curl-library
[PATCH 2/2] ntlm_wb: Avoid invoking ntlm_auth helper with empty username
From: David Woodhouse <dwmw2_at_infradead.org>
Date: Fri, 11 Jul 2014 11:36:46 +0100
Received on 2014-07-11
Date: Fri, 11 Jul 2014 11:36:46 +0100
From: David Woodhouse <David.Woodhouse_at_intel.com>
---
lib/curl_ntlm_wb.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/lib/curl_ntlm_wb.c b/lib/curl_ntlm_wb.c
index 52d1323..ac05fbb 100644
--- a/lib/curl_ntlm_wb.c
+++ b/lib/curl_ntlm_wb.c
@@ -124,6 +124,21 @@ static CURLcode ntlm_wb_init(struct connectdata *conn, const char *userp)
return CURLE_OK;
username = userp;
+ /* The real ntlm_auth really doesn't like being invoked with an
+ empty username. It won't make inferences for itself, and expects
+ the client to do so (mostly because it's really designed for
+ servers like squid to use for auth, and client support is an
+ afterthought for it). So try hard to provide a suitable username
+ if we don't already have one. But if we can't, provide the
+ empty one anyway. Perhaps they have an implementation of the
+ ntlm_auth helper which *doesn't* need it so we might as well try */
+ if(*username == '\0') {
+ username = getenv("NTLMUSER");
+ if(!username)
+ username = getenv("LOGNAME");
+ if(!username)
+ username = userp;
+ }
slash = strpbrk(username, "\\/");
if(slash) {
if((domain = strdup(username)) == NULL)
--
1.9.3
--
dwmw2
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
- application/x-pkcs7-signature attachment: smime.p7s