ref: 038a61554939d02c17f4bcd4a6f0f150c40237d4
parent: 62ad8fc8dfa714632654b05ec042b28af27bed98
author: cinap_lenrek <[email protected]>
date: Mon Aug 8 00:17:41 EDT 2016
webfs: include factotum key query in error string for 401/407 Unauthorized status
--- a/sys/src/cmd/webfs/http.c
+++ b/sys/src/cmd/webfs/http.c
@@ -348,14 +348,26 @@
}
}
+static int
+hauthgetkey(char *params)
+{
+ if(debug)
+ fprint(2, "hauthgetkey %s\n", params);
+ werrstr("needkey %s", params);
+ return -1;
+}
+
int
authenticate(Url *u, Url *ru, char *method, char *s)
{
- char *user, *pass, *realm, *nonce, *opaque, *x;
+ char oerr[ERRMAX], *user, *pass, *realm, *nonce, *opaque, *x;
Hauth *a;
Fmt fmt;
int n;
+ snprint(oerr, sizeof(oerr), "authentification failed");
+ errstr(oerr, sizeof(oerr));
+
user = u->user;
pass = u->pass;
realm = nonce = opaque = nil;
@@ -375,7 +387,8 @@
fmtprint(&fmt, " user=%q", user);
if((s = fmtstrflush(&fmt)) == nil)
return -1;
- up = auth_getuserpasswd(nil, "proto=pass service=http server=%q%s", u->host, s);
+ up = auth_getuserpasswd(hauthgetkey,
+ "proto=pass service=http server=%q%s", u->host, s);
free(s);
if(up == nil)
return -1;
@@ -418,7 +431,7 @@
if((s = fmtstrflush(&fmt)) == nil)
return -1;
nchal = snprint(chal, sizeof(chal), "%s %s %U", nonce, method, ru);
- n = auth_respond(chal, nchal, ouser, sizeof ouser, resp, sizeof resp, nil,
+ n = auth_respond(chal, nchal, ouser, sizeof ouser, resp, sizeof resp, hauthgetkey,
"proto=httpdigest role=client server=%q%s", u->host, s);
memset(chal, 0, sizeof(chal));
free(s);
@@ -445,6 +458,7 @@
free(s);
return -1;
}
+
a = emalloc(sizeof(*a));
a->url = u;
a->auth = s;
@@ -453,6 +467,7 @@
hauth = a;
qunlock(&authlk);
+ errstr(oerr, sizeof(oerr));
return 0;
}
@@ -847,14 +862,20 @@
goto Error;
freeurl(u);
u = nu;
- if(0){
+ if(0){
case 401: /* Unauthorized */
if(x = lookkey(shdr, "Authorization"))
flushauth(nil, x);
- if(hauthenticate(u, &ru, method, "WWW-Authenticate", rhdr) < 0)
- goto Error;
+ if(hauthenticate(u, &ru, method, "WWW-Authenticate", rhdr) < 0){
+ Autherror:
+ h->cancel = 1;
+ snprint(buf, sizeof(buf), "%s %r", status);
+ buclose(qbody, buf);
+ buclose(qpost, buf);
+ break;
}
- if(0){
+ }
+ if(0){
case 407: /* Proxy Auth */
if(proxy == nil)
goto Error;
@@ -861,8 +882,8 @@
if(x = lookkey(shdr, "Proxy-Authorization"))
flushauth(proxy, x);
if(hauthenticate(proxy, proxy, method, "Proxy-Authenticate", rhdr) < 0)
- goto Error;
- }
+ goto Autherror;
+ }
case 0: /* No status */
if(qpost && fd < 0){
if(i > 0)