---------------------
PatchSet 925 
Date: 2000/12/15 05:06:23
Author: rbcollins
Branch: auth_digest
Tag: (none) 
Log:
working with password testing

Members: 
	src/auth/digest/auth_digest.c:1.1.2.1->1.1.2.2 

Index: squid/src/auth/digest/auth_digest.c
===================================================================
RCS file: /cvsroot/squid-sf//squid/src/auth/digest/auth_digest.c,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -u -r1.1.2.1 -r1.1.2.2
--- squid/src/auth/digest/auth_digest.c	14 Dec 2000 23:10:14 -0000	1.1.2.1
+++ squid/src/auth/digest/auth_digest.c	15 Dec 2000 05:06:23 -0000	1.1.2.2
@@ -334,9 +334,32 @@
     auth_user_hash_pointer *usernamehash, *proxy_auth_hash=NULL;
     digest_data * digest_auth, *temp_auth;
     const char * proxy_auth;
+      char * pszMethod = "GET";
+      HASHHEX HA1;
+      HASHHEX HA2 = "";
+      HASHHEX Response;
     /* if the password is not ok, do an identity */
     if (auth_user->flags.credentials_ok!=1)
-        return auth_user;
+    {
+ //return auth_user;
+    
+      assert(auth_user->scheme_data != NULL);
+      digest_auth = auth_user->scheme_data;  
+
+      DigestCalcHA1(digest_auth->algorithm,
+                    digest_auth->username,
+                    digest_auth->realm,
+                    "testing",
+                    digest_auth->nonce,
+                    digest_auth->cnonce,
+                    HA1);
+      DigestCalcResponse(HA1, digest_auth->nonce, digest_auth->nc, digest_auth->cnonce, digest_auth->qop, pszMethod, digest_auth->uri, HA2, Response);
+      debug(29,1)("\nResponse = '%s'\n"
+                    "squid is = '%s'\n", digest_auth->response,Response);       
+        if (!strcasecmp(digest_auth->response,Response))
+        {
+            auth_user->flags.credentials_ok=1;
+
 
     /*    get the header. */
     proxy_auth = httpHeaderGetStr(&request->header, type);
@@ -355,11 +378,14 @@
            !authenticateDigestcmpUsername(usernamehash->auth_user->scheme_data,digest_auth))
             usernamehash=usernamehash->next;
         if (usernamehash->auth_user->auth_type==auth_user->auth_type) {
+            debug(29,4)("authenticateDigestAuthenticateuser: user '%s' is in the user cache as auth_user '%d'\n", digest_auth->username,usernamehash->auth_user);
             /*
              * add another link from the new proxy_auth to the
              * auth_user structure and update the information */
             assert(proxy_auth_hash == NULL);
             authenticateProxyAuthCacheAddLink(proxy_auth, usernamehash->auth_user);
+
+
             /* maybe the p/w changed. update in the old structure */
             temp_auth=usernamehash->auth_user->scheme_data;
 //            xfree(temp_auth->passwd);
@@ -367,7 +393,9 @@
 //            digest_auth->passwd = NULL;
             /* and remove the temporary structure */
             authenticateAuthUserUnlock(auth_user);
+#if 0
             authenticateFreeProxyAuthUser(auth_user);
+#endif
             auth_user = usernamehash->auth_user;
             /* and reference the existing digest data structure */
             digest_auth = auth_user->scheme_data;
@@ -376,6 +404,7 @@
         }
     } else {
         /* store user in hash's */
+        debug(29,4)("authenticateDigestAuthenticateuser: user '%s' is not in the user cache\n", digest_auth->username);
         authenticateUserNameCacheAdd(auth_user);
         authenticateProxyAuthCacheAddLink(proxy_auth, auth_user);
     }
@@ -383,6 +412,7 @@
      * after external auth occurs anyway */
     auth_user->expiretime =  current_time.tv_sec;
     auth_user->ip_expiretime = squid_curtime;
+}}
     return auth_user;
 }
 
@@ -393,7 +423,7 @@
             return -1;
         case 1: /* checked & ok */
             return 0;
-        case 2: /* partway through checking. Invalid for digest */
+        case 2: /* partway through checking. Invalid for basic */
             return -2;
         case 3: /* authentication process failed. */
             return -2;
@@ -409,8 +439,8 @@
         debug(29, 5) ("authenticateFixErrorHeader: Sending type:%d header: 'Digest realm=\"%s\"'\n",type,Config.proxyAuthRealm);
     httpHeaderPutStrf(&rep->header, type, "Digest realm=\"%s\"", Config.proxyAuthRealm);
 #endif
-        debug(29, 5) ("authenticateFixErrorHeader: Sending type:%d header: 'Digest realm=\"Robs server\", nonce=\"%s\"\n",type,nonce->nonce);
-    httpHeaderPutStrf(&rep->header, type, "Digest realm=\"Robs server\", nonce=\"%s\", qop=\"auth\"",nonce->nonce);
+        debug(29, 5) ("authenticateFixErrorHeader: Sending type:%d header: 'Digest realm=\"Robsserver\", nonce=\"%s\"\n",type,nonce->nonce);
+    httpHeaderPutStrf(&rep->header, type, "Digest realm=\"Robsserver\", nonce=\"%s\", qop=\"auth\"",nonce->nonce);
     }
 }
 
@@ -571,7 +601,7 @@
             /* white space */
             while (xisspace(*p))
                 p++;
-            xstrncpy(digest_auth->nc,p,8);
+            xstrncpy(digest_auth->nc,p,9);
         }
         else if (!strncmp(item, "cnonce", ilen))
         {
@@ -599,6 +629,7 @@
     digest_auth->uri, digest_auth->nonce,
     digest_auth->nc, digest_auth->cnonce, digest_auth->response);
 
+#if 0
     if (*cleartext == '\0') {
         debug(29, 2) ("authenticateDigestDecodeAuth: Disallowing empty password,"
             "user is '%s'\n", digest_auth->username);
@@ -620,6 +651,7 @@
     /* we are finished with the proxy_auth */
 //    xfree(auth_user->proxy_auth);
 //    auth_user->proxy_auth = NULL;
+#endif
     return;
 }