Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
Add new options LRO_HTTPAUTHMETHODS and LRO_PROXYAUTHMETHODS 
As part of these new options, also new enum LrAuth was added,
the enum contains list of supported auth types that could
be used in the new options (the new options take bitmap from
values from the enum).

The enum contains:
    LR_AUTH_NONE        None auth method
    LR_AUTH_BASIC       HTTP Basic authentication (Default)
    LR_AUTH_DIGEST      HTTP Digest authentication
    LR_AUTH_NEGOTIATE   HTTP Negotiate (SPNEGO) authentication
    LR_AUTH_NTLM        HTTP NTLM authentication
    LR_AUTH_DIGEST_IE   HTTP Digest authentication with an IE flavor
    LR_AUTH_NTLM_WB     NTLM delegating to winbind helper
    LR_AUTH_ONLY        This is a meta symbol. OR this value
                        together with a single specific auth
                        value to force libcurl to probe for
                        un-restricted auth and if not, only
                        that single auth algorithm is
                        acceptable.
    LR_AUTH_ANY         All suitable methods

Resolves issue #67
  • Loading branch information
@Tojaj
Tojaj committed Sep 24, 2015
1 parent cd3e881 commit bfc05df
Show file tree
Hide file tree
Showing 9 changed files with 263 additions and 9 deletions.
75 changes: 69 additions & 6 deletions librepo/handle.c
View file
Expand Up @@ -104,6 +104,8 @@ lr_handle_init()
handle->gnupghomedir = g_strdup(LRO_GNUPGHOMEDIR_DEFAULT);
handle->fastestmirrortimeout = LRO_FASTESTMIRRORTIMEOUT_DEFAULT;
handle->offline = LRO_OFFLINE_DEFAULT;
handle->httpauthmethods = LRO_HTTPAUTHMETHODS_DEFAULT;
handle->proxyauthmethods = LRO_PROXYAUTHMETHODS_DEFAULT;

return handle;
}
Expand Down Expand Up @@ -154,6 +156,33 @@ typedef enum {
LR_REMOTESOURCE_OTHER,
} LrChangedRemoteSource;

static unsigned long curlauth_bitmask(LrAuth mask)
{
unsigned long out_mask = 0UL;

if (mask == LR_AUTH_NONE)
return (unsigned long) CURLAUTH_NONE;

if (mask & LR_AUTH_BASIC)
out_mask |= CURLAUTH_BASIC;
if (mask & LR_AUTH_DIGEST)
out_mask |= CURLAUTH_DIGEST;
if (mask & LR_AUTH_NEGOTIATE)
out_mask |= CURLAUTH_NEGOTIATE;
if (mask & LR_AUTH_NTLM)
out_mask |= CURLAUTH_NTLM;
if (mask & LR_AUTH_DIGEST_IE)
out_mask |= CURLAUTH_DIGEST_IE;
if (mask & LR_AUTH_NTLM_WB)
out_mask |= CURLAUTH_NTLM_WB;
if (mask & LR_AUTH_ONLY)
out_mask |= CURLAUTH_ONLY;
if (mask == LR_AUTH_ANY)
out_mask |= CURLAUTH_ANY;

return out_mask;
}

static void
lr_handle_remote_sources_changed(LrHandle *handle, LrChangedRemoteSource type)
{
Expand Down Expand Up @@ -274,10 +303,13 @@ lr_handle_setopt(LrHandle *handle,
break;

case LRO_HTTPAUTH:
if (va_arg(arg, long) == 1)
c_rc = curl_easy_setopt(c_h, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
else
if (va_arg(arg, long) == 0) {
c_rc = curl_easy_setopt(c_h, CURLOPT_HTTPAUTH, CURLAUTH_BASIC);
handle->httpauthmethods = LR_AUTH_BASIC;
} else {
c_rc = curl_easy_setopt(c_h, CURLOPT_HTTPAUTH, CURLAUTH_ANY);
handle->httpauthmethods = LR_AUTH_ANY;
}
break;

case LRO_USERPWD:
Expand Down Expand Up @@ -315,10 +347,13 @@ lr_handle_setopt(LrHandle *handle,
}

