diff options
| author | Stef Walter <stef@memberwebs.com> | 2006-05-19 15:57:35 +0000 | 
|---|---|---|
| committer | Stef Walter <stef@memberwebs.com> | 2006-05-19 15:57:35 +0000 | 
| commit | 41ecc7c08a82accbbd539e2dfd7abb5c496eda03 (patch) | |
| tree | 55ea180541c9512590c82eb7a265df5c96111a45 /daemon | |
| parent | 9a69e4e83adb5d23a04a03fddfbef37f4850d0d0 (diff) | |
  - Fix problem with NTLM not authenticating POST in IE properly
Diffstat (limited to 'daemon')
| -rw-r--r-- | daemon/ntlm.c | 43 | 
1 files changed, 12 insertions, 31 deletions
| diff --git a/daemon/ntlm.c b/daemon/ntlm.c index 53d960d..bb08995 100644 --- a/daemon/ntlm.c +++ b/daemon/ntlm.c @@ -358,34 +358,11 @@ int ntlm_auth_ntlm(ha_request_t* rq, ntlm_context_t* ctx, void* key,              /*               * If we already have a connection to the domain controller               * then we're in trouble. Basically this is the second -             * type 1 message we've received over this connection. -             * -             * TODO: Eventually what we want to do here is wait for the -             * other authentication request to complete, or something -             * like that. +             * type 1 message we've received over this connection. We allow +             * the second message to authenticate.               */              if(conn) -            { -                /* -                 * In this case we also add the connection back into the -                 * pending stack so that the correct request will complete -                 * properly when it comes through. -                 */ -                r = putpending(ctx, key, conn); -                conn = NULL; - -                if(r < 0) -                { -                    RETURN(HA_CRITERROR); -                } -                else -                { -                    ha_messagex(rq, LOG_ERR, "received out of order NTLM request from client"); -                    rq->resp_code = HA_SERVER_BADREQ; -                    RETURN(HA_FALSE); -                } -            } - +                freeconnection(rq, conn);              /*               * Check how many connections we have to the domain controller @@ -508,13 +485,16 @@ int ntlm_auth_ntlm(ha_request_t* rq, ntlm_context_t* ctx, void* key,              else              {                  int r; -                rq->resp_detail = (const char*)ntlmssp.user; -                ha_messagex(rq, LOG_NOTICE, "validated ntlm user against server", ntlmssp.user); +                char *user = strdup((char*)ntlmssp.user); + +                rq->resp_detail = user; +                rq->resp_code = HA_SERVER_OK; +                ha_messagex(rq, LOG_NOTICE, "validated ntlm user against server: %s", ntlmssp.user);                  ha_lock(NULL);                      /* We put this connection into the successful connections */ -                    r = hsh_set(ctx->established, key, strdup((char*)ntlmssp.user)); +                    r = hsh_set(ctx->established, key, user);                  ha_unlock(NULL); @@ -745,8 +725,9 @@ int ntlm_process(ha_request_t* rq)          }      } -    /* The authorization header was not found */ -    else +    /* The authorization header was not found, try cache (only for GET) */ +    if(!header && rq->req_args[AUTH_ARG_METHOD] && +       strcmp(rq->req_args[AUTH_ARG_METHOD], "GET") == 0)      {          ha_lock(NULL); | 
