Hans Leidekker : winhttp: Allow setting NULL username and password for NTLM , Passport and Negotiate.

Alexandre Julliard julliard at winehq.org
Mon Aug 19 14:33:00 CDT 2013 

Module: wine
Branch: master
Commit: 78fc21cdb5773724735e1d48af2eaf52ea6c7ef1
URL:    http://source.winehq.org/git/wine.git/?a=commit;h=78fc21cdb5773724735e1d48af2eaf52ea6c7ef1

Author: Hans Leidekker <hans at codeweavers.com>
Date:   Mon Aug 19 15:52:25 2013 +0200

winhttp: Allow setting NULL username and password for NTLM, Passport and Negotiate.

---

 dlls/winhttp/request.c       |   17 ++++++++++++-----
 dlls/winhttp/tests/winhttp.c |   21 +++++++++++++++++++++
 2 files changed, 33 insertions(+), 5 deletions(-)

diff --git a/dlls/winhttp/request.c b/dlls/winhttp/request.c
index 3b91c75..00c2238 100644
--- a/dlls/winhttp/request.c
+++ b/dlls/winhttp/request.c
@@ -1668,7 +1668,8 @@ static BOOL do_authorization( request_t *request, DWORD target, DWORD scheme_fla
 static BOOL set_credentials( request_t *request, DWORD target, DWORD scheme, const WCHAR *username,
                              const WCHAR *password )
 {
-    if (!username || !password)
+    if ((scheme == WINHTTP_AUTH_SCHEME_BASIC || scheme == WINHTTP_AUTH_SCHEME_DIGEST) &&
+        (!username || !password))
     {
         set_last_error( ERROR_INVALID_PARAMETER );
         return FALSE;
@@ -1678,17 +1679,23 @@ static BOOL set_credentials( request_t *request, DWORD target, DWORD scheme, con
     case WINHTTP_AUTH_TARGET_SERVER:
     {
         heap_free( request->connect->username );
-        if (!(request->connect->username = strdupW( username ))) return FALSE;
+        if (!username) request->connect->username = NULL;
+        else if (!(request->connect->username = strdupW( username ))) return FALSE;
+
         heap_free( request->connect->password );
-        if (!(request->connect->password = strdupW( password ))) return FALSE;
+        if (!password) request->connect->password = NULL;
+        else if (!(request->connect->password = strdupW( password ))) return FALSE;
         break;
     }
     case WINHTTP_AUTH_TARGET_PROXY:
     {
         heap_free( request->connect->session->proxy_username );
-        if (!(request->connect->session->proxy_username = strdupW( username ))) return FALSE;
+        if (!username) request->connect->session->proxy_username = NULL;
+        else if (!(request->connect->session->proxy_username = strdupW( username ))) return FALSE;
+
         heap_free( request->connect->session->proxy_password );
-        if (!(request->connect->session->proxy_password = strdupW( password ))) return FALSE;
+        if (!password) request->connect->session->proxy_password = NULL;
+        else if (!(request->connect->session->proxy_password = strdupW( password ))) return FALSE;
         break;
     }
     default:
diff --git a/dlls/winhttp/tests/winhttp.c b/dlls/winhttp/tests/winhttp.c
index 6b946a9..87ddcb0 100644
--- a/dlls/winhttp/tests/winhttp.c
+++ b/dlls/winhttp/tests/winhttp.c
@@ -1959,6 +1959,27 @@ static void test_basic_authentication(int port)
     ok(ret, "failed to query status code %u\n", GetLastError());
     ok(status == 401, "request failed unexpectedly %u\n", status);
 
+    ret = WinHttpSetCredentials(req, WINHTTP_AUTH_TARGET_SERVER, WINHTTP_AUTH_SCHEME_NTLM, NULL, NULL, NULL);
+    ok(ret, "failed to set credentials %u\n", GetLastError());
+
+    ret = WinHttpSetCredentials(req, WINHTTP_AUTH_TARGET_SERVER, WINHTTP_AUTH_SCHEME_PASSPORT, NULL, NULL, NULL);
+    ok(ret, "failed to set credentials %u\n", GetLastError());
+
+    ret = WinHttpSetCredentials(req, WINHTTP_AUTH_TARGET_SERVER, WINHTTP_AUTH_SCHEME_NEGOTIATE, NULL, NULL, NULL);
+    ok(ret, "failed to set credentials %u\n", GetLastError());
+
+    SetLastError(0xdeadbeef);
+    ret = WinHttpSetCredentials(req, WINHTTP_AUTH_TARGET_SERVER, WINHTTP_AUTH_SCHEME_DIGEST, NULL, NULL, NULL);
+    error = GetLastError();
+    ok(!ret, "expected failure\n");
+    ok(error == ERROR_INVALID_PARAMETER, "expected ERROR_INVALID_PARAMETER, got %u\n", error);
+
+    SetLastError(0xdeadbeef);
+    ret = WinHttpSetCredentials(req, WINHTTP_AUTH_TARGET_SERVER, WINHTTP_AUTH_SCHEME_BASIC, NULL, NULL, NULL);
+    error = GetLastError();
+    ok(!ret, "expected failure\n");
+    ok(error == ERROR_INVALID_PARAMETER, "expected ERROR_INVALID_PARAMETER, got %u\n", error);
+
     SetLastError(0xdeadbeef);
     ret = WinHttpSetCredentials(req, WINHTTP_AUTH_TARGET_SERVER, WINHTTP_AUTH_SCHEME_BASIC, userW, NULL, NULL);
     error = GetLastError();

More information about the wine-cvs mailing list