diff options
author | Frédéric Brière <fbriere@fbriere.net> | 2019-09-21 11:24:11 -0400 |
---|---|---|
committer | Frédéric Brière <fbriere@fbriere.net> | 2019-09-21 11:35:40 -0400 |
commit | ed606e1323ca7243308237256e80c3a9cb500874 (patch) | |
tree | 281c386b421f527817a9205d062c9370e380816b | |
parent | 05082ae12051821b1d969e6672d9e4e5afe1bc07 (diff) | |
download | twinkle-ed606e1323ca7243308237256e80c3a9cb500874.tar twinkle-ed606e1323ca7243308237256e80c3a9cb500874.tar.gz twinkle-ed606e1323ca7243308237256e80c3a9cb500874.tar.lz twinkle-ed606e1323ca7243308237256e80c3a9cb500874.tar.xz twinkle-ed606e1323ca7243308237256e80c3a9cb500874.zip |
Support multiple WWW-Authenticate/Proxy-Authenticate headers
The server may send multiple WWW-Authenticate/Proxy-Authenticate
headers, with different digest algorithms, in decreasing order of
preference. We must therefore avoid overwriting any supported challenge
once we've got a hold of one.
Closes #162
-rw-r--r-- | src/parser/hdr_www_authenticate.cpp | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/parser/hdr_www_authenticate.cpp b/src/parser/hdr_www_authenticate.cpp index ae87e99..2deb787 100644 --- a/src/parser/hdr_www_authenticate.cpp +++ b/src/parser/hdr_www_authenticate.cpp @@ -17,10 +17,23 @@ #include "hdr_www_authenticate.h" #include "definitions.h" +#include "util.h" t_hdr_www_authenticate::t_hdr_www_authenticate() : t_header("WWW-Authenticate") {} void t_hdr_www_authenticate::set_challenge(const t_challenge &c) { + // The server may send multiple WWW-Authenticate/Proxy-Authenticate + // headers, with different digest algorithms, in decreasing order of + // preference. We must therefore avoid overwriting any supported + // challenge once we've got a hold of one. (We don't simply ignore + // all unsupported challenges, however, just in case the server forgot + // to include a Digest challenge.) + if (populated) { + // Don't overwrite the previous challenge if it was supported + if (cmp_nocase(challenge.auth_scheme, AUTH_DIGEST) == 0) { + return; + } + } populated = true; challenge = c; } |