*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA.
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301, USA.
*****************************************************************************/
/*****************************************************************************
* Preamble
*****************************************************************************/
-#include <stdlib.h>
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
#include <vlc/vlc.h>
-#include <vlc/input.h>
-#include "vlc_playlist.h"
-#include "vlc_meta.h"
-#include "network.h"
-#include "vlc_tls.h"
+
+#include <vlc_access.h>
+
+#include <vlc_interface.h>
+#include <vlc_meta.h>
+#include <vlc_network.h>
+#include <vlc_url.h>
+#include <vlc_tls.h>
+#include <vlc_strings.h>
+#include <vlc_input.h>
+#include <vlc_md5.h>
+
+#ifdef HAVE_ZLIB_H
+# include <zlib.h>
+#endif
/*****************************************************************************
* Module descriptor
#define PROXY_TEXT N_("HTTP proxy")
#define PROXY_LONGTEXT N_( \
- "You can specify an HTTP proxy to use. It must be of the form " \
+ "HTTP proxy to be used It must be of the form " \
"http://[user[:pass]@]myproxy.mydomain:myport/ ; " \
"if empty, the http_proxy environment variable will be tried." )
#define CACHING_TEXT N_("Caching value in ms")
#define CACHING_LONGTEXT N_( \
- "Allows you to modify the default caching value for http streams. This " \
- "value should be set in millisecond units." )
+ "Caching value for HTTP streams. This " \
+ "value should be set in milliseconds." )
#define AGENT_TEXT N_("HTTP user agent")
-#define AGENT_LONGTEXT N_("Allows you to modify the user agent that will be " \
+#define AGENT_LONGTEXT N_("User agent that will be " \
"used for the connection.")
#define RECONNECT_TEXT N_("Auto re-connect")
-#define RECONNECT_LONGTEXT N_("Will automatically attempt a re-connection " \
- "in case it was untimely closed.")
+#define RECONNECT_LONGTEXT N_( \
+ "Automatically try to reconnect to the stream in case of a sudden " \
+ "disconnect." )
#define CONTINUOUS_TEXT N_("Continuous stream")
-#define CONTINUOUS_LONGTEXT N_("Enable this option to read a file that is " \
- "being constantly updated (for example, a JPG file on a server)")
+#define CONTINUOUS_LONGTEXT N_("Read a file that is " \
+ "being constantly updated (for example, a JPG file on a server). " \
+ "You should not globally enable this option as it will break all other " \
+ "types of HTTP streams." )
+
+#define FORWARD_COOKIES_TEXT N_("Forward Cookies")
+#define FORWARD_COOKIES_LONGTEXT N_("Forward Cookies Across http redirections ")
vlc_module_begin();
set_description( _("HTTP input") );
set_capability( "access2", 0 );
- set_shortname( _( "HTTP/HTTPS" ) );
+ set_shortname( _( "HTTP(S)" ) );
set_category( CAT_INPUT );
set_subcategory( SUBCAT_INPUT_ACCESS );
RECONNECT_LONGTEXT, VLC_TRUE );
add_bool( "http-continuous", 0, NULL, CONTINUOUS_TEXT,
CONTINUOUS_LONGTEXT, VLC_TRUE );
- add_suppressed_string("http-user");
- add_suppressed_string("http-pwd");
+ add_bool( "http-forward-cookies", 0, NULL, FORWARD_COOKIES_TEXT,
+ FORWARD_COOKIES_LONGTEXT, VLC_TRUE );
+ add_obsolete_string("http-user");
+ add_obsolete_string("http-pwd");
add_shortcut( "http" );
add_shortcut( "https" );
add_shortcut( "unsv" );
+ add_shortcut( "itpc" ); /* iTunes Podcast */
set_callbacks( Open, Close );
vlc_module_end();
/*****************************************************************************
* Local prototypes
*****************************************************************************/
+
+/* RFC 2617: Basic and Digest Access Authentification */
+typedef struct http_auth_t
+{
+ char *psz_realm;
+ char *psz_domain;
+ char *psz_nonce;
+ char *psz_opaque;
+ char *psz_stale;
+ char *psz_algorithm;
+ char *psz_qop;
+ int i_nonce;
+ char *psz_cnonce;
+ char *psz_HA1; /* stored H(A1) value if algorithm = "MD5-sess" */
+} http_auth_t;
+
struct access_sys_t
{
int fd;
/* From uri */
vlc_url_t url;
char *psz_user_agent;
+ http_auth_t auth;
/* Proxy */
vlc_bool_t b_proxy;
vlc_url_t proxy;
+ http_auth_t proxy_auth;
/* */
int i_code;
- char *psz_protocol;
+ const char *psz_protocol;
int i_version;
char *psz_mime;
vlc_bool_t b_mms;
vlc_bool_t b_icecast;
vlc_bool_t b_ssl;
+#ifdef HAVE_ZLIB_H
+ vlc_bool_t b_compressed;
+ struct
+ {
+ z_stream stream;
+ uint8_t *p_buffer;
+ } inflate;
+#endif
vlc_bool_t b_chunked;
int64_t i_chunk;
vlc_bool_t b_reconnect;
vlc_bool_t b_continuous;
vlc_bool_t b_pace_control;
+
+ vlc_array_t * cookies;
};
/* */
-static int Read( access_t *, uint8_t *, int );
+static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies );
+
+/* */
+static ssize_t Read( access_t *, uint8_t *, size_t );
+static ssize_t ReadCompressed( access_t *, uint8_t *, size_t );
static int Seek( access_t *, int64_t );
static int Control( access_t *, int, va_list );
static int Request( access_t *p_access, int64_t i_tell );
static void Disconnect( access_t * );
