Commit 2fe7d3d8 authored by Axel Beckert's avatar Axel Beckert

New upstream version 2.8.9dev13

parent b8b64952
-- $LynxId: CHANGES,v 1.862 2016/11/16 00:35:39 tom Exp $ -- $LynxId: CHANGES,v 1.889 2017/04/29 14:43:40 tom Exp $
=============================================================================== ===============================================================================
Changes since Lynx 2.8 release Changes since Lynx 2.8 release
=============================================================================== ===============================================================================
2017-04-29 (2.8.9dev.13)
* amend fix for Debian #841155, adding check for special case where the
expected number of cells is zero (report by Larry Hynes) -TD
2017-04-28 (2.8.9dev.12)
* correct logic in cell2char(), which gave up too early in determining the
number of cells needed for a multibyte string in the editable text-fields
(Debian #841155) -TD
* improve manual page discussion of environment variables, prompted by
comments in Debian #791452, which overlooked the fact that details of proxy
behavior are found in the user guide -TD
* cleanup some of the user's guide formatting, e.g., for quote-characters -TD
* consistently use "_" in command-line options table and manual page, to work
with program logic that treats "-" as "_", but not the reverse (report by
Larry Hynes) -TD
* improved several configure macros: CF_ADD_CFLAGS, CF_CC_ENV_FLAGS,
CF_GNU_SOURCE, CF_LARGEFILE, CF_MATH_LIB, CF_PROG_LINT, CF_SRAND,
CF_XOPEN_SOURCE -TD
* modify Windows makefile to allow SSL_LIBS and SSL_DEFS to be overridden,
reflecting naming-incompatibility in recent OpenSSL development -TD
* modify ncurses-specific code to allow its TERMINAL struct to be opaque -TD
* refine special case of server Content-Type from 2.8.7dev.11 changes to
decompress files offered for download when the server has gzip'd them
(report by TH) -TD
* amend comparision from 2.8.8dev.10 changes to handle slang specially
(report/testcase by TH) -TD
* minor cleanup of UCDomap.c -TD
* build-fix for color-style with leak-checking -TD
* amend merge/fixes from
http://en.sourceforge.jp/project/lynx-win32-pata
as well as problem introduced by 2.8.8dev.6 cleanup -TH
* update ca.po, from
http://translationproject.org/latest/lynx
* tidy whitespace in lynx.cfg (report by David Niklas)
* fix two more typos in the list of ENABLE_LYNXRC in lynx.cfg -TD
* remove a repeated item for SEND_USERAGENT from lynx.cfg (Larry Hynes)
* accept userinfo in a URL, subject to override by -auth option or -pauth
options. According to RFC-3986, this is deprecated, but testing shows other
clients support it -TD
* fix several minor warnings reported by Coverity -TD
* remove redundant asserts which follow a check that leads to outofmem(),
added in 2.8.8dev.4 to appease clang 2.6, since clang 3.x understands
no-return function declarations -TD
* when converting host+params to idna, temporarily separate the params to
avoid a warning from idna_to_ascii_8z() -TD
* improve warning messages from 2.8.9dev.11 fixes when stripping user/password,
dropping an unnecessary message and fixing a case where all-punctuation
user name was not logged (report by Axel Beckert) -TD
* update config.guess (2017-03-05), config.sub (2017-02-07)
2016-11-15 (2.8.9dev.11) 2016-11-15 (2.8.9dev.11)
* amend fix for stripping user/password to ensure that the stripped value is * amend fix for stripping user/password to ensure that the stripped value is
used when connecting to the host (prompted by discussion of CVE-2016-9179 used when connecting to the host (prompted by discussion of CVE-2016-9179
......
Copyright 1997-2015,2016 Thomas E. Dickey Copyright 1997-2016,2017 Thomas E. Dickey
This copyright notice must be included in all copies or substantial This copyright notice must be included in all copies or substantial
portions of Lynx. It outlines rights and restrictions for Lynx which portions of Lynx. It outlines rights and restrictions for Lynx which
...@@ -80,5 +80,5 @@ For reference, below is the original copyright notice for Lynx (2.4.2). ...@@ -80,5 +80,5 @@ For reference, below is the original copyright notice for Lynx (2.4.2).
