curl/lib/vauth, branch master cURL mirror with patches applied ntlm: enable NTLM support with wolfSSL 2020-06-16T07:06:19+00:00 Ruurd Beerstra ruurd.beerstra@infor.com 2020-06-11T15:14:43+00:00 d80d419d3e3bf0e5f0dea160df5609c57cb3c5df When wolfSSL is built with its OpenSSL API layer, it fetures the same DES* functions that OpenSSL has. This change take advantage of that. Co-authored-by: Daniel Stenberg Closes #5556 Fixes #5548 
When wolfSSL is built with its OpenSSL API layer, it fetures the same DES*
functions that OpenSSL has. This change take advantage of that.

Co-authored-by: Daniel Stenberg
Closes #5556
Fixes #5548
copyright: updated year ranges out of sync 2020-05-23T22:02:33+00:00 Daniel Stenberg daniel@haxx.se 2020-05-23T22:02:33+00:00 d75e6ce85af240993f6fa89b939f437a9968ed64 ... and whitelisted a few more files in the the copyright.pl script. 
... and whitelisted a few more files in the the copyright.pl script.
source cleanup: remove all custom typedef structs 2020-05-15T06:54:42+00:00 Daniel Stenberg daniel@haxx.se 2020-05-13T22:05:04+00:00 8df455479f8801bbebad8839fc96abbffa711603 - Stick to a single unified way to use structs - Make checksrc complain on 'typedef struct {' - Allow them in tests, public headers and examples - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually typedef different types/structs depending on build conditions. Closes #5338 
 - Stick to a single unified way to use structs
 - Make checksrc complain on 'typedef struct {'
 - Allow them in tests, public headers and examples

 - Let MD4_CTX, MD5_CTX, and SHA256_CTX typedefs remain as they actually
   typedef different types/structs depending on build conditions.

Closes #5338
curl_multibyte: add to curlx 2020-05-14T16:13:27+00:00 Marcel Raad Marcel.Raad@teamviewer.com 2019-04-13T20:55:51+00:00 a55c835e6b99f96e595ad11888a2714447998378 This will also be needed in the tool and tests. Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512 Closes https://github.com/curl/curl/pull/3784 
This will also be needed in the tool and tests.

Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512
Closes https://github.com/curl/curl/pull/3784
vauth/cleartext: fix theoretical integer overflow 2020-05-14T06:36:35+00:00 Major_Tom 9447735+MajorTomSec@users.noreply.github.com 2020-05-13T19:41:27+00:00 8e762199b094cd77fcd636fee2c503a5b00d0d2e Fix theoretical integer overflow in Curl_auth_create_plain_message. The security impact of the overflow was discussed on hackerone. We agreed this is more of a theoretical vulnerability, as the integer overflow would only be triggerable on systems using 32-bits size_t with over 4GB of available memory space for the process. Closes #5391 
Fix theoretical integer overflow in Curl_auth_create_plain_message.

The security impact of the overflow was discussed on hackerone. We
agreed this is more of a theoretical vulnerability, as the integer
overflow would only be triggerable on systems using 32-bits size_t with
over 4GB of available memory space for the process.

Closes #5391
*_sspi: fix bad uses of CURLE_NOT_BUILT_IN 2020-05-08T06:37:56+00:00 Peter Wang novalazy@gmail.com 2020-05-08T00:43:45+00:00 1c341e2270b8f255ff108d80501b676d27d813c7 Return CURLE_AUTH_ERROR instead of CURLE_NOT_BUILT_IN for other instances of QuerySecurityPackageInfo failing, as in commit 2a81439553286f12cd04a4bdcdf66d8e026d8201. Closes #5355 
Return CURLE_AUTH_ERROR instead of CURLE_NOT_BUILT_IN for other
instances of QuerySecurityPackageInfo failing, as in
commit 2a81439553286f12cd04a4bdcdf66d8e026d8201.

Closes #5355
ntlm_sspi: fix bad use of CURLE_NOT_BUILT_IN 2020-05-07T10:58:57+00:00 Daniel Stenberg daniel@haxx.se 2020-05-07T07:44:00+00:00 2a81439553286f12cd04a4bdcdf66d8e026d8201 That return code is reserved for build-time conditional code not being present while this was a regular run-time error from a Windows API. Reported-by: wangp on github Fixes #5349 Closes #5350 
That return code is reserved for build-time conditional code not being
present while this was a regular run-time error from a Windows API.

Reported-by: wangp on github
Fixes #5349
Closes #5350
ntlm: Removed the dependency on the TLS libaries when using MD5 2020-02-23T07:52:19+00:00 Steve Holme steve_holme@hotmail.com 2020-02-22T14:31:26+00:00 2d432f7e499a3e04ff1a45d51a5c089e81fe66e7 As we have our own MD5 implementation use the MD5 wrapper to remove the TLS dependency. Closes #4967 
As we have our own MD5 implementation use the MD5 wrapper to remove the
TLS dependency.

Closes #4967
md5/sha256: Updated the functions to allow non-string data to be hashed 2020-02-23T07:50:33+00:00 Steve Holme steve_holme@hotmail.com 2020-02-22T05:37:01+00:00 37dc4df270b0080442a9e36f9ea13855db9253e6 






digest: Corrected the name of the local HTTP digest function
2020-02-23T07:50:18+00:00

Steve Holme
steve_holme@hotmail.com

2020-02-22T04:59:46+00:00

4959be810be3340aaa7a1efca4aba7e670d5e8b7

Follow up to 2b5b37cb. Local static functions do not require the Curl
prefix.





Follow up to 2b5b37cb. Local static functions do not require the Curl
prefix.