--- misc/neon-0.29.5/src/config.h 2011-02-03 10:32:38.000000000 +0100 +++ misc/build/neon-0.29.5/src/config.h 2011-02-03 10:26:19.000000000 +0100 @@ -1 +1,488 @@ -dummy + +/* Define to specific EGD socket path */ +/* #undef EGD_PATH */ + +/* Define if EGD should be supported */ +/* #undef ENABLE_EGD */ + +/* Define if GSS_C_NT_HOSTBASED_SERVICE is not defined otherwise */ +/* #undef GSS_C_NT_HOSTBASED_SERVICE */ + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_ARPA_INET_H 1 +#endif + +/* Define to 1 if you have the `bind_textdomain_codeset' function. */ +/* #undef HAVE_BIND_TEXTDOMAIN_CODESET 1 */ + +/* Define to 1 if you have the declaration of `h_errno', and to 0 if you + don't. */ +#ifdef WIN32 +#define HAVE_DECL_H_ERRNO 1 +#endif + +/* Define to 1 if you have the declaration of `stpcpy', and to 0 if you don't. + */ +#ifdef LINUX +#define HAVE_DECL_STPCPY 1 +#endif + +/* Define to 1 if you have the declaration of `strerror_r', and to 0 if you + don't. */ +#ifdef LINUX +#define HAVE_DECL_STRERROR_R 1 +#endif + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_DLFCN_H 1 +#endif + +/* Define to 1 if you have the header file. */ +#define HAVE_ERRNO_H 1 + +/* Define if you have expat */ +/* #undef HAVE_EXPAT */ + +/* Define to 1 if you have the `fstat64' function. */ +#define HAVE_FSTAT64 + +/* Define to 1 if you have the `gai_strerror' function. */ +#define HAVE_GAI_STRERROR 1 + +/* Define if GnuTLS support is enabled */ +/* #undef HAVE_GNUTLS */ + +/* Define to 1 if you have the `gnutls_session_get_data2' function. */ +/* #undef HAVE_GNUTLS_SESSION_GET_DATA2 */ + +/* Define if GSSAPI support is enabled */ +/* #undef HAVE_GSSAPI */ + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_GSSAPI_GSSAPI_GENERIC_H */ + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_GSSAPI_GSSAPI_H */ + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_GSSAPI_H */ + +/* Define to 1 if you have the `gss_init_sec_context' function. */ +/* #undef HAVE_GSS_INIT_SEC_CONTEXT */ + +/* Define to 1 if you have the `hstrerror' function. */ +/* #undef HAVE_HSTRERROR */ + +/* Define to 1 if you have the `inet_ntop' function. */ +#ifdef UNX +#define HAVE_INET_NTOP 1 +#endif + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_INTTYPES_H 1 +#endif + +/* Define to 1 if you have the `isatty' function. */ +#define HAVE_ISATTY 1 + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_LIBINTL_H */ + +/* Define if you have libxml */ +#define HAVE_LIBXML 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_LIBXML_PARSER_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_LIBXML_XMLVERSION_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_LIMITS_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_LOCALE_H 1 + +/* Define to 1 if you have the `lseek64' function. */ +#define HAVE_LSEEK64 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_MEMORY_H 1 + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_NETDB_H 1 +#endif + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_NETINET_IN_H 1 +#endif + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_NETINET_TCP_H 1 +#endif + +/* Define if OpenSSL support is enabled */ +#define HAVE_OPENSSL 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_OPENSSL_OPENSSLV_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_OPENSSL_SSL_H 