*/ */
------------------------------------------------------------------------------ ------------------------------------------------------------------------------
-- vile:txtmode fc=72 noti -- vile:txtmode fc=72 noti
-- $LynxId: COPYHEADER,v 1.14 2016/04/11 00:41:05 tom Exp $ -- $LynxId: COPYHEADER,v 1.15 2017/01/01 17:00:00 tom Exp $
------------------------------------------------------------------------------ ------------------------------------------------------------------------------
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
Version: GnuPG v1.4.12 (GNU/Linux) Version: GnuPG v1.4.12 (GNU/Linux)
Comment: See http://invisible-island.net/public/public.html for info Comment: See http://invisible-island.net/public/public.html for info
iEYEABECAAYFAlcK82QACgkQcCNT4PfkjttIuwCeOsxrhAi9MzzRMZdbuGdBgJ2o iEYEABECAAYFAlhpP/MACgkQcCNT4PfkjtuGHACgj9vomskwuqiP0vUMjTpy2w9Y
3fUAnjxUoC/JPkmGCvDtvumSH/10zquP Z10An2eosmBJQi+vBdtTxieiG5M/BD+f
=ge/N =tp9v
-----END PGP SIGNATURE----- -----END PGP SIGNATURE-----
lynx-dev (2.8.9dev.11) unstable; urgency=low lynx-dev (2.8.9dev.13) unstable; urgency=low
* maintenance updates * maintenance updates
-- Thomas E. Dickey <dickey@invisible-island.net> Tue, 15 Nov 2016 04:04:25 -0500 -- Thomas E. Dickey <dickey@invisible-island.net> Sat, 29 Apr 2017 08:47:15 -0400
lynx-dev (2.8.8dev.16) unstable; urgency=high lynx-dev (2.8.8dev.16) unstable; urgency=high
......
...@@ -47,7 +47,7 @@ For reference, below is the original copyright notice for Lynx (2.4.2). ...@@ -47,7 +47,7 @@ For reference, below is the original copyright notice for Lynx (2.4.2).
Files: aclocal.m4 Files: aclocal.m4
License: other-BSD License: other-BSD
Copyright: 1997-2015,2016 by Thomas E. Dickey Copyright: 1997-2016,2017 by Thomas E. Dickey
Permission to use, copy, modify, and distribute this software and its Permission to use, copy, modify, and distribute this software and its
documentation for any purpose and without fee is hereby granted, documentation for any purpose and without fee is hereby granted,
provided that the above copyright notice appear in all copies and that provided that the above copyright notice appear in all copies and that
......
; $LynxId: lynx-newssl.iss,v 1.1 2017/04/27 00:19:42 tom Exp $
;
; This is an installer for Lynx built with "new" OpenSSL (1.1.x).
;
; The script assumes environment variables have been set, e.g., to point to
; data which is used by the installer (see "lynx.lss" for details).
#define SetupBaseName "lynx-newssl"
#define SourceExeName "lynx-newssl.exe"
#include "lynx.iss"
; $LynxId: lynx-oldssl.iss,v 1.1 2017/04/27 00:20:10 tom Exp $
;
; This is an installer for Lynx built with "old" OpenSSL (before 1.1.x).
;
; The script assumes environment variables have been set, e.g., to point to
; data which is used by the installer (see "lynx.lss" for details).
#define SetupBaseName "lynx-oldssl"
#define SourceExeName "lynx-oldssl.exe"
#include "lynx.iss"
; $LynxId: lynx.iss,v 1.16 2016/04/11 00:42:33 tom Exp $ ; $LynxId: lynx.iss,v 1.17 2017/01/02 02:22:38 tom Exp $
; vile:ts=2 sw=2 notabinsert ; vile:ts=2 sw=2 notabinsert
; ;
; This is the BASE script for different flavors of the installer for Lynx. ; This is the BASE script for different flavors of the installer for Lynx.
