ncat HTTP digest auth does not allow colons

[nnposter]

The following patch allows ncat to properly process HTTP digest passwords that are either empty or contain colons.

--- a/ncat/ncat_connect.c
+++ b/ncat/ncat_connect.c
@@ -399,12 +399,13 @@
 
         /* Split up the proxy auth argument. */
         proxy_auth = Strdup(o.proxy_auth);
-        username = strtok(proxy_auth, ":");
-        password = strtok(NULL, ":");
+        username = proxy_auth;
+        password = strchr(proxy_auth, ':');
         if (password == NULL) {
             free(proxy_auth);
             return NULL;
         }
+        *password++ = '\0';
         response_hdr = http_digest_proxy_authorization(challenge,
             username, password, "CONNECT", sock_to_url(o.target,o.portno));
         if (response_hdr == NULL) {
--- a/ncat/ncat_proxy.c
+++ b/ncat/ncat_proxy.c
@@ -888,12 +888,13 @@
 
         /* Split up the proxy auth argument. */
         proxy_auth = Strdup(o.proxy_auth);
-        username = strtok(proxy_auth, ":");
-        password = strtok(NULL, ":");
+        username = proxy_auth;
+        password = strchr(proxy_auth, ':');
         if (password == NULL) {
             free(proxy_auth);
             return 0;
         }
+        *password++ = '\0';
         ret = http_digest_check_credentials(username, "Ncat", password,
             request->method, credentials);
         free(proxy_auth);

Please let me know if you have any questions or concerns. Otherwise I will commit the patch in a few weeks.

[dmiller-nmap]

I am nearly always in favor of a patch that removes an invocation of strtok. I do think that *password++ = '\0'; is slightly confusing, since it involves dereferencing and pointer arithmetic in an lvalue. For clarity, I would prefer:

*password = '\0';
password++;

Though since this of course means the same thing, you may commit whichever you like.