Password: " :
+					      "Password: "));
 #else
-		pwd = Strnew_charp((char *)
-				   getpass(proxy ? "Proxy Password: " :
-					   "Password: "));
+	    *pwd = Strnew_charp((char *)
+				getpass(proxy ? "Proxy Password: " :
+					"Password: "));
 #endif
-	    }
 	}
-	ss = hauth->cred(hauth, uname, pwd, pu, hr, request);
     }
+    ss = hauth->cred(hauth, *uname, *pwd, pu, hr, request);
     if (ss) {
 	tmp = Strnew_charp(auth_header);
 	Strcat_m_charp(tmp, " ", ss->ptr, "\r\n", NULL);
 	pushText(extra_header, tmp->ptr);
     }
-    return ss;
+    else {
+	*uname = NULL;
+	*pwd = NULL;
+    }
+    return;
 }
 
 static int
@@ -1566,7 +1572,8 @@ loadGeneralFile(char *path, ParsedURL *volatile current, char *referer,
     int volatile searchHeader_through = TRUE;
     MySignalHandler(*volatile prevtrap) (SIGNAL_ARG) = NULL;
     TextList *extra_header = newTextList();
-    volatile Str ss = NULL;
+    volatile Str uname = NULL;
+    volatile Str pwd = NULL;
     volatile Str realm = NULL;
     int volatile add_auth_cookie_flag;
     unsigned char status = HTST_NORMAL;
@@ -1735,10 +1742,10 @@ loadGeneralFile(char *path, ParsedURL *volatile current, char *referer,
 	}
 	if (t == NULL)
 	    t = "text/plain";
-	if (add_auth_cookie_flag && realm && ss) {
+	if (add_auth_cookie_flag && realm && uname && pwd) {
 	    /* If authorization is required and passed */
-	    add_auth_cookie(auth_pu->host, auth_pu->port, auth_pu->file,
-			    qstr_unquote(realm)->ptr, ss);
+	    add_auth_user_passwd(&pu, qstr_unquote(realm)->ptr, uname, pwd, 
+				  0);
 	    add_auth_cookie_flag = 0;
 	}
 	if ((p = checkHeader(t_buf, "WWW-Authenticate:")) != NULL &&
@@ -1748,9 +1755,9 @@ loadGeneralFile(char *path, ParsedURL *volatile current, char *referer,
 	    if (findAuthentication(&hauth, t_buf, "WWW-Authenticate:") != NULL
 		&& (realm = get_auth_param(hauth.param, "realm")) != NULL) {
 		auth_pu = &pu;
-		ss = getAuthCookie(&hauth, "Authorization:", extra_header,
-				   auth_pu, &hr, request);
-		if (ss == NULL) {
+		getAuthCookie(&hauth, "Authorization:", extra_header,
+			      auth_pu, &hr, request, &uname, &pwd);
+		if (uname == NULL) {
 		    /* abort */
 		    TRAP_OFF;
 		    goto page_loaded;
@@ -1769,9 +1776,10 @@ loadGeneralFile(char *path, ParsedURL *volatile current, char *referer,
 		!= NULL
 		&& (realm = get_auth_param(hauth.param, "realm")) != NULL) {
 		auth_pu = schemeToProxy(pu.scheme);
-		ss = getAuthCookie(&hauth, "Proxy-Authorization:",
-				   extra_header, auth_pu, &hr, request);
-		if (ss == NULL) {
+		getAuthCookie(&hauth, "Proxy-Authorization:",
+			      extra_header, auth_pu, &hr, request, 
+			      &uname, &pwd);
+		if (uname == NULL) {
 		    /* abort */
 		    TRAP_OFF;
 		    goto page_loaded;
author	Fumitoshi UKAI <ukai@debian.or.jp>	2004-04-16 18:47:18 +0000
committer	Fumitoshi UKAI <ukai@debian.or.jp>	2004-04-16 18:47:18 +0000
commit	d02cc0c7de1154894ded7a4861bfea9790935cd2 (patch)
tree	6e59dd7eaf9a69c70d3bdb183bd686d14fcd8a28 /file.c
parent	[w3m-dev 04063] about Makefile (diff)
download	w3m-d02cc0c7de1154894ded7a4861bfea9790935cd2.tar.gz w3m-d02cc0c7de1154894ded7a4861bfea9790935cd2.zip