wininet: Implement basic non-proxy authentication.

847cc51d · Rob Shearman · Alexandre Julliard · 4b507685 · 847cc51d
Commit 847cc51d authored May 21, 2007 by Rob Shearman Committed by Alexandre Julliard May 21, 2007
Show whitespace changes
Inline Side-by-side

Showing with 27 additions and 5 deletions

http.c dlls/wininet/http.c +27 -5

No files found.
--- a/dlls/wininet/http.c
+++ b/dlls/wininet/http.c
@@ -424,9 +424,13 @@ static BOOL HTTP_DoAuthorization( LPWININETHTTPREQW lpwhr, LPCWSTR pszAuthValue 
 {
    SECURITY_STATUS sec_status;
    struct HttpAuthInfo *pAuthInfo = lpwhr->pAuthInfo;
+    LPWSTR password = lpwhr->lpHttpSession->lpszPassword;
+    LPWSTR domain_and_username = lpwhr->lpHttpSession->lpszUserName;

    TRACE("%s\n", debugstr_w(pszAuthValue));

+    if (!domain_and_username) return FALSE;
+
    if (!pAuthInfo)
    {
        TimeStamp exp;
@@ -452,13 +456,13 @@ static BOOL HTTP_DoAuthorization( LPWININETHTTPREQW lpwhr, LPCWSTR pszAuthValue 
        if (!is_basic_auth_value(pszAuthValue))
        {
            SEC_WINNT_AUTH_IDENTITY_W nt_auth_identity;
-            WCHAR *user = strchrW(lpwhr->lpHttpSession->lpszUserName, '\\');
-            WCHAR *domain = lpwhr->lpHttpSession->lpszUserName;
+            WCHAR *user = strchrW(domain_and_username, '\\');
+            WCHAR *domain = domain_and_username;

            if (user) user++;
            else
            {
-                user = lpwhr->lpHttpSession->lpszUserName;
+                user = domain_and_username;
                domain = NULL;
            }
            nt_auth_identity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
@@ -466,7 +470,7 @@ static BOOL HTTP_DoAuthorization( LPWININETHTTPREQW lpwhr, LPCWSTR pszAuthValue 
            nt_auth_identity.UserLength = strlenW(nt_auth_identity.User);
            nt_auth_identity.Domain = domain;
            nt_auth_identity.DomainLength = domain ? user - domain - 1 : 0;
-            nt_auth_identity.Password = lpwhr->lpHttpSession->lpszPassword;
+            nt_auth_identity.Password = password;
            nt_auth_identity.PasswordLength = strlenW(nt_auth_identity.Password);

            /* FIXME: make sure scheme accepts SEC_WINNT_AUTH_IDENTITY before calling AcquireCredentialsHandle */
@@ -500,8 +504,26 @@ static BOOL HTTP_DoAuthorization( LPWININETHTTPREQW lpwhr, LPCWSTR pszAuthValue 

    if (is_basic_auth_value(pszAuthValue))
    {
-        FIXME("do basic authentication\n");
+        int userlen = WideCharToMultiByte(CP_UTF8, 0, domain_and_username, lstrlenW(domain_and_username), NULL, 0, NULL, NULL);
+        int passlen = WideCharToMultiByte(CP_UTF8, 0, password, lstrlenW(password), NULL, 0, NULL, NULL);
+        char *auth_data;
+
+        TRACE("basic authentication\n");
+
+        /* length includes a nul terminator, which will be re-used for the ':' */
+        auth_data = HeapAlloc(GetProcessHeap(), 0, userlen + 1 + passlen);
+        if (!auth_data)
            return FALSE;
+
+        WideCharToMultiByte(CP_UTF8, 0, domain_and_username, -1, auth_data, userlen, NULL, NULL);
+        auth_data[userlen] = ':';
+        WideCharToMultiByte(CP_UTF8, 0, password, -1, &auth_data[userlen+1], passlen, NULL, NULL);
+
+        pAuthInfo->auth_data = auth_data;
+        pAuthInfo->auth_data_len = userlen + 1 + passlen;
+        pAuthInfo->finished = TRUE;
+
+        return TRUE;
    }
    else
    {