Improve handling of HTTP 401 Unauthorized

Signed-off-by: Vitezslav Crhonek <vcrhonek@redhat.com>

openwsman-2.7.1-http-unauthorized-improve.patch

@@ -0,0 +1,56 @@
+diff -up openwsman-2.7.1/src/lib/wsman-curl-client-transport.c.orig openwsman-2.7.1/src/lib/wsman-curl-client-transport.c
+--- openwsman-2.7.1/src/lib/wsman-curl-client-transport.c.orig	2021-04-07 17:25:55.000000000 +0200
++++ openwsman-2.7.1/src/lib/wsman-curl-client-transport.c	2022-07-19 09:25:22.435355610 +0200
+@@ -459,6 +459,7 @@ wsmc_handler( WsManClient *cl,
+ 	long http_code;
+ 	long auth_avail = 0;
+ 	char *_user = NULL, *_pass = NULL;
++	int _no_auth = 0; /* 0 if authentication is used, 1 if no authentication was used */
+ 	u_buf_t *response = NULL;
+ 	//char *soapaction;
+ 	char *tmp_str = NULL;
+@@ -564,6 +565,7 @@ wsmc_handler( WsManClient *cl,
+ 		_user = wsmc_get_user(cl);
+ 		_pass = wsmc_get_password(cl);
+ 		if (_user && _pass && cl->data.auth_set) {
++			_no_auth = 0;
+ 			r = curl_easy_setopt(curl, CURLOPT_HTTPAUTH, cl->data.auth_set);
+ 			if (r != CURLE_OK) {
+ 				cl->fault_string = u_strdup(curl_easy_strerror(r));
+@@ -584,6 +586,11 @@ wsmc_handler( WsManClient *cl,
+ 				curl_err("curl_easy_setopt(curl, CURLOPT_USERPWD, ..) failed");
+ 				goto DONE;
+ 			}
++        } else {
++            /* request without user credentials, remember this for
++             * later use when it might become necessary to print an error message
++             */
++            _no_auth = 1;
+ 		}
+ 
+ 		if (wsman_debug_level_debugged(DEBUG_LEVEL_MESSAGE)) {
+@@ -616,6 +623,24 @@ wsmc_handler( WsManClient *cl,
+ 				break;
+ 			case 401:
+ 				// The server requires authentication.
++                /* RFC 2616 states:
++                 *
++                 * If the request already included Authorization credentials, then the 401
++                 * response indicates that authorization has been refused for those
++                 * credentials. If the 401 response contains the same challenge as the
++                 * prior response, and the user agent has already attempted
++                 * authentication at least once, then the user SHOULD be presented the
++                 * entity that was given in the response, since that entity might
++                 * include relevant diagnostic information.
++                 */
++                if (_no_auth == 0) {
++                    /* no authentication credentials were used. It is only
++                     * possible to write a message about the current situation. There
++                     * is no information about the last attempt to access the resource.
++                     * Maybe at a later point in time I will implement more state information.
++                     */
++                    fprintf(stdout,"Authentication failed, please retry\n");
++                }
+ 				break;
+ 			default:
+ 				// The status code does not indicate success.

openwsman.spec

@@ -25,7 +25,7 @@
 
 Name:		openwsman
 Version:	2.7.1
-Release:	5%{?dist}
+Release:	6%{?dist}
 Summary:	Open source Implementation of WS-Management
 
 License:	BSD
@@ -49,6 +49,7 @@ Patch2:		openwsman-2.4.12-ruby-binding-build.patch
 Patch3:		openwsman-2.6.2-openssl-1.1-fix.patch
 Patch4:		openwsman-2.6.5-http-status-line.patch
 Patch5:		openwsman-2.6.8-update-ssleay-conf.patch
+Patch6:		openwsman-2.7.1-http-unauthorized-improve.patch
 BuildRequires:  make
 BuildRequires:	swig
 BuildRequires:	libcurl-devel libxml2-devel pam-devel sblim-sfcc-devel
@@ -191,6 +192,7 @@ Custom SELinux policy module
 %patch3 -p1 -b .openssl-1.1-fix
 %patch4 -p1 -b .http-status-line
 %patch5 -p1 -b .update-ssleay-conf
+%patch6 -p1 -b .http-unauthorized-improve
 
 %build
 # Removing executable permissions on .c and .h files to fix rpmlint warnings. 
@@ -412,6 +414,9 @@ fi
 %endif
 
 %changelog
+* Wed Jul 20 2022 Vitezslav Crhonek <vcrhonek@redhat.com> - 2.7.1-6
+- Improve handling of HTTP 401 Unauthorized
+
 * Wed Jun 15 2022 Python Maint <python-maint@redhat.com> - 2.7.1-5
 - Rebuilt for Python 3.11