+/* Small Cookie utilities. Cookies support is partial. */
+static char * cookie_get_content( const char * cookie );
+static char * cookie_get_domain( const char * cookie );
+static char * cookie_get_name( const char * cookie );
+static void cookie_append( vlc_array_t * cookies, char * cookie );
+
+
+static void AuthParseHeader( access_t *p_access, const char *psz_header,
+ http_auth_t *p_auth );
+static void AuthReply( access_t *p_acces, const char *psz_prefix,
+ vlc_url_t *p_url, http_auth_t *p_auth );
+static int AuthCheckReply( access_t *p_access, const char *psz_header,
+ vlc_url_t *p_url, http_auth_t *p_auth );
+static void AuthReset( http_auth_t *p_auth );
+
/*****************************************************************************
* Open:
*****************************************************************************/
static int Open( vlc_object_t *p_this )
+{
+ return OpenWithCookies( p_this, NULL );
+}
+
+static int OpenWithCookies( vlc_object_t *p_this, vlc_array_t *cookies )
{
access_t *p_access = (access_t*)p_this;
access_sys_t *p_sys;
char *psz, *p;
+ /* Only forward an store cookies if the corresponding option is activated */
+ vlc_bool_t b_forward_cookies = var_CreateGetBool( p_access, "http-forward-cookies" );
+ vlc_array_t * saved_cookies = b_forward_cookies ? (cookies ?: vlc_array_new()) : NULL;
/* Set up p_access */
- p_access->pf_read = Read;
- p_access->pf_block = NULL;
- p_access->pf_control = Control;
- p_access->pf_seek = Seek;
- p_access->info.i_update = 0;
- p_access->info.i_size = 0;
- p_access->info.i_pos = 0;
- p_access->info.b_eof = VLC_FALSE;
- p_access->info.i_title = 0;
- p_access->info.i_seekpoint = 0;
- p_access->p_sys = p_sys = malloc( sizeof( access_sys_t ) );
- memset( p_sys, 0, sizeof( access_sys_t ) );
+ STANDARD_READ_ACCESS_INIT;
+#ifdef HAVE_ZLIB_H
+ p_access->pf_read = ReadCompressed;
+#endif
p_sys->fd = -1;
p_sys->b_proxy = VLC_FALSE;
p_sys->i_version = 1;
p_sys->psz_user_agent = NULL;
p_sys->b_pace_control = VLC_TRUE;
p_sys->b_ssl = VLC_FALSE;
+#ifdef HAVE_ZLIB_H
+ p_sys->b_compressed = VLC_FALSE;
+ /* 15 is the max windowBits, +32 to enable optional gzip decoding */
+ if( inflateInit2( &p_sys->inflate.stream, 32+15 ) != Z_OK )
+ msg_Warn( p_access, "Error during zlib initialisation: %s",
+ p_sys->inflate.stream.msg );
+ if( zlibCompileFlags() & (1<<17) )
+ msg_Warn( p_access, "Your zlib was compiled without gzip support." );
+ p_sys->inflate.p_buffer = NULL;
+#endif
p_sys->p_tls = NULL;
p_sys->p_vs = NULL;
p_sys->i_icy_meta = 0;
p_sys->psz_icy_title = NULL;
p_sys->i_remaining = 0;
+ p_sys->cookies = saved_cookies;
+
/* Parse URI - remove spaces */
p = psz = strdup( p_access->psz_path );
while( (p = strchr( p, ' ' )) != NULL )
p_sys->b_reconnect = var_CreateGetBool( p_access, "http-reconnect" );
p_sys->b_continuous = var_CreateGetBool( p_access, "http-continuous" );
+connect:
/* Connect */
- if( Connect( p_access, 0 ) )
+ switch( Connect( p_access, 0 ) )
{
- /* Retry with http 1.0 */
- p_sys->i_version = 0;
+ case -1:
+ goto error;
+
+ case -2:
+ /* Retry with http 1.0 */
+ msg_Dbg( p_access, "switching to HTTP version 1.0" );
+ p_sys->i_version = 0;
+ p_sys->b_seekable = VLC_FALSE;
+
+ if( p_access->b_die || Connect( p_access, 0 ) )
+ goto error;
- if( p_access->b_die ||
- Connect( p_access, 0 ) )
+#ifndef NDEBUG
+ case 0:
+ break;
+
+ default:
+ msg_Err( p_access, "You should not be here" );
+ abort();
+#endif
+ }
+
+ if( p_sys->i_code == 401 )
+ {
+ char *psz_login = NULL; char *psz_password = NULL;
+ char psz_msg[250];
+ int i_ret;
+ /* FIXME ? */
+ if( p_sys->url.psz_username && p_sys->url.psz_password &&
+ p_sys->auth.psz_nonce && p_sys->auth.i_nonce == 0 )
+ {
+ goto connect;
+ }
+ snprintf( psz_msg, 250,
+ _("Please enter a valid login name and a password for realm %s."),
+ p_sys->auth.psz_realm );
+ msg_Dbg( p_access, "authentication failed for realm %s",
+ p_sys->auth.psz_realm );
+ i_ret = intf_UserLoginPassword( p_access, _("HTTP authentication"),
+ psz_msg, &psz_login, &psz_password );
+ if( i_ret == DIALOG_OK_YES )
{
+ msg_Dbg( p_access, "retrying with user=%s, pwd=%s",
+ psz_login, psz_password );
+ if( psz_login ) p_sys->url.psz_username = strdup( psz_login );
+ if( psz_password ) p_sys->url.psz_password = strdup( psz_password );
+ free( psz_login );
+ free( psz_password );
+ goto connect;
+ }
+ else
+ {
+ free( psz_login );
+ free( psz_password );
goto error;
}
}
p_sys->i_code == 303 || p_sys->i_code == 307 ) &&
p_sys->psz_location && *p_sys->psz_location )
{
- playlist_t * p_playlist;
- input_item_t *p_input_item;
-
msg_Dbg( p_access, "redirection to %s", p_sys->psz_location );
/* Do not accept redirection outside of HTTP works */
msg_Err( p_access, "insecure redirection ignored" );
goto error;
}
-
- p_playlist = vlc_object_find( p_access, VLC_OBJECT_PLAYLIST,
- FIND_ANYWHERE );
- if( !p_playlist )
- {
- msg_Err( p_access, "redirection failed: can't find playlist" );
- goto error;
- }
-
- /* Change the uri */