1 + +/* Define to 1 if you have the `pipe' function. */ +#define HAVE_PIPE 1 + +/* Define to 1 if you have the `poll' function. */ +#define HAVE_POLL 1 + +/* Define to 1 if you have the `pthread_mutex_init' function. */ +/* #undef HAVE_PTHREAD_MUTEX_INIT */ + +/* Define to 1 if you have the `pthread_mutex_lock' function. */ +/* #undef HAVE_PTHREAD_MUTEX_LOCK */ + +/* Define to 1 if you have the `setlocale' function. */ +#define HAVE_SETLOCALE 1 + +/* Define to 1 if you have the `setsockopt' function. */ +#if defined (LINUX) || defined (WIN32) +#define HAVE_SETSOCKOPT 1 +#endif + +/* Define to 1 if you have the `setvbuf' function. */ +#define HAVE_SETVBUF 1 + +/* Define to 1 if you have the `shutdown' function. */ +#ifdef LINUX +#define HAVE_SHUTDOWN 1 +#endif + +/* Define to 1 if you have the `signal' function. */ +#define HAVE_SIGNAL 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_SIGNAL_H 1 + +/* Define to 1 if you have the `snprintf' function. */ +#ifdef UNX +#define HAVE_SNPRINTF 1 +#endif + +#ifdef WIN32 +#define snprintf _snprintf +#endif + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_SOCKS_H */ + +/* Define to 1 if you have the header file. */ +#define HAVE_STDARG_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STDINT_H 1 + +/* Define to 1 if you have the header file. */ +#define HAVE_STDLIB_H 1 + +/* Define to 1 if you have the `stpcpy' function. */ +#ifdef LINUX +#define HAVE_STPCPY 1 +#endif + +/* Define to 1 if you have the `strcasecmp' function. */ +#ifdef UNX +#define HAVE_STRCASECMP 1 +#endif + +#ifdef WIN32 +#define strcasecmp strcmpi +#endif + +/* Define to 1 if you have the `strerror_r' function. */ +#ifdef LINUX +#define HAVE_STRERROR_R 1 +#endif + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_STRINGS_H 1 +#endif + +/* Define to 1 if you have the header file. */ +#define HAVE_STRING_H 1 + +/* Define to 1 if you have the `strtoll' function. */ +#define HAVE_STRTOLL 1 + +/* Define to 1 if you have the `strtoq' function. */ +/* #undef HAVE_STRTOQ */ + +/* Define to 1 if `tm_gmtoff' is member of `struct tm'. */ +#ifdef LINUX +#define HAVE_STRUCT_TM_TM_GMTOFF 1 +#endif + +/* Define to 1 if `__tm_gmtoff' is member of `struct tm'. */ +/* #undef HAVE_STRUCT_TM___TM_GMTOFF */ + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_SYS_LIMITS_H */ + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_SYS_POLL_H 1 +#endif + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_SYS_SELECT_H 1 +#endif + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_SYS_SOCKET_H 1 +#endif + +/* Define to 1 if you have the header file. */ +#define HAVE_SYS_STAT_H 1 + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_SYS_TIME_H 1 +#endif + +/* Define to 1 if you have the header file. */ +#define HAVE_SYS_TYPES_H 1 + +/* Define if the timezone global is available */ +#ifndef MACOSX +#define HAVE_TIMEZONE 1 +#endif + +/* Use trio printf replacement library */ +/* #undef HAVE_TRIO */ + +/* Define to 1 if you have the header file. */ +/* #undef HAVE_TRIO_H */ + +/* Define to 1 if you have the header file. */ +#ifdef UNX +#define HAVE_UNISTD_H 1 +#endif + +/* Define to 1 if you have the `usleep' function. */ +#ifdef UNX +#define HAVE_USLEEP 1 +#endif + +/* Define to 1 if you have the `vsnprintf' function. */ +#if