...@@ -90,7 +90,7 @@ AppName={#MyAppName} ...@@ -90,7 +90,7 @@ AppName={#MyAppName}
#emit 'VersionInfoVersion=' + LYNX_TARGET1 #emit 'VersionInfoVersion=' + LYNX_TARGET1
AppVerName={#MyAppVerName} AppVerName={#MyAppVerName}
AppPublisher={#MyAppPublisher} AppPublisher={#MyAppPublisher}
AppCopyright= 1997-2015,2016, Thomas E. Dickey AppCopyright= 1997-2016,2017, Thomas E. Dickey
AppPublisherURL={#MyAppURL} AppPublisherURL={#MyAppURL}
AppSupportURL={#MyAppURL} AppSupportURL={#MyAppURL}
AppUpdatesURL={#MyAppURL} AppUpdatesURL={#MyAppURL}
......
; $LynxId: lynx.nsi,v 1.31 2016/11/15 09:04:25 tom Exp $ ; $LynxId: lynx.nsi,v 1.34 2017/04/29 12:47:15 tom Exp $
; Script originally generated with the Venis Install Wizard, but customized. ; Script originally generated with the Venis Install Wizard, but customized.
; The Inno Setup script is preferred; but this can be built via cross-compiling. ; The Inno Setup script is preferred; but this can be built via cross-compiling.
...@@ -9,8 +9,8 @@ ...@@ -9,8 +9,8 @@
!define VERSION_EPOCH "2" !define VERSION_EPOCH "2"
!define VERSION_MAJOR "8" !define VERSION_MAJOR "8"
!define VERSION_MINOR "9" !define VERSION_MINOR "9"
!define VERSION_LEVEL "1011" !define VERSION_LEVEL "1013"
!define VERSION_PATCH "dev.11" !define VERSION_PATCH "dev.13"
!define SUBKEY "Lynx" !define SUBKEY "Lynx"
...@@ -28,7 +28,7 @@ SetCompressor /SOLID lzma ...@@ -28,7 +28,7 @@ SetCompressor /SOLID lzma
VIAddVersionKey ProductName "${SUBKEY}" VIAddVersionKey ProductName "${SUBKEY}"
VIAddVersionKey CompanyName "http://invisible-island.net/lynx" VIAddVersionKey CompanyName "http://invisible-island.net/lynx"
VIAddVersionKey LegalCopyright " 1997-2015,2016, Thomas E. Dickey" VIAddVersionKey LegalCopyright " 1997-2016,2017, Thomas E. Dickey"
VIAddVersionKey FileDescription "Lynx Installer (MinGW)" VIAddVersionKey FileDescription "Lynx Installer (MinGW)"
VIAddVersionKey FileVersion "${VERSION}" VIAddVersionKey FileVersion "${VERSION}"
VIAddVersionKey ProductVersion "${VERSION}" VIAddVersionKey ProductVersion "${VERSION}"
......
# $LynxId: lynx.spec,v 1.38 2016/11/15 09:04:25 tom Exp $ # $LynxId: lynx.spec,v 1.40 2017/04/29 12:47:15 tom Exp $
Summary: A text-based Web browser Summary: A text-based Web browser
Name: lynx Name: lynx
Version: 2.8.9 Version: 2.8.9
Release: dev.11 Release: dev.13
License: GPLv2 License: GPLv2
Group: Applications/Internet Group: Applications/Internet
Source: lynx%{version}%{release}.tgz Source: lynx%{version}%{release}.tgz
......
; version used for Inno Setup files. ; version used for Inno Setup files.
; $Format: "#define LYNX_VERSION \"$ProjectVersion$\""$ ; $Format: "#define LYNX_VERSION \"$ProjectVersion$\""$
#define LYNX_VERSION "2.8.9dev.11" #define LYNX_VERSION "2.8.9dev.13"
; most-recent full release and target ; most-recent full release and target
#define LYNX_RELEASE "2.8.9" #define LYNX_RELEASE "2.8.9"
......
