summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFrédéric Brière <fbriere@fbriere.net>2019-09-21 11:24:11 -0400
committerFrédéric Brière <fbriere@fbriere.net>2019-09-21 11:35:40 -0400
commited606e1323ca7243308237256e80c3a9cb500874 (patch)
tree281c386b421f527817a9205d062c9370e380816b
parent05082ae12051821b1d969e6672d9e4e5afe1bc07 (diff)
downloadtwinkle-ed606e1323ca7243308237256e80c3a9cb500874.tar
twinkle-ed606e1323ca7243308237256e80c3a9cb500874.tar.gz
twinkle-ed606e1323ca7243308237256e80c3a9cb500874.tar.lz
twinkle-ed606e1323ca7243308237256e80c3a9cb500874.tar.xz
twinkle-ed606e1323ca7243308237256e80c3a9cb500874.zip
Support multiple WWW-Authenticate/Proxy-Authenticate headers
The server may send multiple WWW-Authenticate/Proxy-Authenticate headers, with different digest algorithms, in decreasing order of preference. We must therefore avoid overwriting any supported challenge once we've got a hold of one. Closes #162
-rw-r--r--src/parser/hdr_www_authenticate.cpp13
1 files changed, 13 insertions, 0 deletions
diff --git a/src/parser/hdr_www_authenticate.cpp b/src/parser/hdr_www_authenticate.cpp
index ae87e99..2deb787 100644
--- a/src/parser/hdr_www_authenticate.cpp
+++ b/src/parser/hdr_www_authenticate.cpp
@@ -17,10 +17,23 @@
#include "hdr_www_authenticate.h"
#include "definitions.h"
+#include "util.h"
t_hdr_www_authenticate::t_hdr_www_authenticate() : t_header("WWW-Authenticate") {}
void t_hdr_www_authenticate::set_challenge(const t_challenge &c) {
+ // The server may send multiple WWW-Authenticate/Proxy-Authenticate
+ // headers, with different digest algorithms, in decreasing order of
+ // preference. We must therefore avoid overwriting any supported
+ // challenge once we've got a hold of one. (We don't simply ignore
+ // all unsupported challenges, however, just in case the server forgot
+ // to include a Digest challenge.)
+ if (populated) {
+ // Don't overwrite the previous challenge if it was supported
+ if (cmp_nocase(challenge.auth_scheme, AUTH_DIGEST) == 0) {
+ return;
+ }
+ }
populated = true;
challenge = c;
}