defined( UNX ) || (defined(_MSC_VER) && (_MSC_VER > 1400)) +#define HAVE_VSNPRINTF 1 +#endif + +#ifdef WIN32 +#if (defined(_MSC_VER) && (_MSC_VER < 1500)) || defined(__MINGW32__) +#define vsnprintf _vsnprintf +#endif +#endif + +/* Define to be location of localedir */ +/* #undef LOCALEDIR */ + +/* Defined when neon is built as a library */ +#define NEON_IS_LIBRARY 1 + +/* Define to be the neon version string */ +#define NEON_VERSION "0.29.5" + +/* Define to enable debugging */ +/* #undef NE_DEBUGGING */ + +/* Define to be printf format string for off64_t */ +#define NE_FMT_OFF64_T "lld" + +/* Define to be printf format string for off_t */ +#define NE_FMT_OFF_T "ld" + +/* Define to be printf format string for size_t */ +#define NE_FMT_SIZE_T "u" + +/* Define to be printf format string for ssize_t */ +#define NE_FMT_SSIZE_T "d" + +/* Define to be printf format string for time_t */ +#define NE_FMT_TIME_T "ld" + +/* Defined if DAV is supported */ +#define NE_HAVE_DAV 1 + +/* Defined if I18N is supported */ +/* #undef NE_HAVE_I18N 1 */ + +/* Defined if IPV6 is supported */ +#define NE_HAVE_IPV6 1 + +/* Defined if LFS is supported */ +#define NE_HAVE_LFS 1 + +/* Defined if SOCKS is supported */ +/* #undef NE_HAVE_SOCKS */ + +/* Defined if SSL is supported */ +#define NE_HAVE_SSL + +/* Defined if TS_SSL is supported */ +/* #undef NE_HAVE_TS_SSL */ + +/* Defined if ZLIB is supported */ +#define NE_HAVE_ZLIB 1 + +/* Define to be filename of an SSL CA root bundle */ +/* #undef NE_SSL_CA_BUNDLE */ + +/* Define if poll() should be used */ +#ifdef UNX +#define NE_USE_POLL 1 +#endif + +/* Define to be neon library major version */ +#define NE_VERSION_MAJOR (0) + +/* Define to be neon library minor version */ +#define NE_VERSION_MINOR (29) + +/* Define to be neon library patch version */ +#define NE_VERSION_PATCH (5) + +/* Define to the address where bug reports for this package should be sent. */ +#define PACKAGE_BUGREPORT "neon@webdav.org" + +/* Define to the full name of this package. */ +#define PACKAGE_NAME "neon" + +/* Define to the full name and version of this package. */ +#define PACKAGE_STRING "neon 0.29.5" + +/* Define to the one symbol short name of this package. */ +#define PACKAGE_TARNAME "neon" + +/* Define to the version of this package. */ +#define PACKAGE_VERSION "0.29.5" + +/* The size of a `int', as computed by sizeof. */ +#define SIZEOF_INT 4 + +/* The size of a `long', as computed by sizeof. */ +#define SIZEOF_LONG 4 + +/* The size of a `long long', as computed by sizeof. */ +#define SIZEOF_LONG_LONG 8 + +/* The size of a `off64_t', as computed by sizeof. */ +#define SIZEOF_OFF64_T 8 + +/* The size of a `off_t', as computed by sizeof. */ +#define SIZEOF_OFF_T 4 + +/* The size of a `size_t', as computed by sizeof. */ +#define SIZEOF_SIZE_T 4 + +/* The size of a `ssize_t', as computed by sizeof. */ +#define SIZEOF_SSIZE_T 4 + +/* The size of a `time_t', as computed by sizeof. */ +#define SIZEOF_TIME_T 4 + +/* Define to 1 if you have the ANSI C header files. */ +#ifdef SOLARIS +#define STDC_HEADERS 1 +#endif + +/* Define to 1 if strerror_r returns char *. */ +#ifdef LINUX +#define STRERROR_R_CHAR_P 1 +#endif + +/* Define to 1 if you can safely include both and . */ +#define TIME_WITH_SYS_TIME 1 + +/* Define if getaddrinfo supports AI_ADDRCONFIG */ +/* #undef USE_GAI_ADDRCONFIG */ + +/* Define if getaddrinfo() should be used */ +#define USE_GETADDRINFO 1 + +/* Define to 1 if your processor stores words with the most significant byte + first (like Motorola and SPARC, unlike Intel and VAX). */ +#if defined (SOLARIS) && defined (SPARC) +#define WORDS_BIGENDIAN 1 +#endif + +/* Always defined to enable GNU extensions */ +#define _GNU_SOURCE 1 + +/* Define to empty if `const' does not conform to ANSI C. */ +/* #undef const */ + +/* Define if in_addr_t is not available */ +/* #undef in_addr_t */ + +/* Define to `__inline__' or `__inline' if that's what the C compiler + calls it, or to nothing if 'inline' is not supported under any name. */ +#ifndef __cplusplus +#if defined (SOLARIS) && defined (__SUNPRO_C) +#define inline +#endif +#endif + +/* Define to `long' if does not define. */ +/* #undef off_t */ + +/* Define to `int' if does not define. */ +/* #undef pid_t */ + +/* Define to `unsigned' if does not define. */ +/* #undef size_t */ + +/* MS IIS does not send Lock-Token response header after creation of a */ +/* new lock. This violates RFC, but... if we want to talk with this */ +/* beast we need a workaround */ +#define IIS_LOCK_BUG_WORKAROUND 1 + +/* Enable leak-tracking versions of ne_*alloc when NEON_MEMLEAK is enabled */ +#ifdef NEON_MEMLEAK +# include "memleak.h" +#endif + +#if defined(HAVE_STPCPY) && defined(HAVE_DECL_STPCPY) && !HAVE_DECL_STPCPY && !defined(stpcpy) +char *stpcpy(char *, const char *); +#endif + +#ifdef WIN32 + +#include + +#define HAVE_MEMCPY 1 + +#define strncasecmp strnicmp +#define inline __inline +#define WIN32_LEAN_AND_MEAN +#define NOUSER +#define NOGDI +#define NONLS +#define NOCRYPT + +#endif + +#ifdef WIN32 +#define HAVE_SSPI 1 +#else +#define HAVE_NTLM 1 +#endif --- misc/neon-0.29.5/src/makefile.mk 2011-02-03 10:32:38.000000000 +0100 +++ misc/build/neon-0.29.5/src/makefile.mk 2011-02-03 10:26:19.000000000 +0100 @@ -1,1 +1,96 @@ -dummy +PRJ=..$/..$/..$/..$/.. + +PRJNAME=neon +TARGET=neon +LIBTARGET=NO +USE_DEFFILE=TRUE +NO_DEFAULT_STL=TRUE +EXTERNAL_WARNINGS_NOT_ERRORS := TRUE +UWINAPILIB= + +# --- Settings ----------------------------------------------------- + +.INCLUDE : settings.mk + +# --- Files -------------------------------------------------------- + +CDEFS+=-DHAVE_CONFIG_H + +.IF "$(SYSTEM_LIBXML)" == "YES" +CFLAGS+=-DSYSTEM_LIBXML $(LIBXML_CFLAGS) +.ELSE +LIBXMLINCDIR=external$/libxml +CFLAGS+= -I$(SOLARINCDIR)$/$(LIBXMLINCDIR) +.ENDIF + +.IF "$(SYSTEM_OPENSSL)" == "YES" +CFLAGS+= $(OPENSSL_CFLAGS) +.ENDIF + +.IF "$(SYSTEM_ZLIB)" == "YES" +CFLAGS+=-DSYSTEM_ZLIB +.ELSE +ZLIBINCDIR=external$/zlib +CFLAGS+=-I$(SOLARINCDIR)$/$(ZLIBINCDIR) +.ENDIF + +SLOFILES= \ + $(SLO)$/ne_207.obj \ + $(SLO)$/ne_acl3744.obj \ + $(SLO)$/ne_alloc.obj \ + $(SLO)$/ne_auth.obj \ + $(SLO)$/ne_basic.obj \ + $(SLO)$/ne_compress.obj \ + $(SLO)$/ne_dates.obj \ + $(SLO)$/ne_i18n.obj \ + $(SLO)$/ne_locks.obj \ + $(SLO)$/ne_md5.obj \ + $(SLO)$/ne_props.obj \ + $(SLO)$/ne_redirect.obj \ + $(SLO)$/ne_request.obj \ + $(SLO)$/ne_session.obj \ + $(SLO)$/ne_socket.obj \ + $(SLO)$/ne_socks.obj \ + $(SLO)$/ne_string.obj \ + $(SLO)$/ne_uri.obj \ + $(SLO)$/ne_utils.obj \ + $(SLO)$/ne_xml.obj \ + $(SLO)$/ne_xmlreq.obj \ + $(SLO)$/ne_openssl.obj + +.IF "$(OS)"=="WNT" +SLOFILES+=$(SLO)$/ne_sspi.obj +.ELSE +SLOFILES+=$(SLO)$/ne_ntlm.obj +.ENDIF + +# $(SLO)$/ne_gnutls.obj \ +# $(SLO)$/ne_stubssl.obj + +SHL1OBJS=$(SLOFILES) +SHL1TARGET=$(TARGET) +SHL1VERSIONMAP=exports.map +SHL1IMPLIB=i$(TARGET) + +SHL1STDLIBS+= $(LIBXML2LIB) \ + $(ZLIB3RDLIB) + +.IF "$(GUI)"=="WNT" + SHL1STDLIBS+= $(WS2_32LIB) + SHL1STDLIBS+= $(OPENSSLLIB) +.ELSE # WNT + .IF "$(OS)"=="SOLARIS" + SHL1STDLIBS+= -lnsl -lsocket -ldl + .ENDIF # SOLARIS + .IF "$(SYSTEM_OPENSSL)"=="YES" + SHL1STDLIBS+= $(OPENSSLLIB) + .ELSE + SHL1STDLIBS+= $(OPENSSLLIBST) + .ENDIF +.ENDIF # WNT + +SHL1DEF=$(MISC)$/$(SHL1TARGET).def + +# --- Targets ------------------------------------------------------ +DEF1NAME=$(SHL1TARGET) +.INCLUDE : target.mk --- misc/neon-0.29.5/src/ne_auth.c 2010-10-14 17:00:53.000000000 +0200 +++ misc/build/neon-0.29.5/src/ne_auth.c 2011-02-03 10:31:22.000000000 +0100 @@ -367,7 +367,7 @@ static int get_credentials(auth_session *sess, ne_buffer **errmsg, int attempt, struct auth_challenge *chall, char *pwbuf) { - if (chall->handler->creds(chall->handler->userdata, sess->realm, + if (chall->handler->creds(chall->handler->userdata, chall->protocol->name, sess->realm, chall->handler->attempt++, sess->username, pwbuf) == 0) { return 0; } else { @@ -385,15 +385,19 @@ { char *tmp, password[NE_ABUFSIZ]; +#if 0 /* Workaround - IIS sends challenge without realm. */ + /* Verify challenge... must have a realm */ if (parms->realm == NULL) { challenge_error(errmsg, _("missing realm in Basic challenge")); return -1; } +#endif clean_session(sess); - sess->realm = ne_strdup(parms->realm); + if (parms->realm != NULL) + sess->realm = ne_strdup(parms->realm); if (get_credentials(sess, errmsg, attempt, parms, password)) { /* Failed to get credentials */ @@ -610,10 +614,12 @@ return NULL; } -static int continue_sspi(auth_session *sess, int ntlm, const char *hdr) +static int continue_sspi(auth_session *sess, int ntlm, const char *hdr, + int attempt, struct auth_challenge *parms, ne_buffer **errmsg) { int status; char *response = NULL; + char password[NE_ABUFSIZ]; NE_DEBUG(NE_DBG_HTTPAUTH, "auth: SSPI challenge.\n"); @@ -630,8 +636,17 @@ return status; } } - - status = ne_sspi_authenticate(sess->sspi_context, hdr, &response); + + /* Authentification needs more than one http request. + * As long as authentification in progress use the existing credentials. + * Otherwise get new credentials.*/ + if (!hdr) + if (get_credentials(sess, errmsg, attempt, parms, password)) { + /* Failed to get credentials */ + return -1; + } + + status = ne_sspi_authenticate(sess->sspi_context, hdr, &response, sess->username, password); if (status) { return status; } @@ -651,7 +666,7 @@ { int ntlm = ne_strcasecmp(parms->protocol->name, "NTLM") == 0; - return continue_sspi(sess, ntlm, parms->opaque); + return continue_sspi(sess, ntlm, parms->opaque, attempt, parms, errmsg); } static int verify_sspi(struct auth_request *req, auth_session *sess, @@ -674,7 +689,7 @@ return NE_OK; } - return continue_sspi(sess, ntlm, ptr); + return continue_sspi(sess, ntlm, ptr, 0, NULL, NULL); } #endif --- misc/neon-0.29.5/src/ne_auth.h 2009-09-01 22:13:12.000000000 +0200 +++ misc/build/neon-0.29.5/src/ne_auth.h 2011-02-03 10:26:20.000000000 +0100 @@ -47,8 +47,8 @@ * Hint: if you just wish to attempt authentication just once (even