| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/http_auth_handler_digest.h" | 5 #include "net/http/http_auth_handler_digest.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/md5.h" | 10 #include "base/md5.h" |
| (...skipping 95 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 106 handler->swap(tmp_handler); | 106 handler->swap(tmp_handler); |
| 107 return OK; | 107 return OK; |
| 108 } | 108 } |
| 109 | 109 |
| 110 HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( | 110 HttpAuth::AuthorizationResult HttpAuthHandlerDigest::HandleAnotherChallenge( |
| 111 HttpAuthChallengeTokenizer* challenge) { | 111 HttpAuthChallengeTokenizer* challenge) { |
| 112 // Even though Digest is not connection based, a "second round" is parsed | 112 // Even though Digest is not connection based, a "second round" is parsed |
| 113 // to differentiate between stale and rejected responses. | 113 // to differentiate between stale and rejected responses. |
| 114 // Note that the state of the current handler is not mutated - this way if | 114 // Note that the state of the current handler is not mutated - this way if |
| 115 // there is a rejection the realm hasn't changed. | 115 // there is a rejection the realm hasn't changed. |
| 116 if (!base::LowerCaseEqualsASCII(challenge->scheme(), "digest")) | 116 if (!LowerCaseEqualsASCII(challenge->scheme(), "digest")) |
| 117 return HttpAuth::AUTHORIZATION_RESULT_INVALID; | 117 return HttpAuth::AUTHORIZATION_RESULT_INVALID; |
| 118 | 118 |
| 119 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); | 119 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); |
| 120 | 120 |
| 121 // Try to find the "stale" value, and also keep track of the realm | 121 // Try to find the "stale" value, and also keep track of the realm |
| 122 // for the new challenge. | 122 // for the new challenge. |
| 123 std::string original_realm; | 123 std::string original_realm; |
| 124 while (parameters.GetNext()) { | 124 while (parameters.GetNext()) { |
| 125 if (base::LowerCaseEqualsASCII(parameters.name(), "stale")) { | 125 if (LowerCaseEqualsASCII(parameters.name(), "stale")) { |
| 126 if (base::LowerCaseEqualsASCII(parameters.value(), "true")) | 126 if (LowerCaseEqualsASCII(parameters.value(), "true")) |
| 127 return HttpAuth::AUTHORIZATION_RESULT_STALE; | 127 return HttpAuth::AUTHORIZATION_RESULT_STALE; |
| 128 } else if (base::LowerCaseEqualsASCII(parameters.name(), "realm")) { | 128 } else if (LowerCaseEqualsASCII(parameters.name(), "realm")) { |
| 129 original_realm = parameters.value(); | 129 original_realm = parameters.value(); |
| 130 } | 130 } |
| 131 } | 131 } |
| 132 return (original_realm_ != original_realm) ? | 132 return (original_realm_ != original_realm) ? |
| 133 HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM : | 133 HttpAuth::AUTHORIZATION_RESULT_DIFFERENT_REALM : |
| 134 HttpAuth::AUTHORIZATION_RESULT_REJECT; | 134 HttpAuth::AUTHORIZATION_RESULT_REJECT; |
| 135 } | 135 } |
| 136 | 136 |
| 137 bool HttpAuthHandlerDigest::Init(HttpAuthChallengeTokenizer* challenge) { | 137 bool HttpAuthHandlerDigest::Init(HttpAuthChallengeTokenizer* challenge) { |
| 138 return ParseChallenge(challenge); | 138 return ParseChallenge(challenge); |
