[svn] Don't complain about "unknown authentication scheme" if the scheme

is Basic.  Allow empty user-agent meaning "don't send User-Agent".

diff --git a/src/ChangeLog b/src/ChangeLog
index 173c7a552e87bd6dde30e1efc4626e820f788952..2d3ed991d90f5a09e9c57c3e6e6218baee455df8 100644 (file)
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,12 @@
+2005-05-06  Hrvoje Niksic  <hniksic@xemacs.org>
+
+       * init.c (cmd_spec_useragent): Allow empty User-Agent.
+
+       * http.c (gethttp): Don't print "unknown authentication scheme"
+       for failed Basic authentication.
+       (SET_USER_AGENT): Don't set user-agent if opt.useragent is empty.
+       (gethttp): Use alloca for allocation of www_authenticate.
+
 2005-05-06  Hrvoje Niksic  <hniksic@xemacs.org>
 
        * main.c (print_help): Fix wording of --secure-protocol help text.

diff --git a/src/http.c b/src/http.c
index 8697428b53d91554a0d7b480f1fb29c5b1a7339f..d046eaea5f65261f5d302dc4790a181fcf986b5c 100644 (file)
--- a/src/http.c
+++ b/src/http.c
@@ -1113,13 +1113,13 @@ time_t http_atotm PARAMS ((const char *));
    && (ISSPACE (line[sizeof (string_constant) - 1])                    \
        || !line[sizeof (string_constant) - 1]))
 
-#define SET_USER_AGENT(req)                                            \
-  if (opt.useragent)                                                   \
-    request_set_header (req, "User-Agent", opt.useragent, rel_none);   \
-  else                                                                 \
+#define SET_USER_AGENT(req) do {                                       \
+  if (!opt.useragent)                                                  \
     request_set_header (req, "User-Agent",                             \
-                       aprintf ("Wget/%s", version_string), rel_value);
-
+                       aprintf ("Wget/%s", version_string), rel_value); \
+  else if (*opt.useragent)                                             \
+    request_set_header (req, "User-Agent", opt.useragent, rel_none);   \
+} while (0)
 
 /* Retrieve a document through HTTP protocol.  It recognizes status
    code, and correctly handles redirections.  It closes the network
@@ -1622,18 +1622,11 @@ gethttp (struct url *u, struct http_stat *hs, int *dt, struct url *proxy)
            CLOSE_INVALIDATE (sock);
        }
       pconn.authorized = 0;
-      if (auth_finished || !(user && passwd))
-       {
-         /* If we have tried it already, then there is not point
-            retrying it.  */
-         logputs (LOG_NOTQUIET, _("Authorization failed.\n"));
-       }
-      else
+      if (!auth_finished && (user && passwd))
        {
-         /* IIS sometimes sends two instances of WWW-Authenticate
-            header, one with the keyword "negotiate", and other with
-            useful data.  Loop over all occurrences of this header
-            and use the one we recognize.  */
+         /* IIS sends multiple copies of WWW-Authenticate, one with
+            the value "negotiate", and other(s) with data.  Loop over
+            all the occurrences and pick the one we recognize.  */
          int wapos;
          const char *wabeg, *waend;
          char *www_authenticate = NULL;
@@ -1643,18 +1636,20 @@ gethttp (struct url *u, struct http_stat *hs, int *dt, struct url *proxy)
               ++wapos)
            if (known_authentication_scheme_p (wabeg, waend))
              {
-               www_authenticate = strdupdelim (wabeg, waend);
+               BOUNDED_TO_ALLOCA (wabeg, waend, www_authenticate);
                break;
              }
-         /* If the authentication header is missing or recognized, or
-            if the authentication scheme is "Basic" (which we send by
-            default), there's no sense in retrying.  */
-         if (!www_authenticate
-             || BEGINS_WITH (www_authenticate, "Basic"))
-           {
-             xfree_null (www_authenticate);
-             logputs (LOG_NOTQUIET, _("Unknown authentication scheme.\n"));
-           }
+
+         if (!www_authenticate)
+           /* If the authentication header is missing or
+              unrecognized, there's no sense in retrying.  */
+           logputs (LOG_NOTQUIET, _("Unknown authentication scheme.\n"));
+         else if (BEGINS_WITH (www_authenticate, "Basic"))
+           /* If the authentication scheme is "Basic", which we send
+              by default, there's no sense in retrying either.  (This
+              should be changed when we stop sending "Basic" data by
+              default.)  */
+           ;
          else
            {
              char *pth;
@@ -1669,10 +1664,10 @@ gethttp (struct url *u, struct http_stat *hs, int *dt, struct url *proxy)
              if (BEGINS_WITH (www_authenticate, "NTLM"))
                ntlm_seen = 1;
              xfree (pth);
-             xfree (www_authenticate);
              goto retry_with_auth;
            }
        }
+      logputs (LOG_NOTQUIET, _("Authorization failed.\n"));
       request_free (req);
       return AUTHFAILED;
     }

diff --git a/src/init.c b/src/init.c
index b70a7c6efcd1de88400c6c9eeabf593f2c833089..6834c283b45fdf9d638c456d38fcbb1138dda314 100644 (file)
--- a/src/init.c
+++ b/src/init.c
@@ -1292,9 +1292,8 @@ cmd_spec_timeout (const char *com, const char *val, void *place_ignored)
 static int
 cmd_spec_useragent (const char *com, const char *val, void *place_ignored)
 {
-  /* Just check for empty string and newline, so we don't throw total
-     junk to the server.  */
-  if (!*val || strchr (val, '\n'))
+  /* Disallow embedded newlines.  */
+  if (strchr (val, '\n'))
     {
       fprintf (stderr, _("%s: %s: Invalid value `%s'.\n"),
               exec_name, com, val);