changeset 22923:4007d1a39da5

Patch from Will Hawkins to fix SIMPLE authentication on some servers. Fixes #4890.
author Daniel Atallah <daniel.atallah@gmail.com>
date Tue, 13 May 2008 18:55:06 +0000
parents f05da3bc20d9
children 4fa01df51fec
files libpurple/protocols/simple/simple.c
diffstat 1 files changed, 38 insertions(+), 22 deletions(-) [+]
line wrap: on
line diff
--- a/libpurple/protocols/simple/simple.c	Tue May 13 14:24:43 2008 +0000
+++ b/libpurple/protocols/simple/simple.c	Tue May 13 18:55:06 2008 +0000
@@ -309,6 +309,12 @@
 	char *retval = NULL;
 	int len = strlen(attrname);
 
+	/* we know that source is NULL-terminated.
+	 * Therefore this loop won't be infinite.
+	 */
+	while (source[0] == ' ')
+ 		source++;
+
 	if(!strncmp(source, attrname, len)) {
 		tmp = source + len;
 		tmp2 = g_strstr_len(tmp, strlen(tmp), "\"");
@@ -341,7 +347,7 @@
 	if(!g_ascii_strncasecmp(hdr, "NTLM", 4)) {
 		purple_debug_info("simple", "found NTLM\n");
 		auth->type = 2;
-		parts = g_strsplit(hdr+5, "\", ", 0);
+		parts = g_strsplit(hdr+5, "\",", 0);
 		i = 0;
 		while(parts[i]) {
 			purple_debug_info("simple", "parts[i] %s\n", parts[i]);
@@ -368,30 +374,40 @@
 			auth->nc = 1;
 		} else {
 			auth->nc = 3;
-                }
+		}
+
 		return;
+	} else if(!g_ascii_strncasecmp(hdr, "DIGEST", 6)) {
+
+		purple_debug_info("simple", "found DIGEST\n");
+
+		auth->type = 1;
+		parts = g_strsplit(hdr+7, ",", 0);
+		while(parts[i]) {
+			if((tmp = parse_attribute("nonce=\"", parts[i]))) {
+				auth->nonce = tmp;
+			}
+			else if((tmp = parse_attribute("realm=\"", parts[i]))) {
+				auth->realm = tmp;
+			}
+			i++;
+		}
+		g_strfreev(parts);
+		purple_debug(PURPLE_DEBUG_MISC, "simple", "nonce: %s realm: %s\n",
+					 auth->nonce ? auth->nonce : "(null)",
+					 auth->realm ? auth->realm : "(null)"); 
+
+		if(auth->realm) {
+			auth->digest_session_key = purple_cipher_http_digest_calculate_session_key(
+				"md5", authuser, auth->realm, sip->password, auth->nonce, NULL);
+
+			auth->nc = 1;
+		}
+
+	} else {
+		purple_debug_error("simple", "Unsupported or bad WWW-Authenticate header (%s).\n", hdr);
 	}
 
-	auth->type = 1;
-	parts = g_strsplit(hdr, " ", 0);
-	while(parts[i]) {
-		if((tmp = parse_attribute("nonce=\"", parts[i]))) {
-			auth->nonce = tmp;
-		}
-		else if((tmp = parse_attribute("realm=\"", parts[i]))) {
-			auth->realm = tmp;
-		}
-		i++;
-	}
-	g_strfreev(parts);
-
-	purple_debug(PURPLE_DEBUG_MISC, "simple", "nonce: %s realm: %s\n", auth->nonce ? auth->nonce : "(null)", auth->realm ? auth->realm : "(null)");
-	if(auth->realm) {
-		auth->digest_session_key = purple_cipher_http_digest_calculate_session_key(
-				"md5", authuser, auth->realm, sip->password, auth->nonce, NULL);
-
-		auth->nc = 1;
-	}
 }
 
 static void simple_canwrite_cb(gpointer data, gint source, PurpleInputCondition cond) {