if * the user gets the username/password wrong), have the callback * function use 'attempt' value as the function return value. */ -typedef int (*ne_auth_creds)(void *userdata, const char *realm, int attempt, - char *username, char *password); +typedef int (*ne_auth_creds)(void *userdata, const char * auth_protocol, + const char *realm, int attempt, char *username, char *password); /* Set callbacks to provide credentials for server and proxy * authentication, using the default set of authentication protocols. --- misc/neon-0.29.5/src/ne_defs.h 2010-01-11 23:57:34.000000000 +0100 +++ misc/build/neon-0.29.5/src/ne_defs.h 2011-02-03 10:26:20.000000000 +0100 @@ -41,7 +41,7 @@ #endif /* define ssize_t for Win32 */ -#if defined(WIN32) && !defined(ssize_t) +#if defined(WIN32) && !defined(ssize_t) && !defined(__MINGW32__) #define ssize_t int #endif --- misc/neon-0.29.5/src/ne_locks.c 2007-02-05 11:09:27.000000000 +0100 +++ misc/build/neon-0.29.5/src/ne_locks.c 2011-02-03 10:26:21.000000000 +0100 @@ -579,6 +579,23 @@ const char *token = ne_get_response_header(ctx->req, "Lock-Token"); /* at the root element; retrieve the Lock-Token header, * and bail if it wasn't given. */ +#ifdef IIS_LOCK_BUG_WORKAROUND + /* MS IIS violates RFC 2518/4918. It does not send a Lock-Token response + header upon successful creation of a new lock. As a workaround, we + will try to pick the lock token from the response body (although + this is not 100% safe in case of multiple activelocks). */ + if (token == NULL) + NE_DEBUG(NE_DBG_LOCKS, + "Ignoring missing LOCK response Lock-Token header\n"); + + if (token != NULL) { + if (token[0] == '<') token++; + ctx->token = ne_strdup(token); + ne_shave(ctx->token, ">"); + NE_DEBUG(NE_DBG_LOCKS, "lk_startelm: Finding token %s\n", + ctx->token); + } +#else if (token == NULL) { ne_xml_set_error(ctx->parser, _("LOCK response missing Lock-Token header")); @@ -590,12 +607,28 @@ ne_shave(ctx->token, ">"); NE_DEBUG(NE_DBG_LOCKS, "lk_startelm: Finding token %s\n", ctx->token); +#endif } /* TODO: only accept 'prop' as root for LOCK response */ if (!can_accept(parent, id)) return NE_XML_DECLINE; +#ifdef IIS_LOCK_BUG_WORKAROUND + if (id == ELM_activelock && ctx->found) { + /* Found another activelock... */ + const char *token = ne_get_response_header(ctx->req, "Lock-Token"); + if (token == NULL) { + /* Response contains more than one activelock and no Lock-Token + * response header. We are doomed. No safe workaround for IIS + * lock bug possible. */ + ne_xml_set_error(ctx->parser, + _("LOCK response missing Lock-Token header and more than one activelock")); + return NE_XML_ABORT; + } + } +#endif + if (id == ELM_activelock && !ctx->found) { /* a new activelock */ ne_lock_free(&ctx->active); @@ -621,7 +654,12 @@ return -1; if (state == ELM_activelock) { +#ifdef IIS_LOCK_BUG_WORKAROUND + if (ctx->active.token) { + ctx->token = ne_strdup(ctx->active.token); +#else if (ctx->active.token && strcmp(ctx->active.token, ctx->token) == 0) { +#endif ctx->found = 1; } } --- misc/neon-0.29.5/src/ne_locks.h 2006-01-02 12:43:19.000000000 +0100 +++ misc/build/neon-0.29.5/src/ne_locks.h 2011-02-03 10:26:21.000000000 +0100 @@ -22,6 +22,10 @@ #ifndef NE_LOCKS_H #define NE_LOCKS_H +# if defined __GNUC__ +# pragma GCC system_header +# endif + #include "ne_request.h" /* for