| (...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 192 score_ = 2; | 192 score_ = 2; |
| 193 properties_ = ENCRYPTS_IDENTITY; | 193 properties_ = ENCRYPTS_IDENTITY; |
| 194 | 194 |
| 195 // Initialize to defaults. | 195 // Initialize to defaults. |
| 196 stale_ = false; | 196 stale_ = false; |
| 197 algorithm_ = ALGORITHM_UNSPECIFIED; | 197 algorithm_ = ALGORITHM_UNSPECIFIED; |
| 198 qop_ = QOP_UNSPECIFIED; | 198 qop_ = QOP_UNSPECIFIED; |
| 199 realm_ = original_realm_ = nonce_ = domain_ = opaque_ = std::string(); | 199 realm_ = original_realm_ = nonce_ = domain_ = opaque_ = std::string(); |
| 200 | 200 |
| 201 // FAIL -- Couldn't match auth-scheme. | 201 // FAIL -- Couldn't match auth-scheme. |
| 202 if (!base::LowerCaseEqualsASCII(challenge->scheme(), "digest")) | 202 if (!LowerCaseEqualsASCII(challenge->scheme(), "digest")) |
| 203 return false; | 203 return false; |
| 204 | 204 |
| 205 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); | 205 HttpUtil::NameValuePairsIterator parameters = challenge->param_pairs(); |
| 206 | 206 |
| 207 // Loop through all the properties. | 207 // Loop through all the properties. |
| 208 while (parameters.GetNext()) { | 208 while (parameters.GetNext()) { |
| 209 // FAIL -- couldn't parse a property. | 209 // FAIL -- couldn't parse a property. |
| 210 if (!ParseChallengeProperty(parameters.name(), | 210 if (!ParseChallengeProperty(parameters.name(), |
| 211 parameters.value())) | 211 parameters.value())) |
| 212 return false; | 212 return false; |
| 213 } | 213 } |
| 214 | 214 |
| 215 // Check if tokenizer failed. | 215 // Check if tokenizer failed. |
| 216 if (!parameters.valid()) | 216 if (!parameters.valid()) |
| 217 return false; | 217 return false; |
| 218 | 218 |
| 219 // Check that a minimum set of properties were provided. | 219 // Check that a minimum set of properties were provided. |
| 220 if (nonce_.empty()) | 220 if (nonce_.empty()) |
| 221 return false; | 221 return false; |
| 222 | 222 |
| 223 return true; | 223 return true; |
| 224 } | 224 } |
| 225 | 225 |
| 226 bool HttpAuthHandlerDigest::ParseChallengeProperty(const std::string& name, | 226 bool HttpAuthHandlerDigest::ParseChallengeProperty(const std::string& name, |
| 227 const std::string& value) { | 227 const std::string& value) { |
| 228 if (base::LowerCaseEqualsASCII(name, "realm")) { | 228 if (LowerCaseEqualsASCII(name, "realm")) { |
| 229 std::string realm; | 229 std::string realm; |
| 230 if (!net::ConvertToUtf8AndNormalize(value, kCharsetLatin1, &realm)) | 230 if (!net::ConvertToUtf8AndNormalize(value, kCharsetLatin1, &realm)) |
| 231 return false; | 231 return false; |
| 232 realm_ = realm; | 232 realm_ = realm; |
| 233 original_realm_ = value; | 233 original_realm_ = value; |
| 234 } else if (base::LowerCaseEqualsASCII(name, "nonce")) { | 234 } else if (LowerCaseEqualsASCII(name, "nonce")) { |
| 235 nonce_ = value; | 235 nonce_ = value; |
| 236 } else if (base::LowerCaseEqualsASCII(name, "domain")) { | 236 } else if (LowerCaseEqualsASCII(name, "domain")) { |
| 237 domain_ = value; | 237 domain_ = value; |
| 238 } else if (base::LowerCaseEqualsASCII(name, "opaque")) { | 238 } else if (LowerCaseEqualsASCII(name, "opaque")) { |
| 239 opaque_ = value; | 239 opaque_ = value; |