/* /*
* $LynxId: HTAABrow.c,v 1.40 2013/11/28 11:11:05 tom Exp $ * $LynxId: HTAABrow.c,v 1.42 2016/11/24 23:57:57 tom Exp $
* *
* MODULE HTAABrow.c * MODULE HTAABrow.c
* BROWSER SIDE ACCESS AUTHORIZATION MODULE * BROWSER SIDE ACCESS AUTHORIZATION MODULE
...@@ -150,8 +150,6 @@ void HTAAForwardAuth_set(const char *scheme_name, ...@@ -150,8 +150,6 @@ void HTAAForwardAuth_set(const char *scheme_name,
if ((HTAAForwardAuth = typecallocn(char, len)) == 0) if ((HTAAForwardAuth = typecallocn(char, len)) == 0)
outofmem(__FILE__, "HTAAForwardAuth_set"); outofmem(__FILE__, "HTAAForwardAuth_set");
assert(HTAAForwardAuth != 0);
strcpy(HTAAForwardAuth, "Authorization: "); strcpy(HTAAForwardAuth, "Authorization: ");
if (scheme_name) { if (scheme_name) {
strcat(HTAAForwardAuth, scheme_name); strcat(HTAAForwardAuth, scheme_name);
...@@ -196,8 +194,6 @@ static HTAAServer *HTAAServer_new(const char *hostname, ...@@ -196,8 +194,6 @@ static HTAAServer *HTAAServer_new(const char *hostname,
if ((server = typecalloc(HTAAServer)) == 0) if ((server = typecalloc(HTAAServer)) == 0)
outofmem(__FILE__, "HTAAServer_new"); outofmem(__FILE__, "HTAAServer_new");
assert(server != NULL);
server->hostname = NULL; server->hostname = NULL;
server->portnumber = (portnumber > 0 ? portnumber : 80); server->portnumber = (portnumber > 0 ? portnumber : 80);
server->IsProxy = (BOOLEAN) IsProxy; server->IsProxy = (BOOLEAN) IsProxy;
...@@ -399,8 +395,6 @@ static HTAASetup *HTAASetup_new(HTAAServer *server, char *ctemplate, ...@@ -399,8 +395,6 @@ static HTAASetup *HTAASetup_new(HTAAServer *server, char *ctemplate,
if ((setup = typecalloc(HTAASetup)) == 0) if ((setup = typecalloc(HTAASetup)) == 0)
outofmem(__FILE__, "HTAASetup_new"); outofmem(__FILE__, "HTAASetup_new");
assert(setup != NULL);
setup->retry = NO; setup->retry = NO;
setup->server = server; setup->server = server;
setup->ctemplate = NULL; setup->ctemplate = NULL;
...@@ -523,8 +517,6 @@ static HTAARealm *HTAARealm_new(HTList *realm_table, ...@@ -523,8 +517,6 @@ static HTAARealm *HTAARealm_new(HTList *realm_table,
if ((realm = typecalloc(HTAARealm)) == 0) if ((realm = typecalloc(HTAARealm)) == 0)
outofmem(__FILE__, "HTAARealm_new"); outofmem(__FILE__, "HTAARealm_new");
assert(realm != NULL);
realm->realmname = NULL; realm->realmname = NULL;
realm->username = NULL; realm->username = NULL;
realm->password = NULL; realm->password = NULL;
...@@ -540,6 +532,72 @@ static HTAARealm *HTAARealm_new(HTList *realm_table, ...@@ -540,6 +532,72 @@ static HTAARealm *HTAARealm_new(HTList *realm_table,
return realm; return realm;
} }
BOOL HTAA_HaveUserinfo(const char *hostname)
{
int gen_delims = 0;
char *my_info = NULL;
char *at_sign = HTSkipToAt(StrAllocCopy(my_info, hostname), &gen_delims);
free(my_info);
return (at_sign != NULL && gen_delims == 0) ? TRUE : FALSE;
}
/*
* If there is userinfo in the hostname string, update the realm to use that
* information. The command-line "-auth" option will override this.