- vlc_mutex_lock( &p_playlist->object_lock );
- p_input_item = &p_playlist->status.p_item->input;
- vlc_mutex_lock( &p_input_item->lock );
- free( p_input_item->psz_uri );
free( p_access->psz_path );
- p_input_item->psz_uri = strdup( p_sys->psz_location );
p_access->psz_path = strdup( p_sys->psz_location );
- vlc_mutex_unlock( &p_input_item->lock );
- vlc_mutex_unlock( &p_playlist->object_lock );
- vlc_object_release( p_playlist );
-
/* Clean up current Open() run */
vlc_UrlClean( &p_sys->url );
+ AuthReset( &p_sys->auth );
vlc_UrlClean( &p_sys->proxy );
- if( p_sys->psz_mime ) free( p_sys->psz_mime );
- if( p_sys->psz_pragma ) free( p_sys->psz_pragma );
- if( p_sys->psz_location ) free( p_sys->psz_location );
- if( p_sys->psz_user_agent ) free( p_sys->psz_user_agent );
+ AuthReset( &p_sys->proxy_auth );
+ free( p_sys->psz_mime );
+ free( p_sys->psz_pragma );
+ free( p_sys->psz_location );
+ free( p_sys->psz_user_agent );
Disconnect( p_access );
+ cookies = p_sys->cookies;
free( p_sys );
/* Do new Open() run with new data */
- return Open( p_this );
+ return OpenWithCookies( p_this, cookies );
}
if( p_sys->b_mms )
{
- msg_Dbg( p_access, "This is actually a live mms server, BAIL" );
+ msg_Dbg( p_access, "this is actually a live mms server, BAIL" );
goto error;
}
/* Grrrr! detect ultravox server and force NSV demuxer */
p_access->psz_demux = strdup( "nsv" );
}
+ else if( !strcmp( p_access->psz_access, "itpc" ) )
+ {
+ p_access->psz_demux = strdup( "podcast" );
+ }
+ else if( p_sys->psz_mime &&
+ !strncasecmp( p_sys->psz_mime, "application/xspf+xml", 20 ) &&
+ ( memchr( " ;\t", p_sys->psz_mime[20], 4 ) != NULL ) )
+ p_access->psz_demux = strdup( "xspf-open" );
if( p_sys->b_reconnect ) msg_Dbg( p_access, "auto re-connect enabled" );
error:
vlc_UrlClean( &p_sys->url );
vlc_UrlClean( &p_sys->proxy );
- if( p_sys->psz_mime ) free( p_sys->psz_mime );
- if( p_sys->psz_pragma ) free( p_sys->psz_pragma );
- if( p_sys->psz_location ) free( p_sys->psz_location );
- if( p_sys->psz_user_agent ) free( p_sys->psz_user_agent );
+ free( p_sys->psz_mime );
+ free( p_sys->psz_pragma );
+ free( p_sys->psz_location );
+ free( p_sys->psz_user_agent );
Disconnect( p_access );
free( p_sys );
access_sys_t *p_sys = p_access->p_sys;
vlc_UrlClean( &p_sys->url );
+ AuthReset( &p_sys->auth );
vlc_UrlClean( &p_sys->proxy );
+ AuthReset( &p_sys->proxy_auth );
- if( p_sys->psz_mime ) free( p_sys->psz_mime );
- if( p_sys->psz_pragma ) free( p_sys->psz_pragma );
- if( p_sys->psz_location ) free( p_sys->psz_location );
+ free( p_sys->psz_mime );
+ free( p_sys->psz_pragma );
+ free( p_sys->psz_location );
- if( p_sys->psz_icy_name ) free( p_sys->psz_icy_name );
- if( p_sys->psz_icy_genre ) free( p_sys->psz_icy_genre );
- if( p_sys->psz_icy_title ) free( p_sys->psz_icy_title );
+ free( p_sys->psz_icy_name );
+ free( p_sys->psz_icy_genre );
+ free( p_sys->psz_icy_title );
- if( p_sys->psz_user_agent ) free( p_sys->psz_user_agent );
+ free( p_sys->psz_user_agent );
Disconnect( p_access );
+
+ if( p_sys->cookies )
+ {
+ int i;
+ for( i = 0; i < vlc_array_count( p_sys->cookies ); i++ )
+ free(vlc_array_item_at_index( p_sys->cookies, i ));
+ vlc_array_destroy( p_sys->cookies );
+ }
+
+#ifdef HAVE_ZLIB_H
+ inflateEnd( &p_sys->inflate.stream );
+ free( p_sys->inflate.p_buffer );
+#endif
+
free( p_sys );
}
* p_buffer. Return the actual number of bytes read
*****************************************************************************/
static int ReadICYMeta( access_t *p_access );
-static int Read( access_t *p_access, uint8_t *p_buffer, int i_len )
+static ssize_t Read( access_t *p_access, uint8_t *p_buffer, size_t i_len )
{
access_sys_t *p_sys = p_access->p_sys;
int i_read;
/* read the chunk header */
if( psz == NULL )
{
+ /* fatal error - end of file */
msg_Dbg( p_access, "failed reading chunk-header line" );
- return -1;
+ return 0;
}
p_sys->i_chunk = strtoll( psz, NULL, 16 );
free( psz );
}
}
- if( p_sys->b_continuous && i_len > p_sys->i_remaining )
+ if( p_sys->b_continuous && (ssize_t)i_len > p_sys->i_remaining )
{
/* Only ask for the remaining length */
int i_new_len = p_sys->i_remaining;
{
/* read the empty line */
char *psz = net_Gets( VLC_OBJECT(p_access), p_sys->fd, p_sys->p_vs );
- if( psz ) free( psz );
+ free( psz );
}
}
}
p += strlen( "StreamTitle=" );
if( *p == '\'' || *p == '"' )
{
- char *psz = strchr( &p[1], p[0] );
+ char closing[] = { p[0], ';', '\0' };
+ char *psz = strstr( &p[1], closing );
if( !psz )
psz = strchr( &p[1], ';' );
if( !p_sys->psz_icy_title ||
strcmp( p_sys->psz_icy_title, &p[1] ) )
{
- if( p_sys->psz_icy_title )
- free( p_sys->psz_icy_title );
+ free( p_sys->psz_icy_title );
p_sys->psz_icy_title = strdup( &p[1] );
p_access->info.i_update |= INPUT_UPDATE_META;
return VLC_SUCCESS;
}
+#ifdef HAVE_ZLIB_H
+static ssize_t ReadCompressed( access_t *p_access, uint8_t *p_buffer,
+ size_t i_len )
+{
+ access_sys_t *p_sys = p_access->p_sys;
+
+ if( p_sys->b_compressed )
+ {
+ int i_ret;
