diff options
author | toughengineer <paul.skeptic@yandex.ru> | 2017-07-08 02:10:08 +0200 |
---|---|---|
committer | Marcel Raad <Marcel.Raad@teamviewer.com> | 2018-04-16 20:43:21 +0200 |
commit | bc4b8c9717c8972acf1f8d6383b127b5c8ef3e72 (patch) | |
tree | 2fd661d5a829e90e76c47727c235ccf9a4d76c0e /lib/http_ntlm.c | |
parent | 2d4c2152c9eb3dbdf943de46ed8fc11285f1b90b (diff) |
ntlm_sspi: fix authentication using Credential Manager
If you pass empty user/pass asking curl to use Windows Credential
Storage (as stated in the docs) and it has valid credentials for the
domain, e.g.
curl -v -u : --ntlm example.com
currently authentication fails.
This change fixes it by providing proper SPN string to the SSPI API
calls.
Fixes https://github.com/curl/curl/issues/1622
Closes https://github.com/curl/curl/pull/1660
Diffstat (limited to 'lib/http_ntlm.c')
-rw-r--r-- | lib/http_ntlm.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c index 0f1edcf65..fd5540b5d 100644 --- a/lib/http_ntlm.c +++ b/lib/http_ntlm.c @@ -121,9 +121,11 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy) server, which is for a plain host or for a HTTP proxy */ char **allocuserpwd; - /* point to the name and password for this */ + /* point to the username, password, service and host */ const char *userp; const char *passwdp; + const char *service = NULL; + const char *hostname = NULL; /* point to the correct struct with this */ struct ntlmdata *ntlm; @@ -141,6 +143,9 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy) allocuserpwd = &conn->allocptr.proxyuserpwd; userp = conn->http_proxy.user; passwdp = conn->http_proxy.passwd; + service = conn->data->set.str[STRING_PROXY_SERVICE_NAME] ? + conn->data->set.str[STRING_PROXY_SERVICE_NAME] : "HTTP"; + hostname = conn->http_proxy.host.name; ntlm = &conn->proxyntlm; authp = &conn->data->state.authproxy; } @@ -148,6 +153,9 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy) allocuserpwd = &conn->allocptr.userpwd; userp = conn->user; passwdp = conn->passwd; + service = conn->data->set.str[STRING_SERVICE_NAME] ? + conn->data->set.str[STRING_SERVICE_NAME] : "HTTP"; + hostname = conn->host.name; ntlm = &conn->ntlm; authp = &conn->data->state.authhost; } @@ -174,7 +182,9 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy) default: /* for the weird cases we (re)start here */ /* Create a type-1 message */ result = Curl_auth_create_ntlm_type1_message(conn->data, userp, passwdp, - ntlm, &base64, &len); + service, hostname, + ntlm, &base64, + &len); if(result) return result; |