*/
static void fill_in_userinfo(HTAARealm *realm, const char *hostname)
{
int gen_delims = 0;
char *my_info = NULL;
char *at_sign = HTSkipToAt(StrAllocCopy(my_info, hostname), &gen_delims);
if (at_sign != NULL && gen_delims == 0) {
char *colon;
*at_sign = '\0';
if ((colon = StrChr(my_info, ':')) != 0) {
*colon++ = '\0';
}
if (non_empty(my_info)) {
char *msg;
BOOL prior = non_empty(realm->username);
if (prior && strcmp(realm->username, my_info)) {
msg = 0;
HTSprintf0(&msg,
gettext("username for realm %s changed from %s to %s"),
realm->realmname,
realm->username,
my_info);
HTAlert(msg);
free(msg);
FREE(realm->username);
StrAllocCopy(realm->username, my_info);
} else if (!prior) {
StrAllocCopy(realm->username, my_info);
}
if (non_empty(colon)) {
prior = non_empty(realm->password);
if (prior && strcmp(realm->password, colon)) {
msg = 0;
HTSprintf0(&msg,
gettext("password for realm %s user %s changed"),
realm->realmname,
realm->username);
HTAlert(msg);
free(msg);
FREE(realm->password);
StrAllocCopy(realm->password, colon);
} else if (!prior) {
StrAllocCopy(realm->password, colon);
}
}
}
}
free(my_info);
}
/***************** Basic and Pubkey Authentication ************************/ /***************** Basic and Pubkey Authentication ************************/
/* static compose_auth_string() /* static compose_auth_string()
...@@ -548,6 +606,7 @@ static HTAARealm *HTAARealm_new(HTList *realm_table, ...@@ -548,6 +606,7 @@ static HTAARealm *HTAARealm_new(HTList *realm_table,
* PROMPTS FOR USERNAME AND PASSWORD IF NEEDED * PROMPTS FOR USERNAME AND PASSWORD IF NEEDED
* *
* ON ENTRY: * ON ENTRY:
* hostname may include user- and password information
* scheme is either HTAA_BASIC or HTAA_PUBKEY. * scheme is either HTAA_BASIC or HTAA_PUBKEY.
* setup is the current server setup. * setup is the current server setup.
* IsProxy should be TRUE if this is a proxy. * IsProxy should be TRUE if this is a proxy.
...@@ -563,7 +622,10 @@ static HTAARealm *HTAARealm_new(HTList *realm_table, ...@@ -563,7 +622,10 @@ static HTAARealm *HTAARealm_new(HTList *realm_table,
* returned by AA package needs to (or should) be freed. * returned by AA package needs to (or should) be freed.
* *
*/ */
static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsProxy) static char *compose_auth_string(const char *hostname,
HTAAScheme scheme,
HTAASetup * setup,
int IsProxy)
{ {
char *cleartext = NULL; /* Cleartext presentation */ char *cleartext = NULL; /* Cleartext presentation */
char *ciphertext = NULL; /* Encrypted presentation */ char *ciphertext = NULL; /* Encrypted presentation */
...@@ -581,9 +643,12 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro ...@@ -581,9 +643,12 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro
FREE(compose_auth_stringResult); /* From previous call */ FREE(compose_auth_stringResult); /* From previous call */
if ((scheme != HTAA_BASIC && scheme != HTAA_PUBKEY) || !setup || if ((scheme != HTAA_BASIC && scheme != HTAA_PUBKEY) ||
!setup->scheme_specifics || !setup->scheme_specifics[scheme] || !(setup &&
!setup->server || !setup->server->realms) setup->scheme_specifics &&
setup->scheme_specifics[scheme] &&
setup->server &&
setup->server->realms))
return NULL; return NULL;
realmname = HTAssocList_lookup(setup->scheme_specifics[scheme], "realm"); realmname = HTAssocList_lookup(setup->scheme_specifics[scheme], "realm");