ne_session + ne_request */ #include "ne_uri.h" /* for ne_uri */ --- misc/neon-0.29.5/src/ne_sspi.c 2007-08-10 17:26:08.000000000 +0200 +++ misc/build/neon-0.29.5/src/ne_sspi.c 2011-02-03 10:26:21.000000000 +0100 @@ -206,6 +206,45 @@ } /* + * Simplification wrapper arround AcquireCredentialsHandle as most of + * the parameters do not change. + */ +static int acquireCredentialsHandleForUsername(CredHandle * credentials, char *package, const char *username, const char *password) +{ + SECURITY_STATUS status; + TimeStamp timestamp; + + const char *domain = ""; + + int rc, rcISC; + SecPkgInfo *secPackInfo; + SEC_WINNT_AUTH_IDENTITY *nameAndPwd = NULL; + int bytesReceived = 0, bytesSent = 0; + + nameAndPwd = (SEC_WINNT_AUTH_IDENTITY *) malloc( sizeof(SEC_WINNT_AUTH_IDENTITY) ); + memset( nameAndPwd, '\0', sizeof (*nameAndPwd) ); + nameAndPwd->Domain = (unsigned char *) _strdup( domain? domain: "" ); + nameAndPwd->DomainLength = domain? strlen( domain ): 0; + nameAndPwd->User = (unsigned char *) _strdup( username? username: "" ); + nameAndPwd->UserLength = username? strlen( username ): 0; + nameAndPwd->Password = (unsigned char *) _strdup( password? password: "" ); + nameAndPwd->PasswordLength = password? strlen( password ): 0; + nameAndPwd->Flags = SEC_WINNT_AUTH_IDENTITY_ANSI; + + status = pSFT->AcquireCredentialsHandle( NULL, package, SECPKG_CRED_OUTBOUND, + NULL, nameAndPwd, NULL, NULL, credentials, ×tamp ); + + if (status != SEC_E_OK) { + NE_DEBUG(NE_DBG_HTTPAUTH, + "sspi: AcquireCredentialsHandle [fail] [%x].\n", status); + return -1; + } + + return 0; +} + + +/* * Wrapper arround initializeSecurityContext. Supplies several * default parameters as well as logging in case of errors. */ @@ -483,7 +522,7 @@ * Processes received authentication tokens as well as supplies the * response token. */ -int ne_sspi_authenticate(void *context, const char *base64Token, char **responseToken) +int ne_sspi_authenticate(void *context, const char *base64Token, char **responseToken, const char* username, const char* password) { SecBufferDesc outBufferDesc; SecBuffer outBuffer; @@ -561,13 +600,22 @@ /* Reset any existing context since we are starting over */ resetContext(sspiContext); - if (acquireCredentialsHandle - (&sspiContext->credentials, sspiContext->mechanism) != SEC_E_OK) { - freeBuffer(&outBufferDesc); - NE_DEBUG(NE_DBG_HTTPAUTH, - "sspi: acquireCredentialsHandle failed.\n"); - return -1; - } + if (strlen(username) != 0) { + if (acquireCredentialsHandleForUsername + (&sspiContext->credentials, sspiContext->mechanism, username, password) != SEC_E_OK) { + freeBuffer(&outBufferDesc); + NE_DEBUG(NE_DBG_HTTPAUTH, "sspi: acquireCredentialsHandleForUsername failed.\n"); + return -1; + } + } else { + if (acquireCredentialsHandle + (&sspiContext->credentials, sspiContext->mechanism) != SEC_E_OK) { + freeBuffer(&outBufferDesc); + NE_DEBUG(NE_DBG_HTTPAUTH, "sspi: acquireCredentialsHandle failed.