| 240 } else if (base::LowerCaseEqualsASCII(name, "stale")) { | 240 } else if (LowerCaseEqualsASCII(name, "stale")) { |
| 241 // Parse the stale boolean. | 241 // Parse the stale boolean. |
| 242 stale_ = base::LowerCaseEqualsASCII(value, "true"); | 242 stale_ = LowerCaseEqualsASCII(value, "true"); |
| 243 } else if (base::LowerCaseEqualsASCII(name, "algorithm")) { | 243 } else if (LowerCaseEqualsASCII(name, "algorithm")) { |
| 244 // Parse the algorithm. | 244 // Parse the algorithm. |
| 245 if (base::LowerCaseEqualsASCII(value, "md5")) { | 245 if (LowerCaseEqualsASCII(value, "md5")) { |
| 246 algorithm_ = ALGORITHM_MD5; | 246 algorithm_ = ALGORITHM_MD5; |
| 247 } else if (base::LowerCaseEqualsASCII(value, "md5-sess")) { | 247 } else if (LowerCaseEqualsASCII(value, "md5-sess")) { |
| 248 algorithm_ = ALGORITHM_MD5_SESS; | 248 algorithm_ = ALGORITHM_MD5_SESS; |
| 249 } else { | 249 } else { |
| 250 DVLOG(1) << "Unknown value of algorithm"; | 250 DVLOG(1) << "Unknown value of algorithm"; |
| 251 return false; // FAIL -- unsupported value of algorithm. | 251 return false; // FAIL -- unsupported value of algorithm. |
| 252 } | 252 } |
| 253 } else if (base::LowerCaseEqualsASCII(name, "qop")) { | 253 } else if (LowerCaseEqualsASCII(name, "qop")) { |
| 254 // Parse the comma separated list of qops. | 254 // Parse the comma separated list of qops. |
| 255 // auth is the only supported qop, and all other values are ignored. | 255 // auth is the only supported qop, and all other values are ignored. |
| 256 HttpUtil::ValuesIterator qop_values(value.begin(), value.end(), ','); | 256 HttpUtil::ValuesIterator qop_values(value.begin(), value.end(), ','); |
| 257 qop_ = QOP_UNSPECIFIED; | 257 qop_ = QOP_UNSPECIFIED; |
| 258 while (qop_values.GetNext()) { | 258 while (qop_values.GetNext()) { |
| 259 if (base::LowerCaseEqualsASCII(qop_values.value(), "auth")) { | 259 if (LowerCaseEqualsASCII(qop_values.value(), "auth")) { |
| 260 qop_ = QOP_AUTH; | 260 qop_ = QOP_AUTH; |
| 261 break; | 261 break; |
| 262 } | 262 } |
| 263 } | 263 } |
| 264 } else { | 264 } else { |
| 265 DVLOG(1) << "Skipping unrecognized digest property"; | 265 DVLOG(1) << "Skipping unrecognized digest property"; |
| 266 // TODO(eroman): perhaps we should fail instead of silently skipping? | 266 // TODO(eroman): perhaps we should fail instead of silently skipping? |
| 267 } | 267 } |
| 268 return true; | 268 return true; |
| 269 } | 269 } |
| (...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 374 // TODO(eroman): Supposedly IIS server requires quotes surrounding qop. | 374 // TODO(eroman): Supposedly IIS server requires quotes surrounding qop. |
| 375 authorization += ", qop=" + QopToString(qop_); | 375 authorization += ", qop=" + QopToString(qop_); |
| 376 authorization += ", nc=" + nc; | 376 authorization += ", nc=" + nc; |
| 377 authorization += ", cnonce=" + HttpUtil::Quote(cnonce); | 377 authorization += ", cnonce=" + HttpUtil::Quote(cnonce); |
| 378 } | 378 } |
| 379 | 379 |
| 380 return authorization; | 380 return authorization; |
| 381 } | 381 } |
| 382 | 382 |
| 383 } // namespace net | 383 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 474483002:
Revert 289312 "Move StringToUpperASCII and LowerCaseEqualsASCII ..." (Closed)
Base URL: svn://svn.chromium.org/chrome/