+
+ if( !p_sys->inflate.p_buffer )
+ p_sys->inflate.p_buffer = malloc( 256 * 1024 );
+
+ if( p_sys->inflate.stream.avail_in == 0 )
+ {
+ ssize_t i_read = Read( p_access, p_sys->inflate.p_buffer + p_sys->inflate.stream.avail_in, 256 * 1024 );
+ if( i_read <= 0 ) return i_read;
+ p_sys->inflate.stream.next_in = p_sys->inflate.p_buffer;
+ p_sys->inflate.stream.avail_in = i_read;
+ }
+
+ p_sys->inflate.stream.avail_out = i_len;
+ p_sys->inflate.stream.next_out = p_buffer;
+
+ i_ret = inflate( &p_sys->inflate.stream, Z_SYNC_FLUSH );
+ msg_Warn( p_access, "inflate return value: %d, %s", i_ret, p_sys->inflate.stream.msg );
+
+ return i_len - p_sys->inflate.stream.avail_out;
+ }
+ else
+ {
+ return Read( p_access, p_buffer, i_len );
+ }
+}
+#endif
+
/*****************************************************************************
* Seek: close and re-open a connection at the right place
*****************************************************************************/
vlc_bool_t *pb_bool;
int *pi_int;
int64_t *pi_64;
- vlc_meta_t **pp_meta;
+ vlc_meta_t *p_meta;
switch( i_query )
{
break;
case ACCESS_GET_META:
- pp_meta = (vlc_meta_t**)va_arg( args, vlc_meta_t** );
- *pp_meta = vlc_meta_New();
+ p_meta = (vlc_meta_t*)va_arg( args, vlc_meta_t* );
if( p_sys->psz_icy_name )
- vlc_meta_Add( *pp_meta, VLC_META_TITLE,
- p_sys->psz_icy_name );
+ vlc_meta_Set( p_meta, vlc_meta_Title, p_sys->psz_icy_name );
if( p_sys->psz_icy_genre )
- vlc_meta_Add( *pp_meta, VLC_META_GENRE,
- p_sys->psz_icy_genre );
+ vlc_meta_Set( p_meta, vlc_meta_Genre, p_sys->psz_icy_genre );
if( p_sys->psz_icy_title )
- vlc_meta_Add( *pp_meta, VLC_META_NOW_PLAYING,
- p_sys->psz_icy_title );
+ vlc_meta_Set( p_meta, vlc_meta_NowPlaying, p_sys->psz_icy_title );
+ break;
+
+ case ACCESS_GET_CONTENT_TYPE:
+ *va_arg( args, char ** ) =
+ p_sys->psz_mime ? strdup( p_sys->psz_mime ) : NULL;
break;
case ACCESS_GET_TITLE_INFO:
vlc_url_t srv = p_sys->b_proxy ? p_sys->proxy : p_sys->url;
/* Clean info */
- if( p_sys->psz_location ) free( p_sys->psz_location );
- if( p_sys->psz_mime ) free( p_sys->psz_mime );
- if( p_sys->psz_pragma ) free( p_sys->psz_pragma );
+ free( p_sys->psz_location );
+ free( p_sys->psz_mime );
+ free( p_sys->psz_pragma );
- if( p_sys->psz_icy_genre ) free( p_sys->psz_icy_genre );
- if( p_sys->psz_icy_name ) free( p_sys->psz_icy_name );
- if( p_sys->psz_icy_title ) free( p_sys->psz_icy_title );
+ free( p_sys->psz_icy_genre );
+ free( p_sys->psz_icy_name );
+ free( p_sys->psz_icy_title );
p_sys->psz_location = NULL;
/* Open connection */
- p_sys->fd = net_OpenTCP( p_access, srv.psz_host, srv.i_port );
- if( p_sys->fd < 0 )
+ p_sys->fd = net_ConnectTCP( p_access, srv.psz_host, srv.i_port );
+ if( p_sys->fd == -1 )
{
msg_Err( p_access, "cannot connect to %s:%d", srv.psz_host, srv.i_port );
- return VLC_EGENERIC;
+ return -1;
}
/* Initialize TLS/SSL session */
{
/* CONNECT is not in HTTP/1.0 */
Disconnect( p_access );
- return VLC_EGENERIC;
+ return -1;
}
net_Printf( VLC_OBJECT(p_access), p_sys->fd, NULL,
{
msg_Err( p_access, "cannot establish HTTP/TLS tunnel" );
Disconnect( p_access );
- return VLC_EGENERIC;
+ return -1;
}
sscanf( psz, "HTTP/%*u.%*u %3u", &i_status );
{
msg_Err( p_access, "HTTP/TLS tunnel through proxy denied" );
Disconnect( p_access );
- return VLC_EGENERIC;
+ return -1;
}
do
{
msg_Err( p_access, "HTTP proxy connection failed" );
Disconnect( p_access );
- return VLC_EGENERIC;
+ return -1;
}
if( *psz == '\0' )
i_status = 0;
free( psz );
+
+ if( p_access->b_die || p_access->b_error )
+ {
+ Disconnect( p_access );
+ return -1;
+ }
}
while( i_status );
}
{
msg_Err( p_access, "cannot establish HTTP/TLS session" );
Disconnect( p_access );
- return VLC_EGENERIC;
+ return -1;
}
p_sys->p_vs = &p_sys->p_tls->sock;
}
- return Request( p_access, i_tell );
+ return Request( p_access, i_tell ) ? -2 : 0;
}
}
else
{
- char *psz_path = p_sys->url.psz_path;
+ const char *psz_path = p_sys->url.psz_path;
if( !psz_path || !*psz_path )
{
psz_path = "/";
}
- if( p_sys->url.i_port != 80)
+ if( p_sys->url.i_port != (pvs ? 443 : 80) )
{
net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
"GET %s HTTP/1.%d\r\nHost: %s:%d\r\n",
"Range: bytes="I64Fd"-\r\n", i_tell );
}
- /* Authentication */
- if( p_sys->url.psz_username && *p_sys->url.psz_username )
+ /* Cookies */
+ if( p_sys->cookies )
{
- char *buf;
- char *b64;
+ int i;
+ for( i = 0; i < vlc_array_count( p_sys->cookies ); i++ )
+ {
+ const char * cookie = vlc_array_item_at_index( p_sys->cookies, i );
+ char * psz_cookie_content = cookie_get_content( cookie );
+ char * psz_cookie_domain = cookie_get_domain( cookie );
- asprintf( &buf, "%s:%s", p_sys->url.psz_username,
- p_sys->url.psz_password ? p_sys->url.psz_password : "" );
+ assert( psz_cookie_content );
- b64 = vlc_b64_encode( buf );
- free( buf );
+ /* FIXME: This is clearly not conforming to the rfc */
+ vlc_bool_t is_in_right_domain = (!psz_cookie_domain || strstr( p_sys->url.psz_host, psz_cookie_domain ));
