aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--configure.ac6
-rw-r--r--lib/http.c4
-rw-r--r--lib/http_ntlm.c43
-rw-r--r--lib/http_ntlm.h2
-rw-r--r--lib/url.c6
-rw-r--r--lib/urldata.h2
-rw-r--r--lib/version.c2
-rw-r--r--m4/curl-confopts.m468
-rw-r--r--tests/data/test13104
9 files changed, 68 insertions, 69 deletions
diff --git a/configure.ac b/configure.ac
index 7fb9cbf56..64ee1b7a6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2816,9 +2816,9 @@ AC_HELP_STRING([--disable-crypto-auth],[Disable cryptographic authentication]),
AC_MSG_RESULT(yes)
)
-CURL_CHECK_OPTION_WINBIND_NTLM_AUTH
+CURL_CHECK_OPTION_NTLM_WB
-CURL_CHECK_WINBIND_NTLM_AUTH
+CURL_CHECK_NTLM_WB
dnl ************************************************************
dnl disable TLS-SRP authentication
@@ -2995,7 +2995,7 @@ if test "x$CURL_DISABLE_HTTP" != "x1"; then
if test "x$USE_SSLEAY" = "x1" -o "x$USE_WINDOWS_SSPI" = "x1" \
-o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
- if test "x$WINBIND_NTLM_AUTH_ENABLED" = "x1"; then
+ if test "x$NTLM_WB_ENABLED" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM_WB"
fi
fi
diff --git a/lib/http.c b/lib/http.c
index 54bb53527..c1a94712e 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -545,7 +545,7 @@ output_auth_headers(struct connectdata *conn,
}
else
#endif
-#ifdef WINBIND_NTLM_AUTH_ENABLED
+#ifdef NTLM_WB_ENABLED
if(authstatus->picked == CURLAUTH_NTLM_WB) {
auth="NTLM_WB";
result = Curl_output_ntlm_wb(conn, proxy);
@@ -773,7 +773,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
Curl_input_ntlm(conn, (bool)(httpcode == 407), start);
if(CURLE_OK == ntlm) {
data->state.authproblem = FALSE;
-#ifdef WINBIND_NTLM_AUTH_ENABLED
+#ifdef NTLM_WB_ENABLED
if(authp->picked == CURLAUTH_NTLM_WB) {
*availp &= ~CURLAUTH_NTLM;
authp->avail &= ~CURLAUTH_NTLM;
diff --git a/lib/http_ntlm.c b/lib/http_ntlm.c
index ccecc02b3..8d9a8a1b5 100644
--- a/lib/http_ntlm.c
+++ b/lib/http_ntlm.c
@@ -124,8 +124,8 @@ CURLcode Curl_input_ntlm(struct connectdata *conn,
return result;
}
-#ifdef WINBIND_NTLM_AUTH_ENABLED
-static void wb_ntlm_close(struct connectdata *conn)
+#ifdef NTLM_WB_ENABLED
+static void ntlm_wb_cleanup(struct connectdata *conn)
{
if(conn->ntlm_auth_hlpr_socket != CURL_SOCKET_BAD) {
sclose(conn->ntlm_auth_hlpr_socket);
@@ -163,8 +163,7 @@ static void wb_ntlm_close(struct connectdata *conn)
conn->response_header = NULL;
}
-static CURLcode wb_ntlm_initiate(struct connectdata *conn,
- const char *userp)
+static CURLcode ntlm_wb_init(struct connectdata *conn, const char *userp)
{
curl_socket_t sockfds[2];
pid_t child_pid;
@@ -190,16 +189,16 @@ static CURLcode wb_ntlm_initiate(struct connectdata *conn,
}
/* For testing purposes, when DEBUGBUILD is defined and environment
- variable CURL_NTLM_AUTH is set a fake_ntlm is used to perform
+ variable CURL_NTLM_WB_FILE is set a fake_ntlm is used to perform
NTLM challenge/response which only accepts commands and output
strings pre-written in test case definitions */
#ifdef DEBUGBUILD
- ntlm_auth_alloc = curl_getenv("CURL_NTLM_AUTH");
+ ntlm_auth_alloc = curl_getenv("CURL_NTLM_WB_FILE");
if(ntlm_auth_alloc)
ntlm_auth = ntlm_auth_alloc;
else
#endif
- ntlm_auth = WINBIND_NTLM_AUTH_FILE;
+ ntlm_auth = NTLM_WB_FILE;
if(access(ntlm_auth, X_OK) != 0) {
error = ERRNO;
@@ -279,7 +278,7 @@ done:
return CURLE_REMOTE_ACCESS_DENIED;
}
-static CURLcode wb_ntlm_response(struct connectdata *conn,
+static CURLcode ntlm_wb_response(struct connectdata *conn,
const char *input, curlntlm state)
{
ssize_t size;
@@ -347,7 +346,7 @@ done:
CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
bool proxy)
{
- /* point to the address of the pointer that holds the string to sent to the
+ /* point to the address of the pointer that holds the string to send to the
server, which is for a plain host or for a HTTP proxy */
char **allocuserpwd;
/* point to the name and password for this */
@@ -383,23 +382,23 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
switch(ntlm->state) {
case NTLMSTATE_TYPE1:
default:
- /* Use Samba's 'winbind' daemon to support NTLM single-sign-on,
+ /* Use Samba's 'winbind' daemon to support NTLM authentication,
* by delegating the NTLM challenge/response protocal to a helper
* in ntlm_auth.
