generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

sspi: Minor code tidy up to standardise coding style

Browse Source 
Following the recent changes and in attempt to align the SSPI based
authentication code performed the following:

* Use NULL and SECBUFFVERSION rather than hard coded constants.
* Avoid comparison of zero in if statements.
* Standardised the buf and desc setup code.
This commit is contained in:
Steve Holme 2014-08-08 22:39:19 +01:00
parent cda4aaba4d
commit b91e97eabd
2 changed files with 17 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/curl_ntlm_msgs.c
View File

@ -469,9 +469,9 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
type_1_desc.ulVersion = SECBUFFER_VERSION; type_1_desc.ulVersion = SECBUFFER_VERSION;
type_1_desc.cBuffers = 1; type_1_desc.cBuffers = 1;
type_1_desc.pBuffers = &type_1_buf; type_1_desc.pBuffers = &type_1_buf;
type_1_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length);
type_1_buf.BufferType = SECBUFFER_TOKEN; type_1_buf.BufferType = SECBUFFER_TOKEN;
type_1_buf.pvBuffer = ntlm->output_token; type_1_buf.pvBuffer = ntlm->output_token;
type_1_buf.cbBuffer = curlx_uztoul(ntlm->max_token_length);
/* Generate our type-1 message */ /* Generate our type-1 message */
status = s_pSecFn->InitializeSecurityContext(&ntlm->handle, NULL, status = s_pSecFn->InitializeSecurityContext(&ntlm->handle, NULL,

37
lib/http_negotiate_sspi.c
View File

@ -68,7 +68,7 @@ get_gss_name(struct connectdata *conn, bool proxy,
int Curl_input_negotiate(struct connectdata *conn, bool proxy, int Curl_input_negotiate(struct connectdata *conn, bool proxy,
const char *header) const char *header)
{ {
BYTE *input_token = 0; BYTE *input_token = NULL;
SecBufferDesc out_buff_desc; SecBufferDesc out_buff_desc;
SecBuffer out_sec_buff; SecBuffer out_sec_buff;
SecBufferDesc in_buff_desc; SecBufferDesc in_buff_desc;
@ -113,7 +113,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
return -1; return -1;
} }
if(0 == strlen(neg_ctx->server_name)) { if(!strlen(neg_ctx->server_name)) {
ret = get_gss_name(conn, proxy, neg_ctx); ret = get_gss_name(conn, proxy, neg_ctx);
if(ret) if(ret)
return ret; return ret;
@ -181,42 +181,41 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
error = Curl_base64_decode(header, error = Curl_base64_decode(header,
(unsigned char **)&input_token, (unsigned char **)&input_token,
&input_token_len); &input_token_len);
if(error || input_token_len == 0) if(error || !input_token_len)
return -1; return -1;
} }
/* prepare the output buffers, and input buffers if present */ /* Setup the "output" security buffer */
out_buff_desc.ulVersion = 0; out_buff_desc.ulVersion = SECBUFFER_VERSION;
out_buff_desc.cBuffers = 1; out_buff_desc.cBuffers = 1;
out_buff_desc.pBuffers = &out_sec_buff; out_buff_desc.pBuffers = &out_sec_buff;
out_sec_buff.cbBuffer = curlx_uztoul(neg_ctx->max_token_length);
out_sec_buff.BufferType = SECBUFFER_TOKEN; out_sec_buff.BufferType = SECBUFFER_TOKEN;
out_sec_buff.pvBuffer = neg_ctx->output_token; out_sec_buff.pvBuffer = neg_ctx->output_token;
out_sec_buff.cbBuffer = curlx_uztoul(neg_ctx->max_token_length);
/* Setup the "input" security buffer if present */
if(input_token) { if(input_token) {
in_buff_desc.ulVersion = 0; in_buff_desc.ulVersion = SECBUFFER_VERSION;
in_buff_desc.cBuffers = 1; in_buff_desc.cBuffers = 1;
in_buff_desc.pBuffers = &in_sec_buff; in_buff_desc.pBuffers = &in_sec_buff;
in_sec_buff.cbBuffer = curlx_uztoul(input_token_len);
in_sec_buff.BufferType = SECBUFFER_TOKEN; in_sec_buff.BufferType = SECBUFFER_TOKEN;
in_sec_buff.pvBuffer = input_token; in_sec_buff.pvBuffer = input_token;
in_sec_buff.cbBuffer = curlx_uztoul(input_token_len);
} }
sname = Curl_convert_UTF8_to_tchar(neg_ctx->server_name); sname = Curl_convert_UTF8_to_tchar(neg_ctx->server_name);
if(!sname) if(!sname)
return CURLE_OUT_OF_MEMORY; return CURLE_OUT_OF_MEMORY;
/* Generate our message */
neg_ctx->status = s_pSecFn->InitializeSecurityContext( neg_ctx->status = s_pSecFn->InitializeSecurityContext(
neg_ctx->credentials, neg_ctx->credentials,
input_token ? neg_ctx->context : 0, input_token ? neg_ctx->context : NULL,
sname, sname,
ISC_REQ_CONFIDENTIALITY, ISC_REQ_CONFIDENTIALITY,
0, 0,
SECURITY_NATIVE_DREP, SECURITY_NATIVE_DREP,
input_token ? &in_buff_desc : 0, input_token ? &in_buff_desc : NULL,
0, 0,
neg_ctx->context, neg_ctx->context,
&out_buff_desc, &out_buff_desc,
@ -259,7 +258,7 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
if(error) if(error)
return error; return error;
if(len == 0) if(!len)
return CURLE_REMOTE_ACCESS_DENIED; return CURLE_REMOTE_ACCESS_DENIED;
userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "", userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "",
@ -282,21 +281,17 @@ static void cleanup(struct negotiatedata *neg_ctx)
if(neg_ctx->context) { if(neg_ctx->context) {
s_pSecFn->DeleteSecurityContext(neg_ctx->context); s_pSecFn->DeleteSecurityContext(neg_ctx->context);
free(neg_ctx->context); free(neg_ctx->context);
neg_ctx->context = 0; neg_ctx->context = NULL;
} }
if(neg_ctx->credentials) { if(neg_ctx->credentials) {
s_pSecFn->FreeCredentialsHandle(neg_ctx->credentials); s_pSecFn->FreeCredentialsHandle(neg_ctx->credentials);
free(neg_ctx->credentials); free(neg_ctx->credentials);
neg_ctx->credentials = 0; neg_ctx->credentials = NULL;
}
if(neg_ctx->output_token) {
free(neg_ctx->output_token);
neg_ctx->output_token = 0;
} }
neg_ctx->max_token_length = 0; neg_ctx->max_token_length = 0;
Curl_safefree(neg_ctx->output_token);
Curl_sspi_free_identity(neg_ctx->p_identity); Curl_sspi_free_identity(neg_ctx->p_identity);
neg_ctx->p_identity = NULL; neg_ctx->p_identity = NULL;