called before the request can be used. */
static struct request *
-request_new ()
+request_new (void)
{
struct request *req = xnew0 (struct request);
req->hcapacity = 8;
&& (ISSPACE (line[sizeof (string_constant) - 1]) \
|| !line[sizeof (string_constant) - 1]))
-#define SET_USER_AGENT(req) \
- if (opt.useragent) \
- request_set_header (req, "User-Agent", opt.useragent, rel_none); \
- else \
+#define SET_USER_AGENT(req) do { \
+ if (!opt.useragent) \
request_set_header (req, "User-Agent", \
- aprintf ("Wget/%s", version_string), rel_value);
-
+ aprintf ("Wget/%s", version_string), rel_value); \
+ else if (*opt.useragent) \
+ request_set_header (req, "User-Agent", opt.useragent, rel_none); \
+} while (0)
/* Retrieve a document through HTTP protocol. It recognizes status
code, and correctly handles redirections. It closes the network
req = request_new ();
{
+ char *meth_arg;
const char *meth = "GET";
if (*dt & HEAD_ONLY)
meth = "HEAD";
/* Use the full path, i.e. one that includes the leading slash and
the query string. E.g. if u->path is "foo/bar" and u->query is
"param=value", full_path will be "/foo/bar?param=value". */
- request_set_method (req, meth,
- proxy ? xstrdup (u->url) : url_full_path (u));
+ if (proxy
+#ifdef HAVE_SSL
+ /* When using SSL over proxy, CONNECT establishes a direct
+ connection to the HTTPS server. Therefore use the same
+ argument as when talking to the server directly. */
+ && u->scheme != SCHEME_HTTPS
+#endif
+ )
+ meth_arg = xstrdup (u->url);
+ else
+ meth_arg = url_full_path (u);
+ request_set_method (req, meth, meth_arg);
}
request_set_header (req, "Referer", (char *) hs->referer, rel_none);
CLOSE_INVALIDATE (sock);
}
pconn.authorized = 0;
- if (auth_finished || !(user && passwd))
+ if (!auth_finished && (user && passwd))
{
- /* If we have tried it already, then there is not point
- retrying it. */
- logputs (LOG_NOTQUIET, _("Authorization failed.\n"));
- }
- else
- {
- /* IIS sometimes sends two instances of WWW-Authenticate
- header, one with the keyword "negotiate", and other with
- useful data. Loop over all occurrences of this header
- and use the one we recognize. */
+ /* IIS sends multiple copies of WWW-Authenticate, one with
+ the value "negotiate", and other(s) with data. Loop over
+ all the occurrences and pick the one we recognize. */
int wapos;
const char *wabeg, *waend;
char *www_authenticate = NULL;
++wapos)
if (known_authentication_scheme_p (wabeg, waend))
{
- www_authenticate = strdupdelim (wabeg, waend);
+ BOUNDED_TO_ALLOCA (wabeg, waend, www_authenticate);
break;
}
- /* If the authentication header is missing or recognized, or
- if the authentication scheme is "Basic" (which we send by
- default), there's no sense in retrying. */
- if (!www_authenticate
- || BEGINS_WITH (www_authenticate, "Basic"))
- {
- xfree_null (www_authenticate);
- logputs (LOG_NOTQUIET, _("Unknown authentication scheme.\n"));
- }
+
+ if (!www_authenticate)
+ /* If the authentication header is missing or
+ unrecognized, there's no sense in retrying. */
+ logputs (LOG_NOTQUIET, _("Unknown authentication scheme.\n"));
+ else if (BEGINS_WITH (www_authenticate, "Basic"))
+ /* If the authentication scheme is "Basic", which we send
+ by default, there's no sense in retrying either. (This
+ should be changed when we stop sending "Basic" data by
+ default.) */
+ ;
else
{
char *pth;
if (BEGINS_WITH (www_authenticate, "NTLM"))
ntlm_seen = 1;
xfree (pth);
- xfree (www_authenticate);
goto retry_with_auth;
}
}
+ logputs (LOG_NOTQUIET, _("Authorization failed.\n"));
request_free (req);
return AUTHFAILED;
}
to prevent garbage from the stack influencing strptime. */
xzero (t);
- /* Note that under non-English locales Solaris strptime fails to
- recognize English dates. We work around this by not setting
- the LC_TIME category. Another way would be to temporarily
- set locale to C before invoking strptime, but that's slow and
+ /* Solaris strptime fails to recognize English month names in
+ non-English locales, which we work around by not setting the
+ LC_TIME category. Another way would be to temporarily set
+ locale to C before invoking strptime, but that's slow and
messy. GNU strptime does not have this problem because it
- recognizes English dates along with the local ones. */
+ recognizes English month names along with the local ones. */
if (check_end (strptime (time_string, time_formats[i], &t)))
return mktime_from_utc (&t);
and Microsoft-specific. */
/* Create the authentication header contents for the `Basic' scheme.
- This is done by encoding the string `USER:PASS' in base64 and
- prepending `HEADER: Basic ' to it. */
+ This is done by encoding the string "USER:PASS" to base64 and
+ prepending the string "Basic " in front of it. */
static char *
basic_authentication_encode (const char *user, const char *passwd)
projects / wget / blobdiff