...@@ -591,9 +656,11 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro ...@@ -591,9 +656,11 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro
return NULL; return NULL;
realm = HTAARealm_lookup(setup->server->realms, realmname); realm = HTAARealm_lookup(setup->server->realms, realmname);
setup->retry |= HTAA_HaveUserinfo(hostname);
if (!(realm && if (!(realm &&
realm->username && *realm->username && non_empty(realm->username) &&
realm->password) || setup->retry) { non_empty(realm->password)) || setup->retry) {
if (!realm) { if (!realm) {
CTRACE((tfp, "%s `%s' %s\n", CTRACE((tfp, "%s `%s' %s\n",
"compose_auth_string: realm:", realmname, "compose_auth_string: realm:", realmname,
...@@ -601,6 +668,7 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro ...@@ -601,6 +668,7 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro
realm = HTAARealm_new(setup->server->realms, realm = HTAARealm_new(setup->server->realms,
realmname, NULL, NULL); realmname, NULL, NULL);
} }
fill_in_userinfo(realm, hostname);
/* /*
* The template should be either the '*' global for everything on the * The template should be either the '*' global for everything on the
* server (always true for proxy authorization setups), or a path for * server (always true for proxy authorization setups), or a path for
...@@ -625,12 +693,7 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro ...@@ -625,12 +693,7 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro
setup->server->portnumber != 80) { setup->server->portnumber != 80) {
HTSprintf0(&thePort, ":%d", setup->server->portnumber); HTSprintf0(&thePort, ":%d", setup->server->portnumber);
} }
/*
* Set up the message for the username prompt, and then issue the
* prompt. The default username is included in the call to the
* prompting function, but the password is NULL-ed and always replaced.
* - FM
*/
HTSprintf0(&msg, gettext("Username for '%s' at %s '%s%s':"), HTSprintf0(&msg, gettext("Username for '%s' at %s '%s%s':"),
realm->realmname, realm->realmname,
(IsProxy ? "proxy" : "server"), (IsProxy ? "proxy" : "server"),
...@@ -638,13 +701,18 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro ...@@ -638,13 +701,18 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro
NonNull(thePort)); NonNull(thePort));
FREE(proxiedHost); FREE(proxiedHost);
FREE(thePort); FREE(thePort);
StrAllocCopy(username, realm->username); if (non_empty(realm->username)) {
password = NULL; StrAllocCopy(username, realm->username);
}
if (non_empty(realm->password)) {
StrAllocCopy(password, realm->password);
}
HTPromptUsernameAndPassword(msg, &username, &password, IsProxy); HTPromptUsernameAndPassword(msg, &username, &password, IsProxy);
FREE(msg); FREE(msg);
FREE(realm->username); FREE(realm->username);
FREE(realm->password); FREE(realm->password);
realm->username = username; realm->username = username;
realm->password = password; realm->password = password;
...@@ -679,8 +747,6 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro ...@@ -679,8 +747,6 @@ static char *compose_auth_string(HTAAScheme scheme, HTAASetup * setup, int IsPro
if ((cleartext = typecallocn(char, len)) == 0) if ((cleartext = typecallocn(char, len)) == 0)
outofmem(__FILE__, "compose_auth_string"); outofmem(__FILE__, "compose_auth_string");
assert(cleartext != NULL);
if (realm->username) if (realm->username)