- net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
- "Authorization: Basic %s\r\n", b64 );
- free( b64 );
+ if( is_in_right_domain )
+ {
+ msg_Dbg( p_access, "Sending Cookie %s", psz_cookie_content );
+ if( net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "Cookie: %s\r\n", psz_cookie_content ) < 0 )
+ msg_Err( p_access, "failed to send Cookie" );
+ }
+ free( psz_cookie_content );
+ free( psz_cookie_domain );
+ }
}
- /* Proxy Authentication */
- if( p_sys->proxy.psz_username && *p_sys->proxy.psz_username )
- {
- char *buf;
- char *b64;
-
- asprintf( &buf, "%s:%s", p_sys->proxy.psz_username,
- p_sys->proxy.psz_password ? p_sys->proxy.psz_password : "" );
-
- b64 = vlc_b64_encode( buf );
- free( buf );
+ /* Authentication */
+ if( p_sys->url.psz_username || p_sys->url.psz_password )
+ AuthReply( p_access, "", &p_sys->url, &p_sys->auth );
- net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
- "Proxy-Authorization: Basic %s\r\n", b64 );
- free( b64 );
- }
+ /* Proxy Authentication */
+ if( p_sys->proxy.psz_username || p_sys->proxy.psz_password )
+ AuthReply( p_access, "Proxy-", &p_sys->proxy, &p_sys->proxy_auth );
/* ICY meta data request */
net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "Icy-MetaData: 1\r\n" );
- if( p_sys->b_continuous && p_sys->i_version == 1 )
+ if( p_sys->b_continuous )
{
net_Printf( VLC_OBJECT( p_access ), p_sys->fd, pvs,
- "Connection: keep-alive\r\n" );
+ "Connection: Keep-Alive\r\n" );
}
- else
+ else if( p_sys->i_version == 1 )
{
- net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
+ net_Printf( VLC_OBJECT( p_access ), p_sys->fd, pvs,
"Connection: Close\r\n");
- p_sys->b_continuous = VLC_FALSE;
}
if( net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs, "\r\n" ) < 0 )
{
p_sys->b_seekable = VLC_FALSE;
}
- if( p_sys->i_code != 206 )
+ if( p_sys->i_code != 206 && p_sys->i_code != 401 )
{
p_sys->b_seekable = VLC_FALSE;
}
- if( p_sys->i_code >= 400 )
+ /* Authentication error - We'll have to display the dialog */
+ if( p_sys->i_code == 401 )
+ {
+
+ }
+ /* Other fatal error */
+ else if( p_sys->i_code >= 400 )
{
msg_Err( p_access, "error: %s", psz );
free( psz );
goto error;
}
+ if( p_access->b_die || p_access->b_error )
+ {
+ free( psz );
+ goto error;
+ }
+
/* msg_Dbg( p_input, "Line=%s", psz ); */
if( *psz == '\0' )
{
break;
}
-
if( ( p = strchr( psz, ':' ) ) == NULL )
{
msg_Err( p_access, "malformed header line: %s", psz );
if( p_sys->b_continuous )
{
p_access->info.i_size = -1;
- msg_Dbg( p_access, "this frame size="I64Fd, atoll(p ) );
+ msg_Dbg( p_access, "this frame size=%lld", atoll(p ) );
p_sys->i_remaining = atoll( p );
}
else
}
else if( !strcasecmp( psz, "Location" ) )
{
- if( p_sys->psz_location ) free( p_sys->psz_location );
- p_sys->psz_location = strdup( p );
+ char * psz_new_loc;
+
+ /* This does not follow RFC 2068, but yet if the url is not absolute,
+ * handle it as everyone does. */
+ if( p[0] == '/' )
+ {
+ const char *psz_http_ext = p_sys->b_ssl ? "s" : "" ;
+
+ if( p_sys->url.i_port == ( p_sys->b_ssl ? 443 : 80 ) )
+ {
+ if( asprintf(&psz_new_loc, "http%s://%s%s", psz_http_ext,
+ p_sys->url.psz_host, p) < 0 )
+ goto error;
+ }
+ else
+ {
+ if( asprintf(&psz_new_loc, "http%s://%s:%d%s", psz_http_ext,
+ p_sys->url.psz_host, p_sys->url.i_port, p) < 0 )
+ goto error;
+ }
+ }
+ else
+ {
+ psz_new_loc = strdup( p );
+ }
+
+ free( p_sys->psz_location );
+ p_sys->psz_location = psz_new_loc;
}
else if( !strcasecmp( psz, "Content-Type" ) )
{
- if( p_sys->psz_mime ) free( p_sys->psz_mime );
+ free( p_sys->psz_mime );
p_sys->psz_mime = strdup( p );
msg_Dbg( p_access, "Content-Type: %s", p_sys->psz_mime );
}
+ else if( !strcasecmp( psz, "Content-Encoding" ) )
+ {
+ msg_Dbg( p_access, "Content-Encoding: %s", p );
+ if( strcasecmp( p, "identity" ) )
+#ifdef HAVE_ZLIB_H
+ p_sys->b_compressed = VLC_TRUE;
+#else
+ msg_Warn( p_access, "Compressed content not supported. Rebuild with zlib support." );
+#endif
+ }
else if( !strcasecmp( psz, "Pragma" ) )
{
if( !strcasecmp( psz, "Pragma: features" ) )
p_sys->b_mms = VLC_TRUE;
- if( p_sys->psz_pragma ) free( p_sys->psz_pragma );
+ free( p_sys->psz_pragma );
p_sys->psz_pragma = strdup( p );
msg_Dbg( p_access, "Pragma: %s", p_sys->psz_pragma );
}
}
else if( !strcasecmp( psz, "Icy-Name" ) )
{
- if( p_sys->psz_icy_name ) free( p_sys->psz_icy_name );
+ free( p_sys->psz_icy_name );
p_sys->psz_icy_name = strdup( p );
msg_Dbg( p_access, "Icy-Name: %s", p_sys->psz_icy_name );
}
else if( !strcasecmp( psz, "Icy-Genre" ) )
{
- if( p_sys->psz_icy_genre ) free( p_sys->psz_icy_genre );
+ free( p_sys->psz_icy_genre );
p_sys->psz_icy_genre = strdup( p );
msg_Dbg( p_access, "Icy-Genre: %s", p_sys->psz_icy_genre );
}
{
msg_Dbg( p_access, "Meta-Info: %s: %s", psz, p );
}
+ else if( !strcasecmp( psz, "Set-Cookie" ) )
+ {
+ if( p_sys->cookies )
+ {
+ msg_Dbg( p_access, "Accepting Cookie: %s", p );
+ cookie_append( p_sys->cookies, strdup(p) );
+ }
+ else