case LRO_PROXYAUTH:
if (va_arg(arg, long) == 1)
c_rc = curl_easy_setopt(c_h, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
else
if (va_arg(arg, long) == 0) {
c_rc = curl_easy_setopt(c_h, CURLOPT_PROXYAUTH, CURLAUTH_BASIC);
handle->proxyauthmethods = LR_AUTH_BASIC;
} else {
c_rc = curl_easy_setopt(c_h, CURLOPT_PROXYAUTH, CURLAUTH_ANY);
handle->proxyauthmethods = LR_AUTH_ANY;
}
break;

case LRO_PROXYUSERPWD:
Expand Down Expand Up @@ -656,6 +691,22 @@ lr_handle_setopt(LrHandle *handle,
handle->offline = va_arg(arg, long) ? 1 : 0;
break;

case LRO_HTTPAUTHMETHODS: {
LrAuth in_bitmask = va_arg(arg, LrAuth);
long bitmask = curlauth_bitmask(in_bitmask);
handle->httpauthmethods = in_bitmask;
c_rc = curl_easy_setopt(c_h, CURLOPT_HTTPAUTH, bitmask);
break;
}

case LRO_PROXYAUTHMETHODS: {
LrAuth in_bitmask = va_arg(arg, LrAuth);
long bitmask = curlauth_bitmask(in_bitmask);
handle->proxyauthmethods = in_bitmask;
c_rc = curl_easy_setopt(c_h, CURLOPT_PROXYAUTH, bitmask);
break;
}

default:
g_set_error(err, LR_HANDLE_ERROR, LRE_BADOPTARG,
"Unknown option");
Expand Down Expand Up @@ -1419,6 +1470,18 @@ lr_handle_getinfo(LrHandle *handle,
*lnum = (long) (handle->lowspeedlimit);
break;

case LRI_HTTPAUTHMETHODS: {
LrAuth *auth = va_arg(arg, LrAuth *);
*auth = handle->httpauthmethods;
break;
}

case LRI_PROXYAUTHMETHODS: {
LrAuth *auth = va_arg(arg, LrAuth *);
*auth = handle->proxyauthmethods;
break;
}

default:
rc = FALSE;
g_set_error(err, LR_HANDLE_ERROR, LRE_UNKNOWNOPT,
Expand Down
28 changes: 25 additions & 3 deletions librepo/handle.h
View file
Expand Up @@ -106,6 +106,13 @@ typedef struct _LrHandle LrHandle;
/** LRO_OFFLINE default value */
#define LRO_OFFLINE_DEFAULT 0L

/** LRO_HTTPAUTHMETHODS default value*/
#define LRO_HTTPAUTHMETHODS_DEFAULT LR_AUTH_BASIC

/** LRO_PROXYAUTHMETHODS default value*/
#define LRO_PROXYAUTHMETHODS_DEFAULT LR_AUTH_BASIC


/** Handle options for the ::lr_handle_setopt function. */
typedef enum {

Expand All @@ -117,7 +124,9 @@ typedef enum {
List of base repo URLs */

LRO_MIRRORLIST, /*!< (char *)
Mirrorlist or metalink url. This option is DEPRECATED */
Mirrorlist or metalink url.
This option is DEPRECATED!
Use LRO_MIRRORLISTURL or LRO_METALINKURL instead. */

LRO_MIRRORLISTURL, /*!< (char *)
Mirrorlist url */
Expand All @@ -129,7 +138,9 @@ typedef enum {
Do not duplicate local metadata, just locate the old one */

LRO_HTTPAUTH, /*!< (long 1 or 0)
Enable all supported method of HTTP authentification. */
Enable all supported method of HTTP authentification.
This option is DEPRECATED!
Use LRO_HTTPAUTHMETHODS */

LRO_USERPWD, /*!< (char *)
User and password for http authetification in format user:password */
Expand All @@ -144,7 +155,9 @@ typedef enum {
Type of the proxy used. */

LRO_PROXYAUTH, /*!< (long 1 or 0)
Enable all supported method for proxy authentification */
Enable all supported method for proxy authentification.
This option is DEPRECATED!
Use LRO_PROXYAUTHMETHODS */

LRO_PROXYUSERPWD, /*!< (char *)
User and password for proxy in format user:password */
Expand Down Expand Up @@ -327,6 +340,13 @@ typedef enum {
Path to a file containing the list of PEM format trusted CA
certificates. */

