Rob Shearman : wininet: Don' t clear the auth data for Basic authentication in HTTP_InsertAuthorizationForHeader .

Alexandre Julliard julliard at winehq.org
Tue Nov 27 09:54:33 CST 2007


Module: wine
Branch: master
Commit: 01826e0c98dab3e546d7e974bc8bfc2a2b29df12
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=01826e0c98dab3e546d7e974bc8bfc2a2b29df12

Author: Rob Shearman <rob at codeweavers.com>
Date:   Tue Nov 27 14:19:50 2007 +0000

wininet: Don't clear the auth data for Basic authentication in HTTP_InsertAuthorizationForHeader.

It isn't tracked per connection, unlike NTLM authentication, and so the 
server will return a 401 error and try to get us to authenticate again. 
However, this doesn't work as the authentication information is assumed 
by the code to be valid for the whole connection.

---

 dlls/wininet/http.c |   13 +++++++++----
 1 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/dlls/wininet/http.c b/dlls/wininet/http.c
index 5f27bd2..6845883 100644
--- a/dlls/wininet/http.c
+++ b/dlls/wininet/http.c
@@ -1193,6 +1193,7 @@ static BOOL HTTP_InsertAuthorizationForHeader( LPWININETHTTPREQW lpwhr, struct H
     if (pAuthInfo && pAuthInfo->auth_data_len)
     {
         static const WCHAR wszSpace[] = {' ',0};
+        static const WCHAR wszBasic[] = {'B','a','s','i','c',0};
         unsigned int len;
 
         /* scheme + space + base64 encoded data (3/2/1 bytes data -> 4 bytes of characters) */
@@ -1208,10 +1209,14 @@ static BOOL HTTP_InsertAuthorizationForHeader( LPWININETHTTPREQW lpwhr, struct H
                           authorization+strlenW(authorization));
 
         /* clear the data as it isn't valid now that it has been sent to the
-         * server */
-        HeapFree(GetProcessHeap(), 0, pAuthInfo->auth_data);
-        pAuthInfo->auth_data = NULL;
-        pAuthInfo->auth_data_len = 0;
+         * server, unless it's Basic authentication which doesn't do
+         * connection tracking */
+        if (strcmpiW(pAuthInfo->scheme, wszBasic))
+        {
+            HeapFree(GetProcessHeap(), 0, pAuthInfo->auth_data);
+            pAuthInfo->auth_data = NULL;
+            pAuthInfo->auth_data_len = 0;
+        }
     }
 
     TRACE("Inserting authorization: %s\n", debugstr_w(authorization));




More information about the wine-cvs mailing list