+ msg_Dbg( p_access, "We have a Cookie we won't remember: %s", p );
+ }
+ else if( !strcasecmp( psz, "www-authenticate" ) )
+ {
+ msg_Dbg( p_access, "Authentication header: %s", p );
+ AuthParseHeader( p_access, p, &p_sys->auth );
+ }
+ else if( !strcasecmp( psz, "proxy-authenticate" ) )
+ {
+ msg_Dbg( p_access, "Proxy authentication header: %s", p );
+ AuthParseHeader( p_access, p, &p_sys->proxy_auth );
+ }
+ else if( !strcasecmp( psz, "authentication-info" ) )
+ {
+ msg_Dbg( p_access, "Authentication Info header: %s", p );
+ if( AuthCheckReply( p_access, p, &p_sys->url, &p_sys->auth ) )
+ goto error;
+ }
+ else if( !strcasecmp( psz, "proxy-authentication-info" ) )
+ {
+ msg_Dbg( p_access, "Proxy Authentication Info header: %s", p );
+ if( AuthCheckReply( p_access, p, &p_sys->proxy, &p_sys->proxy_auth ) )
+ goto error;
+ }
free( psz );
}
net_Close(p_sys->fd);
p_sys->fd = -1;
}
-
+
+}
+
+/*****************************************************************************
+ * Cookies (FIXME: we may want to rewrite that using a nice structure to hold
+ * them) (FIXME: only support the "domain=" param)
+ *****************************************************************************/
+
+/* Get the NAME=VALUE part of the Cookie */
+static char * cookie_get_content( const char * cookie )
+{
+ char * ret = strdup( cookie );
+ if( !ret ) return NULL;
+ char * str = ret;
+ /* Look for a ';' */
+ while( *str && *str != ';' ) str++;
+ /* Replace it by a end-char */
+ if( *str == ';' ) *str = 0;
+ return ret;
+}
+
+/* Get the domain where the cookie is stored */
+static char * cookie_get_domain( const char * cookie )
+{
+ const char * str = cookie;
+ static const char domain[] = "domain=";
+ if( !str )
+ return NULL;
+ /* Look for a ';' */
+ while( *str )
+ {
+ if( !strncmp( str, domain, sizeof(domain) - 1 /* minus \0 */ ) )
+ {
+ str += sizeof(domain) - 1 /* minus \0 */;
+ char * ret = strdup( str );
+ /* Now remove the next ';' if present */
+ char * ret_iter = ret;
+ while( *ret_iter && *ret_iter != ';' ) ret_iter++;
+ if( *ret_iter == ';' )
+ *ret_iter = 0;
+ return ret;
+ }
+ /* Go to next ';' field */
+ while( *str && *str != ';' ) str++;
+ if( *str == ';' ) str++;
+ /* skip blank */
+ while( *str && *str == ' ' ) str++;
+ }
+ return NULL;
+}
+
+/* Get NAME in the NAME=VALUE field */
+static char * cookie_get_name( const char * cookie )
+{
+ char * ret = cookie_get_content( cookie ); /* NAME=VALUE */
+ if( !ret ) return NULL;
+ char * str = ret;
+ while( *str && *str != '=' ) str++;
+ *str = 0;
+ return ret;
+}
+
+/* Add a cookie in cookies, checking to see how it should be added */
+static void cookie_append( vlc_array_t * cookies, char * cookie )
+{
+ int i;
+
+ if( !cookie )
+ return;
+
+ char * cookie_name = cookie_get_name( cookie );
+
+ /* Don't send invalid cookies */
+ if( !cookie_name )
+ return;
+
+ char * cookie_domain = cookie_get_domain( cookie );
+ for( i = 0; i < vlc_array_count( cookies ); i++ )
+ {
+ char * current_cookie = vlc_array_item_at_index( cookies, i );
+ char * current_cookie_name = cookie_get_name( current_cookie );
+ char * current_cookie_domain = cookie_get_domain( current_cookie );
+
+ assert( current_cookie_name );
+
+ vlc_bool_t is_domain_matching = ( cookie_domain && current_cookie_domain &&
+ !strcmp( cookie_domain, current_cookie_domain ) );
+
+ if( is_domain_matching && !strcmp( cookie_name, current_cookie_name ) )
+ {
+ /* Remove previous value for this cookie */
+ free( current_cookie );
+ vlc_array_remove( cookies, i );
+
+ /* Clean */
+ free( current_cookie_name );
+ free( current_cookie_domain );
+ break;
+ }
+ free( current_cookie_name );
+ free( current_cookie_domain );
+ }
+ free( cookie_name );
+ free( cookie_domain );
+ vlc_array_append( cookies, cookie );
+}
+
+/*****************************************************************************
+ * "RFC 2617: Basic and Digest Access Authentification" header parsing
+ *****************************************************************************/
+static char *AuthGetParam( const char *psz_header, const char *psz_param )
+{
+ char psz_what[strlen(psz_param)+3];
+ sprintf( psz_what, "%s=\"", psz_param );
+ psz_header = strstr( psz_header, psz_what );
+ if( psz_header )
+ {
+ const char *psz_end;
+ psz_header += strlen( psz_what );
+ psz_end = strchr( psz_header, '"' );
+ if( !psz_end ) /* Invalid since we should have a closing quote */
+ return strdup( psz_header );
+ return strndup( psz_header, psz_end - psz_header );
+ }
+ else
+ {
+ return NULL;
+ }
+}
+
+static char *AuthGetParamNoQuotes( const char *psz_header, const char *psz_param )
+{
+ char psz_what[strlen(psz_param)+2];
+ sprintf( psz_what, "%s=", psz_param );
+ psz_header = strstr( psz_header, psz_what );
+ if( psz_header )
+ {
+ const char *psz_end;
+ psz_header += strlen( psz_what );
+ psz_end = strchr( psz_header, ',' );
+ /* XXX: Do we need to filter out trailing space between the value and
+ * the comma/end of line? */
