Skip to content

Commit 16b4fb1

Browse files
David MaloneyDavid Maloney
David Maloney
authored and
David Maloney
committed
Added some comment documentation
1 parent 463a45c commit 16b4fb1

File tree

1 file changed

+37
-0
lines changed

1 file changed

+37
-0
lines changed

lib/rex/proto/http/client.rb

Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -392,10 +392,21 @@ def send_request(req, t = -1)
392392
conn.put(req.to_s)
393393
end
394394

395+
# Validates that the client has creds
395396
def have_creds?
396397
!(self.username.nil?) && self.username != ''
397398
end
398399

400+
#
401+
# Params -
402+
# res = The 401 response we need to auth from
403+
# opts = the opts used to generate the request that created this response
404+
# t = the timeout for the http requests
405+
# persist = whether to persist the tcp connection for HTTP Pipelining
406+
#
407+
# Parses the response for what Authentication methods are supported.
408+
# Sets the corect authorization options and passes them on to the correct
409+
# method for sending the next request.
399410
def send_auth(res, opts, t, persist)
400411
supported_auths = res.headers['WWW-Authenticate']
401412
if supported_auths.include? 'Basic'
@@ -434,11 +445,28 @@ def send_auth(res, opts, t, persist)
434445
return res
435446
end
436447

448+
# Converts username and password into the HTTP Basic
449+
# authorization string.
437450
def basic_auth_header(username,password)
438451
auth_str = username.to_s + ":" + password.to_s
439452
auth_str = "Basic " + Rex::Text.encode_base64(auth_str)
440453
end
441454

455+
456+
#
457+
# Opts -
458+
# Inherits all the same options as send_request_cgi
459+
# Also expects some specific opts
460+
# DigestAuthUser - The username for DigestAuth
461+
# DigestAuthPass - The password for DigestAuth
462+
# DigestAuthIIS - IIS uses a slighlty different implementation, set this for IIS support
463+
#
464+
# This method builds new request to complete a Digest Authentication cycle.
465+
# We do not persist the original connection , to clear state in preparation for our auth
466+
# We do persist the rest of the connection stream because Digest is a tcp session
467+
# based authentication method.
468+
#
469+
442470
def digest_auth(opts={})
443471
@nonce_count = 0
444472

@@ -572,6 +600,15 @@ def digest_auth(opts={})
572600
end
573601
end
574602

603+
#
604+
# Opts -
605+
# Inherits all the same options as send_request_cgi
606+
# provider - What Negotiate Provider to use (supports NTLM and Negotiate)
607+
#
608+
# Builds a series of requests to complete Negotiate Auth. Works essentially
609+
# the same way as Digest auth. Same pipelining concerns exist.
610+
#
611+
575612
def negotiate_auth(opts={})
576613
ntlm_options = {
577614
:signing => false,

0 commit comments

Comments
 (0)