xfnw/plan9fox
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

webfs: include factotum key query in error string for 401/407 Unauthorized status

Browse source
This commit is contained in:
cinap_lenrek 2016-08-08 04:17:41 +02:00
parent 62ad8fc8df
commit 038a615549
1 changed files with 30 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

39
sys/src/cmd/webfs/http.c
View file

@ -348,14 +348,26 @@ hline(Hconn *h, char *data, int len, int cont)
} }
} }
static int
hauthgetkey(char *params)
{
if(debug)
fprint(2, "hauthgetkey %s\n", params);
werrstr("needkey %s", params);
return -1;
}
int int
authenticate(Url *u, Url *ru, char *method, char *s) authenticate(Url *u, Url *ru, char *method, char *s)
{ {
char *user, *pass, *realm, *nonce, *opaque, *x; char oerr[ERRMAX], *user, *pass, *realm, *nonce, *opaque, *x;
Hauth *a; Hauth *a;
Fmt fmt; Fmt fmt;
int n; int n;
snprint(oerr, sizeof(oerr), "authentification failed");
errstr(oerr, sizeof(oerr));
user = u->user; user = u->user;
pass = u->pass; pass = u->pass;
realm = nonce = opaque = nil; realm = nonce = opaque = nil;
@ -375,7 +387,8 @@ authenticate(Url *u, Url *ru, char *method, char *s)
fmtprint(&fmt, " user=%q", user); fmtprint(&fmt, " user=%q", user);
if((s = fmtstrflush(&fmt)) == nil) if((s = fmtstrflush(&fmt)) == nil)
return -1; return -1;
up = auth_getuserpasswd(nil, "proto=pass service=http server=%q%s", u->host, s); up = auth_getuserpasswd(hauthgetkey,
"proto=pass service=http server=%q%s", u->host, s);
free(s); free(s);
if(up == nil) if(up == nil)
return -1; return -1;
@ -418,7 +431,7 @@ authenticate(Url *u, Url *ru, char *method, char *s)
if((s = fmtstrflush(&fmt)) == nil) if((s = fmtstrflush(&fmt)) == nil)
return -1; return -1;
nchal = snprint(chal, sizeof(chal), "%s %s %U", nonce, method, ru); nchal = snprint(chal, sizeof(chal), "%s %s %U", nonce, method, ru);
n = auth_respond(chal, nchal, ouser, sizeof ouser, resp, sizeof resp, nil, n = auth_respond(chal, nchal, ouser, sizeof ouser, resp, sizeof resp, hauthgetkey,
"proto=httpdigest role=client server=%q%s", u->host, s); "proto=httpdigest role=client server=%q%s", u->host, s);
memset(chal, 0, sizeof(chal)); memset(chal, 0, sizeof(chal));
free(s); free(s);
@ -445,6 +458,7 @@ authenticate(Url *u, Url *ru, char *method, char *s)
free(s); free(s);
return -1; return -1;
} }
a = emalloc(sizeof(*a)); a = emalloc(sizeof(*a));
a->url = u; a->url = u;
a->auth = s; a->auth = s;
@ -453,6 +467,7 @@ authenticate(Url *u, Url *ru, char *method, char *s)
hauth = a; hauth = a;
qunlock(&authlk); qunlock(&authlk);
errstr(oerr, sizeof(oerr));
return 0; return 0;
} }
@ -847,22 +862,28 @@ http(char *m, Url *u, Key *shdr, Buq *qbody, Buq *qpost)
goto Error; goto Error;
freeurl(u); freeurl(u);
u = nu; u = nu;
if(0){ if(0){
case 401: /* Unauthorized */ case 401: /* Unauthorized */
if(x = lookkey(shdr, "Authorization")) if(x = lookkey(shdr, "Authorization"))
flushauth(nil, x); flushauth(nil, x);
if(hauthenticate(u, &ru, method, "WWW-Authenticate", rhdr) < 0) if(hauthenticate(u, &ru, method, "WWW-Authenticate", rhdr) < 0){
goto Error; Autherror:
h->cancel = 1;
snprint(buf, sizeof(buf), "%s %r", status);
buclose(qbody, buf);
buclose(qpost, buf);
break;
} }
if(0){ }
if(0){
case 407: /* Proxy Auth */ case 407: /* Proxy Auth */
if(proxy == nil) if(proxy == nil)
goto Error; goto Error;
if(x = lookkey(shdr, "Proxy-Authorization")) if(x = lookkey(shdr, "Proxy-Authorization"))
flushauth(proxy, x); flushauth(proxy, x);
if(hauthenticate(proxy, proxy, method, "Proxy-Authenticate", rhdr) < 0) if(hauthenticate(proxy, proxy, method, "Proxy-Authenticate", rhdr) < 0)
goto Error; goto Autherror;
} }
case 0: /* No status */ case 0: /* No status */
if(qpost && fd < 0){ if(qpost && fd < 0){
if(i > 0) if(i > 0)