+ if( !psz_end ) /* Can be valid if this is the last parameter */
+ return strdup( psz_header );
+ return strndup( psz_header, psz_end - psz_header );
+ }
+ else
+ {
+ return NULL;
+ }
+}
+
+static void AuthParseHeader( access_t *p_access, const char *psz_header,
+ http_auth_t *p_auth )
+{
+ /* FIXME: multiple auth methods can be listed (comma seperated) */
+
+ /* 2 Basic Authentication Scheme */
+ if( !strncasecmp( psz_header, "Basic ", strlen( "Basic " ) ) )
+ {
+ msg_Dbg( p_access, "Using Basic Authentication" );
+ psz_header += strlen( "Basic " );
+ p_auth->psz_realm = AuthGetParam( psz_header, "realm" );
+ if( !p_auth->psz_realm )
+ msg_Warn( p_access, "Basic Authentication: "
+ "Mandatory 'realm' parameter is missing" );
+ }
+ /* 3 Digest Access Authentication Scheme */
+ else if( !strncasecmp( psz_header, "Digest ", strlen( "Digest " ) ) )
+ {
+ msg_Dbg( p_access, "Using Digest Access Authentication" );
+ if( p_auth->psz_nonce ) return; /* FIXME */
+ psz_header += strlen( "Digest " );
+ p_auth->psz_realm = AuthGetParam( psz_header, "realm" );
+ p_auth->psz_domain = AuthGetParam( psz_header, "domain" );
+ p_auth->psz_nonce = AuthGetParam( psz_header, "nonce" );
+ p_auth->psz_opaque = AuthGetParam( psz_header, "opaque" );
+ p_auth->psz_stale = AuthGetParamNoQuotes( psz_header, "stale" );
+ p_auth->psz_algorithm = AuthGetParamNoQuotes( psz_header, "algorithm" );
+ p_auth->psz_qop = AuthGetParam( psz_header, "qop" );
+ p_auth->i_nonce = 0;
+ /* printf("realm: |%s|\ndomain: |%s|\nnonce: |%s|\nopaque: |%s|\n"
+ "stale: |%s|\nalgorithm: |%s|\nqop: |%s|\n",
+ p_auth->psz_realm,p_auth->psz_domain,p_auth->psz_nonce,
+ p_auth->psz_opaque,p_auth->psz_stale,p_auth->psz_algorithm,
+ p_auth->psz_qop); */
+ if( !p_auth->psz_realm )
+ msg_Warn( p_access, "Digest Access Authentication: "
+ "Mandatory 'realm' parameter is missing" );
+ if( !p_auth->psz_nonce )
+ msg_Warn( p_access, "Digest Access Authentication: "
+ "Mandatory 'nonce' parameter is missing" );
+ if( p_auth->psz_qop ) /* FIXME: parse the qop list */
+ {
+ char *psz_tmp = strchr( p_auth->psz_qop, ',' );
+ if( psz_tmp ) *psz_tmp = '\0';
+ }
+ }
+ else
+ {
+ const char *psz_end = strchr( psz_header, ' ' );
+ if( psz_end )
+ msg_Warn( p_access, "Unknown authentication scheme: '%*s'",
+ psz_end - psz_header, psz_header );
+ else
+ msg_Warn( p_access, "Unknown authentication scheme: '%s'",
+ psz_header );
+ }
+}
+
+static char *AuthDigest( access_t *p_access, vlc_url_t *p_url,
+ http_auth_t *p_auth, const char *psz_method )
+{
+ (void)p_access;
+ const char *psz_username = p_url->psz_username ?: "";
+ const char *psz_password = p_url->psz_password ?: "";
+
+ char *psz_HA1 = NULL;
+ char *psz_HA2 = NULL;
+ char *psz_response = NULL;
+ struct md5_s md5;
+
+ /* H(A1) */
+ if( p_auth->psz_HA1 )
+ {
+ psz_HA1 = strdup( p_auth->psz_HA1 );
+ if( !psz_HA1 ) goto error;
+ }
+ else
+ {
+ InitMD5( &md5 );
+ AddMD5( &md5, psz_username, strlen( psz_username ) );
+ AddMD5( &md5, ":", 1 );
+ AddMD5( &md5, p_auth->psz_realm, strlen( p_auth->psz_realm ) );
+ AddMD5( &md5, ":", 1 );
+ AddMD5( &md5, psz_password, strlen( psz_password ) );
+ EndMD5( &md5 );
+
+ psz_HA1 = psz_md5_hash( &md5 );
+ if( !psz_HA1 ) goto error;
+
+ if( p_auth->psz_algorithm
+ && !strcmp( p_auth->psz_algorithm, "MD5-sess" ) )
+ {
+ InitMD5( &md5 );
+ AddMD5( &md5, psz_HA1, 32 );
+ free( psz_HA1 );
+ AddMD5( &md5, ":", 1 );
+ AddMD5( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) );
+ AddMD5( &md5, ":", 1 );
+ AddMD5( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) );
+ EndMD5( &md5 );
+
+ psz_HA1 = psz_md5_hash( &md5 );
+ if( !psz_HA1 ) goto error;
+ p_auth->psz_HA1 = strdup( psz_HA1 );
+ if( !p_auth->psz_HA1 ) goto error;
+ }
+ }
+
+ /* H(A2) */
+ InitMD5( &md5 );
+ if( *psz_method )
+ AddMD5( &md5, psz_method, strlen( psz_method ) );
+ AddMD5( &md5, ":", 1 );
+ if( p_url->psz_path )
+ AddMD5( &md5, p_url->psz_path, strlen( p_url->psz_path ) );
+ else
+ AddMD5( &md5, "/", 1 );
+ if( p_auth->psz_qop && !strcmp( p_auth->psz_qop, "auth-int" ) )
+ {
+ char *psz_ent;
+ struct md5_s ent;
+ InitMD5( &ent );
+ AddMD5( &ent, "", 0 ); /* XXX: entity-body. should be ok for GET */
+ EndMD5( &ent );
+ psz_ent = psz_md5_hash( &ent );
+ if( !psz_ent ) goto error;
+ AddMD5( &md5, ":", 1 );
+ AddMD5( &md5, psz_ent, 32 );
+ free( psz_ent );
+ }
+ EndMD5( &md5 );
+ psz_HA2 = psz_md5_hash( &md5 );
+ if( !psz_HA2 ) goto error;
+
+ /* Request digest */
+ InitMD5( &md5 );
+ AddMD5( &md5, psz_HA1, 32 );
+ AddMD5( &md5, ":", 1 );
+ AddMD5( &md5, p_auth->psz_nonce, strlen( p_auth->psz_nonce ) );
+ AddMD5( &md5, ":", 1 );
+ if( p_auth->psz_qop
+ && ( !strcmp( p_auth->psz_qop, "auth" )
+ || !strcmp( p_auth->psz_qop, "auth-int" ) ) )
+ {
+ char psz_inonce[9];
+ snprintf( psz_inonce, 9, "%08x", p_auth->i_nonce );
+ AddMD5( &md5, psz_inonce, 8 );
+ AddMD5( &md5, ":", 1 );
+ AddMD5( &md5, p_auth->psz_cnonce, strlen( p_auth->psz_cnonce ) );
+ AddMD5( &md5, ":", 1 );
