From 2c4c7a11f18dd54a9dc319d00fa61672adbdc66d Mon Sep 17 00:00:00 2001
From: Stephan Bergmann <sbergman@redhat.com>
Date: Tue, 4 Sep 2018 16:45:00 +0200
Subject: Properly encode OAuth2 credentials

Reviewed-on: https://gerrit.libreoffice.org/59986
Tested-by: Jenkins
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>

(cherry picked from commit 33f7485dedea90e0f80c6348fa8ac5f27c5052e0)
Conflicts:
	external/libcmis/UnpackedTarball_libcmis.mk

Change-Id: Ic3edeae035262309e91fb01e3aca5c2f905bc3e5
Reviewed-on: https://gerrit.libreoffice.org/60017
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
---
 external/libcmis/UnpackedTarball_libcmis.mk |  1 +
 external/libcmis/xwwwformurlencoded.patch.0 | 59 +++++++++++++++++++++++++++++
 2 files changed, 60 insertions(+)
 create mode 100644 external/libcmis/xwwwformurlencoded.patch.0

diff --git a/external/libcmis/UnpackedTarball_libcmis.mk b/external/libcmis/UnpackedTarball_libcmis.mk
index 3730888bf6b5..84647275607d 100644
--- a/external/libcmis/UnpackedTarball_libcmis.mk
+++ b/external/libcmis/UnpackedTarball_libcmis.mk
@@ -20,6 +20,7 @@ $(eval $(call gb_UnpackedTarball_add_patches,libcmis, \
 						external/libcmis/libcmis-fix-google-drive-2.patch \
 						external/libcmis/libcmis-sharepoint-repository-root.patch \
 						external/libcmis/libcmis-fix-error-handling.patch \
+						external/libcmis/xwwwformurlencoded.patch.0 \
 ))
 
 ifeq ($(OS),WNT)
diff --git a/external/libcmis/xwwwformurlencoded.patch.0 b/external/libcmis/xwwwformurlencoded.patch.0
new file mode 100644
index 000000000000..b9f779cc6e80
--- /dev/null
+++ b/external/libcmis/xwwwformurlencoded.patch.0
@@ -0,0 +1,59 @@
+--- src/libcmis/oauth2-providers.cxx
++++ src/libcmis/oauth2-providers.cxx
+@@ -26,6 +26,8 @@
+  * instead of those above.
+  */
+ 
++#include <cassert>
++
+ #include <libxml/HTMLparser.h>
+ #include <libxml/xmlreader.h>
+ 
+@@ -45,6 +47,29 @@
+ #define HTML_PARSE_RECOVER 0
+ #endif
+ 
++namespace {
++
++// See <https://url.spec.whatwg.org/#concept-urlencoded-byte-serializer>:
++void addXWwwFormUrlencoded(std::string * buffer, std::string const & data) {
++    assert(buffer);
++    for (string::const_iterator i = data.begin(); i != data.end(); ++i) {
++        unsigned char c = static_cast<unsigned char>(*i);
++        if (c == ' ' || c == '*' || c == '-' || c == '.' || (c >= '0' && c <= '9')
++            || (c >= 'A' && c <= 'Z') || c == '_' || (c >= 'a' && c <= 'z'))
++        {
++            *buffer += static_cast<char>(c);
++        } else {
++            static const char hex[16] = {
++                '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F'};
++            *buffer += '%';
++            *buffer += hex[c >> 4];
++            *buffer += hex[c & 0xF];
++        }
++    }
++}
++
++}
++
+ string OAuth2Providers::OAuth2Gdrive( HttpSession* session, const string& authUrl,
+                                       const string& username, const string& password )
+ {
+@@ -97,7 +120,7 @@
+         return string( );
+ 
+     loginEmailPost += "Email=";
+-    loginEmailPost += string( username );
++    addXWwwFormUrlencoded(&loginEmailPost, username);
+ 
+     istringstream loginEmailIs( loginEmailPost );
+     string loginEmailRes;
+@@ -119,7 +142,7 @@
+         return string( );
+ 
+     loginPasswdPost += "Passwd=";
+-    loginPasswdPost += string( password );
++    addXWwwFormUrlencoded(&loginPasswdPost, password);
+ 
+     istringstream loginPasswdIs( loginPasswdPost );
+     string loginPasswdRes;
-- 
cgit v1.2.3