[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#43566: 27.1; url-http and excorporate does not authenticate
From: |
Thomas Fitzsimmons |
Subject: |
bug#43566: 27.1; url-http and excorporate does not authenticate |
Date: |
Sun, 31 Jan 2021 10:03:19 -0500 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/27.1.90 (gnu/linux) |
Hi Lars,
Lars Ingebrigtsen <larsi@gnus.org> writes:
> Thomas Fitzsimmons <fitzsim@fitzsim.org> writes:
>
>> I no longer use the NTLM mode myself, but I did manage to independently
>> figure out the issue by implementing an NTLM server in elisp. I'm going
>> to add it to the test suite, since otherwise it's not feasible for Emacs
>> maintainers to test ntlm.el properly (which is what happened in Emacs
>> 27.1). I can test inflooping against it too once I have the changes
>> ready.
>
> Great!
I've got an initial version of the test running locally. There's still
a lot of integration to do, which I probably won't finish before Emacs
27.2. I'd like to put in a workaround for now.
How about this patch for the emacs-27 branch? Is there a test suite
entry for bug 27022 that I can run against my elisp NTLM server?
Thanks,
Thomas
diff --git a/lisp/url/url-http.el b/lisp/url/url-http.el
index 298f204791..89d2189ad1 100644
--- a/lisp/url/url-http.el
+++ b/lisp/url/url-http.el
@@ -461,8 +461,10 @@ url-http-handle-authentication
;; headers, then this means that we've already tried sending
;; credentials to the server, and they were wrong, so just give
;; up.
- (when (assoc "Authorization" url-http-extra-headers)
- (error "Wrong authorization used for %s" url))
+ (let ((authorization (assoc "Authorization" url-http-extra-headers)))
+ (when (and authorization
+ (not (string-match "^NTLM " (cdr authorization))))
+ (error "Wrong authorization used for %s" url)))
;; find strongest supported auth
(dolist (this-auth auths)
- bug#43566: 27.1; url-http and excorporate does not authenticate,
Thomas Fitzsimmons <=