+ AddMD5( &md5, p_auth->psz_qop, strlen( p_auth->psz_qop ) );
+ AddMD5( &md5, ":", 1 );
+ }
+ AddMD5( &md5, psz_HA2, 32 );
+ EndMD5( &md5 );
+ psz_response = psz_md5_hash( &md5 );
+
+ error:
+ free( psz_HA1 );
+ free( psz_HA2 );
+ return psz_response;
+}
+
+
+static void AuthReply( access_t *p_access, const char *psz_prefix,
+ vlc_url_t *p_url, http_auth_t *p_auth )
+{
+ access_sys_t *p_sys = p_access->p_sys;
+ v_socket_t *pvs = p_sys->p_vs;
+
+ const char *psz_username = p_url->psz_username ?: "";
+ const char *psz_password = p_url->psz_password ?: "";
+
+ if( p_auth->psz_nonce )
+ {
+ /* Digest Access Authentication */
+ char *psz_response;
+
+ if( p_auth->psz_algorithm
+ && strcmp( p_auth->psz_algorithm, "MD5" )
+ && strcmp( p_auth->psz_algorithm, "MD5-sess" ) )
+ {
+ msg_Err( p_access, "Digest Access Authentication: "
+ "Unknown algorithm '%s'", p_auth->psz_algorithm );
+ return;
+ }
+
+ if( p_auth->psz_qop || !p_auth->psz_cnonce )
+ {
+ /* FIXME: needs to be really random to prevent man in the middle
+ * attacks */
+ free( p_auth->psz_cnonce );
+ p_auth->psz_cnonce = strdup( "Some random string FIXME" );
+ }
+ p_auth->i_nonce ++;
+
+ psz_response = AuthDigest( p_access, p_url, p_auth, "GET" );
+ if( !psz_response ) return;
+
+ net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
+ "%sAuthorization: Digest "
+ /* Mandatory parameters */
+ "username=\"%s\", "
+ "realm=\"%s\", "
+ "nonce=\"%s\", "
+ "uri=\"%s\", "
+ "response=\"%s\", "
+ /* Optional parameters */
+ "%s%s%s" /* algorithm */
+ "%s%s%s" /* cnonce */
+ "%s%s%s" /* opaque */
+ "%s%s%s" /* message qop */
+ "%s%08x%s" /* nonce count */
+ "\r\n",
+ /* Mandatory parameters */
+ psz_prefix,
+ psz_username,
+ p_auth->psz_realm,
+ p_auth->psz_nonce,
+ p_url->psz_path ?: "/",
+ psz_response,
+ /* Optional parameters */
+ p_auth->psz_algorithm ? "algorithm=\"" : "",
+ p_auth->psz_algorithm ?: "",
+ p_auth->psz_algorithm ? "\", " : "",
+ p_auth->psz_cnonce ? "cnonce=\"" : "",
+ p_auth->psz_cnonce ?: "",
+ p_auth->psz_cnonce ? "\", " : "",
+ p_auth->psz_opaque ? "opaque=\"" : "",
+ p_auth->psz_opaque ?: "",
+ p_auth->psz_opaque ? "\", " : "",
+ p_auth->psz_qop ? "qop=\"" : "",
+ p_auth->psz_qop ?: "",
+ p_auth->psz_qop ? "\", " : "",
+ p_auth->i_nonce ? "nc=\"" : "uglyhack=\"", /* Will be parsed as an unhandled extension */
+ p_auth->i_nonce,
+ p_auth->i_nonce ? "\"" : "\""
+ );
+
+ free( psz_response );
+ }
+ else
+ {
+ /* Basic Access Authentication */
+ char buf[strlen( psz_username ) + strlen( psz_password ) + 2];
+ char *b64;
+
+ snprintf( buf, sizeof( buf ), "%s:%s", psz_username, psz_password );
+ b64 = vlc_b64_encode( buf );
+
+ if( b64 != NULL )
+ {
+ net_Printf( VLC_OBJECT(p_access), p_sys->fd, pvs,
+ "%sAuthorization: Basic %s\r\n", psz_prefix, b64 );
+ free( b64 );
+ }
+ }
+}
+
+static int AuthCheckReply( access_t *p_access, const char *psz_header,
+ vlc_url_t *p_url, http_auth_t *p_auth )
+{
+ int i_ret = VLC_EGENERIC;
+ char *psz_nextnonce = AuthGetParam( psz_header, "nextnonce" );
+ char *psz_qop = AuthGetParamNoQuotes( psz_header, "qop" );
+ char *psz_rspauth = AuthGetParam( psz_header, "rspauth" );
+ char *psz_cnonce = AuthGetParam( psz_header, "cnonce" );
+ char *psz_nc = AuthGetParamNoQuotes( psz_header, "nc" );
+
+ if( psz_cnonce )
+ {
+ char *psz_digest;
+
+ if( strcmp( psz_cnonce, p_auth->psz_cnonce ) )
+ {
+ msg_Err( p_access, "HTTP Digest Access Authentication: server replied with a different client nonce value." );
+ goto error;
+ }
+
+ if( psz_nc )
+ {
+ int i_nonce;
+ i_nonce = strtol( psz_nc, NULL, 16 );
+ if( i_nonce != p_auth->i_nonce )
+ {
+ msg_Err( p_access, "HTTP Digest Access Authentication: server replied with a different nonce count value." );
+ goto error;
+ }
+ }
+
+ if( psz_qop && p_auth->psz_qop && strcmp( psz_qop, p_auth->psz_qop ) )
+ msg_Warn( p_access, "HTTP Digest Access Authentication: server replied using a different 'quality of protection' option" );
+
+ /* All the clear text values match, let's now check the response
+ * digest */
+ psz_digest = AuthDigest( p_access, p_url, p_auth, "" );
+ if( strcmp( psz_digest, psz_rspauth ) )
+ {
+ msg_Err( p_access, "HTTP Digest Access Authentication: server replied with an invalid response digest (expected value: %s).", psz_digest );
+ free( psz_digest );
+ goto error;
+ }
+ free( psz_digest );
+ }
+
+ if( psz_nextnonce )
+ {
+ free( p_auth->psz_nonce );
+ p_auth->psz_nonce = psz_nextnonce;
+ psz_nextnonce = NULL;
+ }
+
+ i_ret = VLC_SUCCESS;
+ error:
+ free( psz_nextnonce );
+ free( psz_qop );
+ free( psz_rspauth );
+ free( psz_cnonce );
+
+ return i_ret;
+}
+
+static void AuthReset( http_auth_t *p_auth )
+{
+ FREENULL( p_auth->psz_realm );
+ FREENULL( p_auth->psz_domain );
+ FREENULL( p_auth->psz_nonce );
+ FREENULL( p_auth->psz_opaque );
+ FREENULL( p_auth->psz_stale );
+ FREENULL( p_auth->psz_algorithm );
+ FREENULL( p_auth->psz_qop );
+ p_auth->i_nonce = 0;
+ FREENULL( p_auth->psz_cnonce );
+ FREENULL( p_auth->psz_HA1 );
}