strcpy(cleartext, realm->username); strcpy(cleartext, realm->username);
else else
...@@ -892,7 +958,7 @@ char *HTAA_composeAuth(const char *hostname, ...@@ -892,7 +958,7 @@ char *HTAA_composeAuth(const char *hostname,
switch (scheme = HTAA_selectScheme(proxy_setup)) { switch (scheme = HTAA_selectScheme(proxy_setup)) {
case HTAA_BASIC: case HTAA_BASIC:
case HTAA_PUBKEY: case HTAA_PUBKEY:
auth_string = compose_auth_string(scheme, proxy_setup, IsProxy); auth_string = compose_auth_string(hostname, scheme, proxy_setup, IsProxy);
break; break;
case HTAA_KERBEROS_V4: case HTAA_KERBEROS_V4:
/* OTHER AUTHENTICATION ROUTINES ARE CALLED HERE */ /* OTHER AUTHENTICATION ROUTINES ARE CALLED HERE */
...@@ -927,8 +993,6 @@ char *HTAA_composeAuth(const char *hostname, ...@@ -927,8 +993,6 @@ char *HTAA_composeAuth(const char *hostname,
if ((HTAA_composeAuthResult = typecallocn(char, len)) == 0) if ((HTAA_composeAuthResult = typecallocn(char, len)) == 0)
outofmem(__FILE__, "HTAA_composeAuth"); outofmem(__FILE__, "HTAA_composeAuth");
assert(HTAA_composeAuthResult != NULL);
strcpy(HTAA_composeAuthResult, "Proxy-Authorization: "); strcpy(HTAA_composeAuthResult, "Proxy-Authorization: ");
} else { } else {
...@@ -971,7 +1035,7 @@ char *HTAA_composeAuth(const char *hostname, ...@@ -971,7 +1035,7 @@ char *HTAA_composeAuth(const char *hostname,
switch (scheme = HTAA_selectScheme(current_setup)) { switch (scheme = HTAA_selectScheme(current_setup)) {
case HTAA_BASIC: case HTAA_BASIC:
case HTAA_PUBKEY: case HTAA_PUBKEY:
auth_string = compose_auth_string(scheme, current_setup, IsProxy); auth_string = compose_auth_string(hostname, scheme, current_setup, IsProxy);
break; break;
case HTAA_KERBEROS_V4: case HTAA_KERBEROS_V4:
/* OTHER AUTHENTICATION ROUTINES ARE CALLED HERE */ /* OTHER AUTHENTICATION ROUTINES ARE CALLED HERE */
...@@ -1007,8 +1071,6 @@ char *HTAA_composeAuth(const char *hostname, ...@@ -1007,8 +1071,6 @@ char *HTAA_composeAuth(const char *hostname,
if ((HTAA_composeAuthResult = typecallocn(char, len)) == 0) if ((HTAA_composeAuthResult = typecallocn(char, len)) == 0)
outofmem(__FILE__, "HTAA_composeAuth"); outofmem(__FILE__, "HTAA_composeAuth");
assert(HTAA_composeAuthResult != NULL);
strcpy(HTAA_composeAuthResult, "Authorization: "); strcpy(HTAA_composeAuthResult, "Authorization: ");
} }
...@@ -1109,8 +1171,6 @@ BOOL HTAA_shouldRetryWithAuth(char *start_of_headers, ...@@ -1109,8 +1171,6 @@ BOOL HTAA_shouldRetryWithAuth(char *start_of_headers,
if (!scheme_specifics) if (!scheme_specifics)
outofmem(__FILE__, "HTAA_shouldRetryWithAuth"); outofmem(__FILE__, "HTAA_shouldRetryWithAuth");
assert(scheme_specifics != NULL);
for (i = 0; i < HTAA_MAX_SCHEMES; i++) for (i = 0; i < HTAA_MAX_SCHEMES; i++)
scheme_specifics[i] = NULL; scheme_specifics[i] = NULL;
} }
......
/* /*
* $LynxId: HTAABrow.h,v 1.16 2010/10/27 00:13:53 tom Exp $ * $LynxId: HTAABrow.h,v 1.17 2016/11/24 23:32:22 tom Exp $
* *
* BROWSER SIDE ACCESS AUTHORIZATION MODULE * BROWSER SIDE ACCESS AUTHORIZATION MODULE
...@@ -116,6 +116,11 @@ extern "C" { ...@@ -116,6 +116,11 @@ extern "C" {
*/ */
extern void HTClearHTTPAuthInfo(void); extern void HTClearHTTPAuthInfo(void);
/*
* Check if a hostname-string contains user information.
*/
extern BOOL HTAA_HaveUserinfo(const char *hostname);
/* /*
Enabling Gateway httpds to Forward Authorization Enabling Gateway httpds to Forward Authorization
......
