From 302c744e9ab8368629757ff395048ff72557e4c7 Mon Sep 17 00:00:00 2001
From: hniksic <devnull@localhost>
Date: Fri, 6 May 2005 10:16:15 -0700
Subject: [PATCH] [svn] Don't complain about "unknown authentication scheme" if
 the scheme is Basic.  Allow empty user-agent meaning "don't send User-Agent".

---
 src/ChangeLog |  9 +++++++++
 src/http.c    | 51 +++++++++++++++++++++++----------------------------
 src/init.c    |  5 ++---
 3 files changed, 34 insertions(+), 31 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index 173c7a55..2d3ed991 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,12 @@
+2005-05-06  Hrvoje Niksic  <hniksic@xemacs.org>
+
+	* init.c (cmd_spec_useragent): Allow empty User-Agent.
+
+	* http.c (gethttp): Don't print "unknown authentication scheme"
+	for failed Basic authentication.
+	(SET_USER_AGENT): Don't set user-agent if opt.useragent is empty.
+	(gethttp): Use alloca for allocation of www_authenticate.
+
 2005-05-06  Hrvoje Niksic  <hniksic@xemacs.org>
 
 	* main.c (print_help): Fix wording of --secure-protocol help text.
diff --git a/src/http.c b/src/http.c
index 8697428b..d046eaea 100644
--- a/src/http.c
+++ b/src/http.c
@@ -1113,13 +1113,13 @@ time_t http_atotm PARAMS ((const char *));
    && (ISSPACE (line[sizeof (string_constant) - 1])			\
        || !line[sizeof (string_constant) - 1]))
 
-#define SET_USER_AGENT(req)						\
-  if (opt.useragent)							\
-    request_set_header (req, "User-Agent", opt.useragent, rel_none);	\
-  else									\
+#define SET_USER_AGENT(req) do {					\
+  if (!opt.useragent)							\
     request_set_header (req, "User-Agent",				\
-			aprintf ("Wget/%s", version_string), rel_value);
-
+			aprintf ("Wget/%s", version_string), rel_value); \
+  else if (*opt.useragent)						\
+    request_set_header (req, "User-Agent", opt.useragent, rel_none);	\
+} while (0)
 
 /* Retrieve a document through HTTP protocol.  It recognizes status
    code, and correctly handles redirections.  It closes the network
@@ -1622,18 +1622,11 @@ gethttp (struct url *u, struct http_stat *hs, int *dt, struct url *proxy)
 	    CLOSE_INVALIDATE (sock);
 	}
       pconn.authorized = 0;
-      if (auth_finished || !(user && passwd))
-	{
-	  /* If we have tried it already, then there is not point
-	     retrying it.  */
-	  logputs (LOG_NOTQUIET, _("Authorization failed.\n"));
-	}
-      else
+      if (!auth_finished && (user && passwd))
 	{
-	  /* IIS sometimes sends two instances of WWW-Authenticate
-	     header, one with the keyword "negotiate", and other with
-	     useful data.  Loop over all occurrences of this header
-	     and use the one we recognize.  */
+	  /* IIS sends multiple copies of WWW-Authenticate, one with
+	     the value "negotiate", and other(s) with data.  Loop over
+	     all the occurrences and pick the one we recognize.  */
 	  int wapos;
 	  const char *wabeg, *waend;
 	  char *www_authenticate = NULL;
@@ -1643,18 +1636,20 @@ gethttp (struct url *u, struct http_stat *hs, int *dt, struct url *proxy)
 	       ++wapos)
 	    if (known_authentication_scheme_p (wabeg, waend))
 	      {
-		www_authenticate = strdupdelim (wabeg, waend);
+		BOUNDED_TO_ALLOCA (wabeg, waend, www_authenticate);
 		break;
 	      }
-	  /* If the authentication header is missing or recognized, or
-	     if the authentication scheme is "Basic" (which we send by
-	     default), there's no sense in retrying.  */
-	  if (!www_authenticate
-	      || BEGINS_WITH (www_authenticate, "Basic"))
-	    {
-	      xfree_null (www_authenticate);
-	      logputs (LOG_NOTQUIET, _("Unknown authentication scheme.\n"));
-	    }
+
+	  if (!www_authenticate)
+	    /* If the authentication header is missing or
+	       unrecognized, there's no sense in retrying.  */
+	    logputs (LOG_NOTQUIET, _("Unknown authentication scheme.\n"));
+	  else if (BEGINS_WITH (www_authenticate, "Basic"))
+	    /* If the authentication scheme is "Basic", which we send
+	       by default, there's no sense in retrying either.  (This
+	       should be changed when we stop sending "Basic" data by
+	       default.)  */
+	    ;
 	  else
 	    {
 	      char *pth;
@@ -1669,10 +1664,10 @@ gethttp (struct url *u, struct http_stat *hs, int *dt, struct url *proxy)
 	      if (BEGINS_WITH (www_authenticate, "NTLM"))
 		ntlm_seen = 1;
 	      xfree (pth);
-	      xfree (www_authenticate);
 	      goto retry_with_auth;
 	    }
 	}
+      logputs (LOG_NOTQUIET, _("Authorization failed.\n"));
       request_free (req);
       return AUTHFAILED;
     }
diff --git a/src/init.c b/src/init.c
index b70a7c6e..6834c283 100644
--- a/src/init.c
+++ b/src/init.c
@@ -1292,9 +1292,8 @@ cmd_spec_timeout (const char *com, const char *val, void *place_ignored)
 static int
 cmd_spec_useragent (const char *com, const char *val, void *place_ignored)
 {
-  /* Just check for empty string and newline, so we don't throw total
-     junk to the server.  */
-  if (!*val || strchr (val, '\n'))
+  /* Disallow embedded newlines.  */
+  if (strchr (val, '\n'))
     {
       fprintf (stderr, _("%s: %s: Invalid value `%s'.\n"),
 	       exec_name, com, val);
-- 
2.39.2