Minor fix (digest live test case) and some refactoring

stamparm · stamparm · commit 2f43c3eb9b3e · 2013-03-12T21:16:44.000+01:00
diff --git a/lib/core/enums.py b/lib/core/enums.py
@@ -308,3 +308,8 @@ class CONTENT_TYPE:
 class CONTENT_STATUS:
     IN_PROGRESS = 0
     COMPLETE = 1
+
+class AUTH_TYPE:
+    BASIC = "basic"
+    DIGEST = "digest"
+    NTLM = "ntlm"
diff --git a/lib/core/option.py b/lib/core/option.py
@@ -64,6 +64,7 @@
 from lib.core.dicts import DBMS_DICT
 from lib.core.dicts import DUMP_REPLACEMENTS
 from lib.core.enums import ADJUST_TIME_DELAY
+from lib.core.enums import AUTH_TYPE
 from lib.core.enums import CUSTOM_LOGGING
 from lib.core.enums import DUMP_FORMAT
 from lib.core.enums import HTTPHEADER
@@ -1098,15 +1099,15 @@ def _setHTTPAuthentication():
 
         aTypeLower = conf.aType.lower()
 
-        if aTypeLower not in ("basic", "digest", "ntlm"):
+        if aTypeLower not in (AUTH_TYPE.BASIC, AUTH_TYPE.DIGEST, AUTH_TYPE.NTLM):
             errMsg = "HTTP authentication type value must be "
             errMsg += "Basic, Digest or NTLM"
             raise SqlmapSyntaxException(errMsg)
-        elif aTypeLower in ("basic", "digest"):
+        elif aTypeLower in (AUTH_TYPE.BASIC, AUTH_TYPE.DIGEST):
             regExp = "^(.*?):(.*?)$"
             errMsg = "HTTP %s authentication credentials " % aTypeLower
             errMsg += "value must be in format username:password"
-        elif aTypeLower == "ntlm":
+        elif aTypeLower == AUTH_TYPE.NTLM:
             regExp = "^(.*\\\\.*):(.*?)$"
             errMsg = "HTTP NTLM authentication credentials value must "
             errMsg += "be in format DOMAIN\username:password"
@@ -1123,13 +1124,13 @@ def _setHTTPAuthentication():
 
         _setAuthCred()
 
-        if aTypeLower == "basic":
+        if aTypeLower == AUTH_TYPE.BASIC:
             authHandler = SmartHTTPBasicAuthHandler(kb.passwordMgr)
 
-        elif aTypeLower == "digest":
+        elif aTypeLower == AUTH_TYPE.DIGEST:
             authHandler = urllib2.HTTPDigestAuthHandler(kb.passwordMgr)
 
-        elif aTypeLower == "ntlm":
+        elif aTypeLower == AUTH_TYPE.NTLM:
             try:
                 from ntlm import HTTPNtlmAuthHandler
             except ImportError:
diff --git a/lib/request/connect.py b/lib/request/connect.py
@@ -47,6 +47,7 @@
 from lib.core.data import logger
 from lib.core.dicts import POST_HINT_CONTENT_TYPES
 from lib.core.enums import ADJUST_TIME_DELAY
+from lib.core.enums import AUTH_TYPE
 from lib.core.enums import CUSTOM_LOGGING
 from lib.core.enums import HTTPHEADER
 from lib.core.enums import HTTPMETHOD
@@ -364,7 +365,7 @@ def getPage(**kwargs):
 
             conn = urllib2.urlopen(req)
 
-            if not kb.authHeader and getRequestHeader(req, HTTPHEADER.AUTHORIZATION):
+            if not kb.authHeader and getRequestHeader(req, HTTPHEADER.AUTHORIZATION) and conf.aType == AUTH_TYPE.BASIC:
                 kb.authHeader = getRequestHeader(req, HTTPHEADER.AUTHORIZATION)
 
             if not kb.proxyAuthHeader and getRequestHeader(req, HTTPHEADER.PROXY_AUTHORIZATION):