LRO_HTTPAUTHMETHODS, /*!< (LrAuth)
Bitmask which tell Librepo which auth metods you wan to use. */

LRO_PROXYAUTHMETHODS, /*!< (LrAuth)
A long bitmask which tell Librepo which auth methods you want
to use for proxy auth. */

LRO_SENTINEL, /*!< Sentinel */

} LrHandleOption; /*!< Handle config options */
Expand Down Expand Up @@ -390,6 +410,8 @@ typedef enum {
LRI_SSLCACERT, /*!< (char **) */
LRI_LOWSPEEDTIME, /*!< (long) */
LRI_LOWSPEEDLIMIT, /*!< (long) */
LRI_HTTPAUTHMETHODS, /*!< (LrAuth) */
LRI_PROXYAUTHMETHODS, /*!< (LrAuth) */
LRI_SENTINEL,
} LrHandleInfoOption; /*!< Handle info options */

Expand Down
6 changes: 6 additions & 0 deletions librepo/handle_internal.h
View file
Expand Up @@ -210,6 +210,12 @@ struct _LrHandle {
gboolean offline; /*!<
If TRUE, librepo should work offline - ignore all
non local URLs, etc. */

LrAuth httpauthmethods; /*!<
Bitmask with auth methods */

LrAuth proxyauthmethods; /*!<
Bitmask with auth methods */
};

/** Return new CURL easy handle with some default options setted.
Expand Down
72 changes: 72 additions & 0 deletions librepo/python/__init__.py
View file
Expand Up @@ -357,6 +357,17 @@
ignored. Remote mirrorlists/metalinks (if they are specified)
are ignored. Fastest mirror check (if enabled) is skiped.
.. data:: LRO_HTTPAUTHMETHODS
*Long (bitmask)* Bitmask which tell Librepo which auth metods to use.
See: :ref:`auth-methods-label`
.. data:: LRO_PROXYAUTHMETHODS
*Long (bitmask)* Bitmask which tell Librepo which auth metods to use
for proxy authentication.
See: :ref:`auth-methods-label`
.. _handle-info-options-label:
Expand Down Expand Up @@ -402,6 +413,8 @@
.. data:: LRI_FASTESTMIRRORTIMEOUT
.. data:: LRI_HTTPHEADER
.. data:: LRI_OFFLINE
.. data:: LRI_HTTPAUTHMETHODS
.. data:: LRI_PROXYAUTHMETHODS
.. _proxy-type-label:
Expand Down Expand Up @@ -484,6 +497,57 @@
Download only files used by Hawkey (https://github.com/akozumpl/hawkey/).
(primary, filelists, prestodelta)
.. _auth-methods-label:
Auth methods
------------
Supported auth methods for :data:`~.LRO_HTTPAUTHMETHODS` and
:data:`~.LRO_PROXYAUTHMETHODS` options.
.. data:: LR_AUTH_NONE
No auth method enabled.
.. data:: LR_AUTH_BASIC
HTTP Basic authentication (Default).
.. data:: LR_AUTH_DIGEST
HTTP Digest authentication.
.. data:: LR_AUTH_NEGOTIATE
HTTP Negotiate (SPNEGO) authentication.
.. data:: LR_AUTH_NTLM
HTTP NTLM authentication.
.. data:: LR_AUTH_DIGEST_IE
HTTP Digest authentication with an IE flavor.
.. data:: LR_AUTH_NTLM_WB
NTLM delegating to winbind helper.
.. data:: LR_AUTH_ONLY
This is a meta symbol. OR this value
together with a single specific auth
value to force libcurl to probe for
un-restricted auth and if not, only
that single auth algorithm is
acceptable.
.. data:: LR_AUTH_ANY
All suitable methods.
.. _fastestmirror-stages-constants-label:
Fastest mirror stages
Expand Down Expand Up @@ -1313,6 +1377,14 @@ class Handle(_librepo.Handle):
See :data:`.LRO_OFFLINE`
.. attribute:: httpauthmethods
See :data:`.LRO_HTTPAUTHMETHODS`
.. attribute:: proxyauthmethods
See :data:`.LRO_PROXYAUTHMETHODS`
"""

def setopt(self, option, val):
Expand Down
19 changes: 19 additions & 0 deletions librepo/python/handle-py.c
View file
Expand Up @@ -479,6 +479,8 @@ py_setopt(_HandleObject *self, PyObject *args)
case LRO_MAXMIRRORTRIES:
case LRO_MAXPARALLELDOWNLOADS:
case LRO_MAXDOWNLOADSPERMIRROR:
case LRO_HTTPAUTHMETHODS:
case LRO_PROXYAUTHMETHODS:
{
long d;