/* /*
* $LynxId: HTAAProt.c,v 1.33 2013/11/28 11:11:05 tom Exp $ * $LynxId: HTAAProt.c,v 1.34 2016/11/24 15:29:50 tom Exp $
* *
* MODULE HTAAProt.c * MODULE HTAAProt.c
* PROTECTION FILE PARSING MODULE * PROTECTION FILE PARSING MODULE
...@@ -346,8 +346,6 @@ static HTAAProt *HTAAProt_new(const char *cur_docname, ...@@ -346,8 +346,6 @@ static HTAAProt *HTAAProt_new(const char *cur_docname,
if ((prot = typecalloc(HTAAProt)) == 0) if ((prot = typecalloc(HTAAProt)) == 0)
outofmem(__FILE__, "HTAAProt_new"); outofmem(__FILE__, "HTAAProt_new");
assert(prot != NULL);
prot->ctemplate = NULL; prot->ctemplate = NULL;
prot->filename = NULL; prot->filename = NULL;
prot->uid_name = NULL; prot->uid_name = NULL;
...@@ -362,8 +360,6 @@ static HTAAProt *HTAAProt_new(const char *cur_docname, ...@@ -362,8 +360,6 @@ static HTAAProt *HTAAProt_new(const char *cur_docname,
if ((cache_item = typecalloc(HTAAProtCache)) == 0) if ((cache_item = typecalloc(HTAAProtCache)) == 0)
outofmem(__FILE__, "HTAAProt_new"); outofmem(__FILE__, "HTAAProt_new");
assert(cache_item != NULL);
cache_item->prot = prot; cache_item->prot = prot;
cache_item->prot_filename = NULL; cache_item->prot_filename = NULL;
StrAllocCopy(cache_item->prot_filename, prot_filename); StrAllocCopy(cache_item->prot_filename, prot_filename);
......
/* /*
* $LynxId: HTAAUtil.c,v 1.35 2013/05/03 20:32:37 tom Exp $ * $LynxId: HTAAUtil.c,v 1.36 2016/11/24 15:29:50 tom Exp $
* *
* MODULE HTAAUtil.c * MODULE HTAAUtil.c
* COMMON PARTS OF ACCESS AUTHORIZATION MODULE * COMMON PARTS OF ACCESS AUTHORIZATION MODULE
...@@ -488,8 +488,6 @@ void HTAA_setupReader(char *start_of_headers, ...@@ -488,8 +488,6 @@ void HTAA_setupReader(char *start_of_headers,
if (buffer == NULL) if (buffer == NULL)
outofmem(__FILE__, "HTAA_setupReader"); outofmem(__FILE__, "HTAA_setupReader");
assert(buffer != NULL);
#ifdef LY_FIND_LEAKS #ifdef LY_FIND_LEAKS
atexit(FreeHTAAUtil); atexit(FreeHTAAUtil);
#endif #endif
......
/* /*
* $LynxId: HTAccess.c,v 1.79 2013/11/28 11:11:05 tom Exp $ * $LynxId: HTAccess.c,v 1.80 2016/11/24 15:29:50 tom Exp $
* *
* Access Manager HTAccess.c * Access Manager HTAccess.c
* ============== * ==============
...@@ -1283,8 +1283,6 @@ BOOL HTSearch(const char *keywords, ...@@ -1283,8 +1283,6 @@ BOOL HTSearch(const char *keywords,
if (escaped == NULL) if (escaped == NULL)
outofmem(__FILE__, "HTSearch"); outofmem(__FILE__, "HTSearch");
assert(escaped != NULL);
StrAllocCopy(address, here->isIndexAction); StrAllocCopy(address, here->isIndexAction);
/* /*
......
/* /*
* $LynxId: HTAnchor.c,v 1.76 2013/11/28 11:34:24 tom Exp $ * $LynxId: HTAnchor.c,v 1.77 2016/11/24 15:29:50 tom Exp $
* *
* Hypertext "Anchor" Object HTAnchor.c * Hypertext "Anchor" Object HTAnchor.c
* ========================== * ==========================
...@@ -86,8 +86,6 @@ static HTParentAnchor0 *HTParentAnchor0_new(const char *address, ...@@ -86,8 +86,6 @@ static HTParentAnchor0 *HTParentAnchor0_new(const char *address,