\n"); + return -1; + } + } + securityStatus = initializeSecurityContext(&sspiContext->credentials, NULL, --- misc/neon-0.29.5/src/ne_sspi.h 2006-02-12 13:05:14.000000000 +0100 +++ misc/build/neon-0.29.5/src/ne_sspi.h 2011-02-03 10:26:21.000000000 +0100 @@ -41,7 +41,7 @@ int ne_sspi_clear_context(void *context); int ne_sspi_authenticate(void *context, const char *base64Token, - char **responseToken); + char **responseToken, const char* username, const char* password); #endif /* HAVE_SSPI */ --- misc/neon-0.29.5/src/ne_uri.c 2007-12-05 12:04:47.000000000 +0100 +++ misc/build/neon-0.29.5/src/ne_uri.c 2011-02-03 10:26:21.000000000 +0100 @@ -42,7 +42,7 @@ #include "ne_alloc.h" #include "ne_uri.h" -/* URI ABNF from RFC 3986: */ +/* URI ABNF from RFC 3986: (TKR: SharePoint is contradictory to this RFC. So I fix it here. )*/ #define PS (0x0001) /* "+" */ #define PC (0x0002) /* "%" */ @@ -67,6 +67,9 @@ #define OT (0x4000) /* others */ +/* TKR new symbol */ +#define WS (0x8000) /* Whitespaces ( Space, Tab ) */ + #define URI_ALPHA (AL) #define URI_DIGIT (DG) @@ -83,20 +86,21 @@ /* pchar = unreserved / pct-encoded / sub-delims / ":" / "@" */ #define URI_PCHAR (URI_UNRESERVED | PC | URI_SUBDELIM | CL | AT) /* invented: segchar = pchar / "/" */ -#define URI_SEGCHAR (URI_PCHAR | FS) +/* (TKR) WS added */ +#define URI_SEGCHAR (URI_PCHAR | FS | WS) /* query = *( pchar / "/" / "?" ) */ #define URI_QUERY (URI_PCHAR | FS | QU) /* fragment == query */ #define URI_FRAGMENT URI_QUERY /* any characters which should be path-escaped: */ -#define URI_ESCAPE ((URI_GENDELIM & ~(FS)) | URI_SUBDELIM | OT | PC) +#define URI_ESCAPE ((URI_GENDELIM & ~(FS)) | URI_SUBDELIM | OT | WS | PC) static const unsigned int uri_chars[256] = { /* 0xXX x0 x2 x4 x6 x8 xA xC xE */ -/* 0x */ OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, +/* 0x */ OT, OT, OT, OT, OT, OT, OT, OT, OT, WS, OT, OT, OT, OT, OT, OT, /* 1x */ OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, OT, -/* 2x */ OT, SD, OT, GD, SD, PC, SD, SD, SD, SD, SD, PS, SD, DS, DT, FS, +/* 2x */ WS, SD, OT, GD, SD, PC, SD, SD, SD, SD, SD, PS, SD, DS, DT, FS, /* 3x */ DG, DG, DG, DG, DG, DG, DG, DG, DG, DG, CL, SD, OT, SD, OT, QU, /* 4x */ AT, AL, AL, AL, AL, AL, AL, AL, AL, AL, AL, AL, AL, AL, AL, AL, /* 5x */ AL, AL, AL, AL, AL, AL, AL, AL, AL, AL, AL, GD, OT, GD, OT, US, --- misc/neon-0.29.5/src/ne_utils.c 2006-03-07 10:36:43.000000000 +0100 +++ misc/build/neon-0.29.5/src/ne_utils.c 2011-02-03 10:26:21.000000000 +0100 @@ -118,6 +118,9 @@ #ifdef HAVE_GNUTLS ", GNU TLS " LIBGNUTLS_VERSION #endif /* HAVE_GNUTLS */ +#ifdef HAVE_SSPI + ", SSPI" +#endif /* HAVE_SSPI */ "." ; @@ -137,7 +140,7 @@ switch (feature) { #if defined(NE_HAVE_SSL) || defined(NE_HAVE_ZLIB) || defined(NE_HAVE_IPV6) \ || defined(NE_HAVE_SOCKS) || defined(NE_HAVE_LFS) \ - || defined(NE_HAVE_TS_SSL) || defined(NE_HAVE_I18N) + || defined(NE_HAVE_TS_SSL) || defined(NE_HAVE_I18N) || defined(HAVE_SSPI) #ifdef NE_HAVE_SSL case NE_FEATURE_SSL: #endif @@ -159,6 +162,9 @@ #ifdef NE_HAVE_I18N case NE_FEATURE_I18N: #endif +#ifdef HAVE_SSPI + case NE_FEATURE_SSPI: +#endif return 1; #endif /* NE_HAVE_* */ default: --- misc/neon-0.29.5/src/ne_utils.h 2007-07-16 08:54:57.000000000 +0200 +++ misc/build/neon-0.29.5/src/ne_utils.h 2011-02-03 10:26:21.000000000 +0100 @@ -54,6 +54,7 @@ #define NE_FEATURE_SOCKS (5) /* SOCKSv5 support */ #define NE_FEATURE_TS_SSL (6) /* Thread-safe SSL/TLS support */ #define NE_FEATURE_I18N (7) /* i18n error message support */ +#define NE_FEATURE_SSPI (8) /* NTLM/Negotiate authentication protocol via SSPI */ /* Returns non-zero if library is built with support for the given * NE_FEATURE_* feature code 'code'. */