aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGES11
-rw-r--r--RELEASE-NOTES5
-rw-r--r--TODO-RELEASE3
-rw-r--r--lib/http_negotiate.c33
-rw-r--r--lib/urldata.h3
5 files changed, 37 insertions, 18 deletions
diff --git a/CHANGES b/CHANGES
index 19074e2c3..0b63a6fe0 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,7 +7,18 @@
Changelog
+Daniel S (21 Nov 2007)
+- While inspecting the Negotiate code, I noticed how the proxy auth was using
+ the same state struct as the host auth, so both could never be used at the
+ same time! I fixed it (without being able to check) to use two separate
+ structs to allow authentication using Negotiate on host and proxy
+ simultanouesly.
+
Daniel S (20 Nov 2007)
+- Emil Romanus pointed out a bug that made an easy handle get the cookie
+ engine activated when set to use a share (even if the share doesn't share
+ cookies). I fixed it.
+
- Fixed a very long-lasting mprintf() bug that occured when we did "%.*s%s",
since the second %s would then wrongly used the numerical precision argument
instead and crash.
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 7fa596273..c20c81d1a 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -24,6 +24,8 @@ This release includes the following bugfixes:
o variable wrapping when using debug callback and the HTTP request wasn't sent
in one go
o SSL connections with NSS done with the multi-interface
+ o setting a share no longer activates cookies
+ o Negotiate now works on auth and proxy simultanouesly
This release includes the following known bugs:
@@ -42,6 +44,7 @@ This release would not have looked like this without help, code, reports and
advice from friends like these:
Dan Fandrich, Gisle Vanem, Toby Peterson, Yang Tse, Daniel Black,
- Robin Johnson, Michal Marek, Ates Goral, Andres Garcia, Rob Crittenden
+ Robin Johnson, Michal Marek, Ates Goral, Andres Garcia, Rob Crittenden,
+ Emil Romanus
Thanks! (and sorry if I forgot to mention someone)
diff --git a/TODO-RELEASE b/TODO-RELEASE
index 4817a7b3e..2911a3d1e 100644
--- a/TODO-RELEASE
+++ b/TODO-RELEASE
@@ -1,9 +1,6 @@
To be addressed before 7.17.2 (planned release: December 2007)
=============================
-106 - Share interface force-enable the cookie parser
- http://curl.haxx.se/mail/lib-2007-11/0234.html
-
107 - resolve the type= thing for FTP URLs over HTTP proxies
108 -
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index 5e88dc0a0..c584e28a6 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -51,7 +51,8 @@
static int
get_gss_name(struct connectdata *conn, bool proxy, gss_name_t *server)
{
- struct negotiatedata *neg_ctx = &conn->data->state.negotiate;
+ struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
+ &conn->data->state.negotiate;
OM_uint32 major_status, minor_status;
gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
char name[2048];
@@ -98,12 +99,12 @@ log_gss_error(struct connectdata *conn, OM_uint32 error_status, char *prefix)
snprintf(buf, sizeof(buf), "%s", prefix);
len = strlen(buf);
do {
- maj_stat = gss_display_status (&min_stat,
- error_status,
- GSS_C_MECH_CODE,
- GSS_C_NO_OID,
- &msg_ctx,
- &status_string);
+ maj_stat = gss_display_status(&min_stat,
+ error_status,
+ GSS_C_MECH_CODE,
+ GSS_C_NO_OID,
+ &msg_ctx,
+ &status_string);
if(sizeof(buf) > len + status_string.length + 1) {
snprintf(buf + len, sizeof(buf) - len,
": %s", (char*) status_string.value);
@@ -118,7 +119,8 @@ log_gss_error(struct connectdata *conn, OM_uint32 error_status, char *prefix)
int Curl_input_negotiate(struct connectdata *conn, bool proxy,
const char *header)
{
- struct negotiatedata *neg_ctx = &conn->data->state.negotiate;
+ struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
+ &conn->data->state.negotiate;
OM_uint32 major_status, minor_status, minor_status2;
gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
@@ -251,13 +253,14 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
{
- struct negotiatedata *neg_ctx = &conn->data->state.negotiate;
+ struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
+ &conn->data->state.negotiate;
OM_uint32 minor_status;
char *encoded = NULL;
int len;
#ifdef HAVE_SPNEGO /* Handle SPNEGO */
- if(checkprefix("Negotiate",neg_ctx->protocol)) {
+ if(checkprefix("Negotiate", neg_ctx->protocol)) {
ASN1_OBJECT * object = NULL;
int rc = 1;
unsigned char * spnegoToken = NULL;
@@ -310,11 +313,9 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
return (conn->allocptr.userpwd == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;
}
-void Curl_cleanup_negotiate(struct SessionHandle *data)
+static void cleanup(struct negotiatedata *neg_ctx)
{
OM_uint32 minor_status;
- struct negotiatedata *neg_ctx = &data->state.negotiate;
-
if(neg_ctx->context != GSS_C_NO_CONTEXT)
gss_delete_sec_context(&minor_status, &neg_ctx->context, GSS_C_NO_BUFFER);
@@ -327,6 +328,12 @@ void Curl_cleanup_negotiate(struct SessionHandle *data)
memset(neg_ctx, 0, sizeof(*neg_ctx));
}
+void Curl_cleanup_negotiate(struct SessionHandle *data)
+{
+ cleanup(&data->state.negotiate);
+ cleanup(&data->state.proxyneg);
+}
+
#endif
#endif
diff --git a/lib/urldata.h b/lib/urldata.h
index 84aca5a61..beee01064 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -1199,7 +1199,8 @@ struct UrlState {
struct digestdata proxydigest; /* state data for proxy Digest auth */
#ifdef HAVE_GSSAPI
- struct negotiatedata negotiate; /* state data for Negotiate auth */
+ struct negotiatedata negotiate; /* state data for host Negotiate auth */
+ struct negotiatedata proxyneg; /* state data for proxy Negotiate auth */
#endif
struct auth authhost; /* auth details for host */