Expand All @@ -500,6 +502,10 @@ py_setopt(_HandleObject *self, PyObject *args)
d = LRO_MAXPARALLELDOWNLOADS_DEFAULT;
else if (option == LRO_MAXDOWNLOADSPERMIRROR)
d = LRO_MAXDOWNLOADSPERMIRROR_DEFAULT;
else if (option == LRO_HTTPAUTHMETHODS)
d = LRO_HTTPAUTHMETHODS_DEFAULT;
else if (option == LRO_PROXYAUTHMETHODS)
d = LRO_PROXYAUTHMETHODS_DEFAULT;
else
assert(0);
} else {
Expand Down Expand Up @@ -917,6 +923,19 @@ py_getinfo(_HandleObject *self, PyObject *args)
RETURN_ERROR(&tmp_err, -1, NULL);
return PyLong_FromLong(lval);

/* LrAuth* option */
case LRI_HTTPAUTHMETHODS:
case LRI_PROXYAUTHMETHODS: {
LrAuth auth = 0;
res = lr_handle_getinfo(self->handle,
&tmp_err,
(LrHandleInfoOption)option,
&auth);
if (!res)
RETURN_ERROR(&tmp_err, -1, NULL);
return PyLong_FromLong((long) auth);
}

/* LrIpResolveType* option */
case LRI_IPRESOLVE: {
LrIpResolveType type;
Expand Down
15 changes: 15 additions & 0 deletions librepo/python/librepomodule.c
View file
Expand Up @@ -291,6 +291,8 @@ init_librepo(void)
PYMODULE_ADDINTCONSTANT(LRO_FASTESTMIRRORTIMEOUT);
PYMODULE_ADDINTCONSTANT(LRO_HTTPHEADER);
PYMODULE_ADDINTCONSTANT(LRO_OFFLINE);
PYMODULE_ADDINTCONSTANT(LRO_HTTPAUTHMETHODS);
PYMODULE_ADDINTCONSTANT(LRO_PROXYAUTHMETHODS);
PYMODULE_ADDINTCONSTANT(LRO_SENTINEL);

// Handle info options
Expand Down Expand Up @@ -332,6 +334,8 @@ init_librepo(void)
PYMODULE_ADDINTCONSTANT(LRI_OFFLINE);
PYMODULE_ADDINTCONSTANT(LRI_LOWSPEEDTIME);
PYMODULE_ADDINTCONSTANT(LRI_LOWSPEEDLIMIT);
PYMODULE_ADDINTCONSTANT(LRI_HTTPAUTHMETHODS);
PYMODULE_ADDINTCONSTANT(LRI_PROXYAUTHMETHODS);
PYMODULE_ADDINTCONSTANT(LRI_SENTINEL);

// Check options
Expand Down Expand Up @@ -437,6 +441,17 @@ init_librepo(void)
PYMODULE_ADDINTCONSTANT(LR_CB_ABORT);
PYMODULE_ADDINTCONSTANT(LR_CB_ERROR);

// Auth methods
PYMODULE_ADDINTCONSTANT(LR_AUTH_NONE);
PYMODULE_ADDINTCONSTANT(LR_AUTH_BASIC);
PYMODULE_ADDINTCONSTANT(LR_AUTH_DIGEST);
PYMODULE_ADDINTCONSTANT(LR_AUTH_NEGOTIATE);
PYMODULE_ADDINTCONSTANT(LR_AUTH_NTLM);
PYMODULE_ADDINTCONSTANT(LR_AUTH_DIGEST_IE);
PYMODULE_ADDINTCONSTANT(LR_AUTH_NTLM_WB);
PYMODULE_ADDINTCONSTANT(LR_AUTH_ONLY);
PYMODULE_ADDINTCONSTANT(LR_AUTH_ANY);

// Init librepo library
lr_global_init();

Expand Down

0 comments on commit bfc05df

Please sign in to comment.