diff options
| author | Steve Holme <steve_holme@hotmail.com> | 2014-08-09 16:26:58 +0100 |
|---|---|---|
| committer | Steve Holme <steve_holme@hotmail.com> | 2014-08-09 16:40:24 +0100 |
| commit | 1b69122810462cff569eb0929230961aa356bae0 (patch) | |
| tree | ec25943700e724163629d40ae322f7c05d5a1b85 /lib | |
| parent | e9b4a96975e24ad75167e367d64f33daee887dcd (diff) | |
sasl: Introduced Curl_sasl_build_spn() for building a SPN
Various parts of the libcurl source code build a SPN for inclusion in
authentication data. This information is either used by our own native
generation routines or passed to authentication functions in third-party
libraries such as SSPI. However, some of these instances use fixed
buffers rather than dynamically allocated ones and not all of those that
should, convert to wide character strings in Unicode builds.
Implemented a common function that generates a SPN and performs the
wide character conversion where necessary.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/curl_sasl.c | 20 | ||||
| -rw-r--r-- | lib/curl_sasl.h | 7 | ||||
| -rw-r--r-- | lib/curl_sasl_sspi.c | 54 |
3 files changed, 79 insertions, 2 deletions
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index a2dfe7755..75efca3e8 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -120,6 +120,26 @@ static CURLcode sasl_digest_get_qop_values(const char *options, int *value) } #endif +#if !defined(USE_WINDOWS_SSPI) +/* + * Curl_sasl_build_spn() + * + * This is used to build a SPN string in the format service/host. + * + * Parameters: + * + * serivce [in] - The service type such as www, smtp, pop or imap. + * instance [in] - The instance name such as the host nme or realm. + * + * Returns a pointer to the newly allocated SPN. + */ +char *Curl_sasl_build_spn(const char *service, const char *host) +{ + /* Generate and return our SPN */ + return aprintf("%s/%s", service, host); +} +#endif + /* * Curl_sasl_create_plain_message() * diff --git a/lib/curl_sasl.h b/lib/curl_sasl.h index d2967b0f3..fe7c471ce 100644 --- a/lib/curl_sasl.h +++ b/lib/curl_sasl.h @@ -57,6 +57,13 @@ struct ntlmdata; (wordlen == (sizeof(mech) - 1) / sizeof(char) && \ !memcmp(line, mech, wordlen)) +/* This is used to build a SPN string */ +#if !defined(USE_WINDOWS_SSPI) +char *Curl_sasl_build_spn(const char *service, const char *instance); +#else +TCHAR *Curl_sasl_build_spn(const char *service, const char *instance); +#endif + /* This is used to generate a base64 encoded PLAIN authentication message */ CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data, const char *userp, diff --git a/lib/curl_sasl_sspi.c b/lib/curl_sasl_sspi.c index 8f6c22591..cc55b2d77 100644 --- a/lib/curl_sasl_sspi.c +++ b/lib/curl_sasl_sspi.c @@ -25,7 +25,7 @@ #include "curl_setup.h" -#if defined(USE_WINDOWS_SSPI) && !defined(CURL_DISABLE_CRYPTO_AUTH) +#if defined(USE_WINDOWS_SSPI) #include <curl/curl.h> @@ -34,6 +34,7 @@ #include "curl_base64.h" #include "warnless.h" #include "curl_memory.h" +#include "curl_multibyte.h" #define _MPRINTF_REPLACE /* use our functions only */ #include <curl/mprintf.h> @@ -42,6 +43,53 @@ #include "memdebug.h" /* + * Curl_sasl_build_spn() + * + * This is used to build a SPN string in the format service/host. + * + * Parameters: + * + * serivce [in] - The service type such as www, smtp, pop or imap. + * instance [in] - The instance name such as the host nme or realm. + * + * Returns a pointer to the newly allocated SPN. + */ +TCHAR *Curl_sasl_build_spn(const char *service, const char *host) +{ + char *utf8_spn = NULL; + TCHAR *tchar_spn = NULL; + + /* Note: We could use DsMakeSPN() or DsClientMakeSpnForTargetServer() rather + than doing this ourselves but the first is only available in Windows XP + and Windows Server 2003 and the latter is only available in Windows 2000 + but not Windows95/98/ME or Windows NT4.0 unless the Active Directory + Client Extensions are installed. As such it is far simpler for us to + formulate the SPN instead. */ + + /* Allocate our UTF8 based SPN */ + utf8_spn = aprintf("%s/%s", service, host); + if(!utf8_spn) { + return NULL; + } + + /* Allocate our TCHAR based SPN */ + tchar_spn = Curl_convert_UTF8_to_tchar(utf8_spn); + if(!tchar_spn) { + Curl_safefree(utf8_spn); + + return NULL; + } + + /* Release the UTF8 variant when operating with Unicode */ + if(utf8_spn != tchar_spn) + Curl_safefree(utf8_spn); + + /* Return our newly allocated SPN */ + return tchar_spn; +} + +#if !defined(CURL_DISABLE_CRYPTO_AUTH) +/* * Curl_sasl_create_digest_md5_message() * * This is used to generate an already encoded DIGEST-MD5 response message @@ -200,4 +248,6 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data, return result; } -#endif /* USE_WINDOWS_SSPI && !CURL_DISABLE_CRYPTO_AUTH */ +#endif /* !CURL_DISABLE_CRYPTO_AUTH */ + +#endif /* USE_WINDOWS_SSPI */ |