* http://devel.squid-cache.org/ntlm/squid_helper_protocol.html
* http://www.samba.org/samba/docs/man/manpages-3/winbindd.8.html
* http://www.samba.org/samba/docs/man/manpages-3/ntlm_auth.1.html
- * Preprocessor symbol 'WINBIND_NTLM_AUTH_ENABLED' is defined when
- * this feature is enabled and 'WINBIND_NTLM_AUTH_FILE' symbol holds
- * absolute filename of ntlm_auth helper.
- * If NTLM single-sign-on fails, go back to original request
- * handling process.
+ * Preprocessor symbol 'NTLM_WB_ENABLED' is defined when this
+ * feature is enabled and 'NTLM_WB_FILE' symbol holds absolute
+ * filename of ntlm_auth helper.
+ * If NTLM authentication using winbind fails, go back to original
+ * request handling process.
*/
/* Create communication with ntlm_auth */
- res = wb_ntlm_initiate(conn, userp);
+ res = ntlm_wb_init(conn, userp);
if(res)
return res;
- res = wb_ntlm_response(conn, "YR\n", ntlm->state);
+ res = ntlm_wb_response(conn, "YR\n", ntlm->state);
if(res)
return res;
@@ -415,7 +414,7 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
input = aprintf("TT %s", conn->challenge_header);
if(!input)
return CURLE_OUT_OF_MEMORY;
- res = wb_ntlm_response(conn, input, ntlm->state);
+ res = ntlm_wb_response(conn, input, ntlm->state);
free(input);
input = NULL;
if(res)
@@ -428,7 +427,7 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
DEBUG_OUT(fprintf(stderr, "**** %s\n ", *allocuserpwd));
ntlm->state = NTLMSTATE_TYPE3; /* we sent a type-3 */
authp->done = TRUE;
- wb_ntlm_close(conn);
+ ntlm_wb_cleanup(conn);
break;
case NTLMSTATE_TYPE3:
/* connection is already authenticated,
@@ -443,7 +442,7 @@ CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
return CURLE_OK;
}
-#endif /* WINBIND_NTLM_AUTH_ENABLED */
+#endif /* NTLM_WB_ENABLED */
/*
* This is for creating ntlm header output
@@ -563,8 +562,8 @@ void Curl_http_ntlm_cleanup(struct connectdata *conn)
#ifdef USE_WINDOWS_SSPI
Curl_ntlm_sspi_cleanup(&conn->ntlm);
Curl_ntlm_sspi_cleanup(&conn->proxyntlm);
-#elif defined(WINBIND_NTLM_AUTH_ENABLED)
- wb_ntlm_close(conn);
+#elif defined(NTLM_WB_ENABLED)
+ ntlm_wb_cleanup(conn);
#else
(void)conn;
#endif
diff --git a/lib/http_ntlm.h b/lib/http_ntlm.h
index d13998f4e..635d6313b 100644
--- a/lib/http_ntlm.h
+++ b/lib/http_ntlm.h
@@ -29,7 +29,7 @@ CURLcode Curl_input_ntlm(struct connectdata *conn, bool proxy,
/* this is for creating ntlm header output */
CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy);
-#ifdef WINBIND_NTLM_AUTH_ENABLED
+#ifdef NTLM_WB_ENABLED
/* this is for creating ntlm header output by delegating challenge/response
to Samba's winbind daemon helper ntlm_auth */
CURLcode Curl_output_ntlm_wb(struct connectdata *conn, bool proxy);
diff --git a/lib/url.c b/lib/url.c
index 73f633f0d..9834e04f8 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -1388,7 +1388,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
#ifndef USE_NTLM
auth &= ~CURLAUTH_NTLM; /* no NTLM without SSL */
#endif
-#ifndef WINBIND_NTLM_AUTH_ENABLED
+#ifndef NTLM_WB_ENABLED
auth &= ~CURLAUTH_NTLM_WB;
#endif
#ifndef USE_HTTP_NEGOTIATE
@@ -1452,7 +1452,7 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
#ifndef USE_NTLM
auth &= ~CURLAUTH_NTLM; /* no NTLM without SSL */
#endif
-#ifndef WINBIND_NTLM_AUTH_ENABLED
+#ifndef NTLM_WB_ENABLED
auth &= ~CURLAUTH_NTLM_WB;
#endif
#ifndef USE_HTTP_NEGOTIATE
@@ -3526,7 +3526,7 @@ static struct connectdata *allocate_conn(struct SessionHandle *data)
conn->ip_version = data->set.ipver;
-#ifdef WINBIND_NTLM_AUTH_ENABLED
+#ifdef NTLM_WB_ENABLED
conn->ntlm_auth_hlpr_socket = CURL_SOCKET_BAD;
conn->ntlm_auth_hlpr_pid = 0;
conn->challenge_header = NULL;
diff --git a/lib/urldata.h b/lib/urldata.h
index b9439e458..8965c0bb2 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -905,7 +905,7 @@ struct connectdata {
single requests! */
struct ntlmdata proxyntlm; /* NTLM data for proxy */
-#ifdef WINBIND_NTLM_AUTH_ENABLED
+#ifdef NTLM_WB_ENABLED
/* used for communication with Samba's winbind daemon helper ntlm_auth */
curl_socket_t ntlm_auth_hlpr_socket;
pid_t ntlm_auth_hlpr_pid;
diff --git a/lib/version.c b/lib/version.c
index 409d5d4c4..fdf758f9a 100644
--- a/lib/version.c
+++ b/lib/version.c
@@ -240,7 +240,7 @@ static curl_version_info_data version_info = {
#ifdef USE_NTLM
| CURL_VERSION_NTLM
#endif
-#ifdef WINBIND_NTLM_AUTH_ENABLED
+#ifdef NTLM_WB_ENABLED
| CURL_VERSION_NTLM_WB
#endif
#ifdef USE_WINDOWS_SSPI
diff --git a/m4/curl-confopts.m4 b/m4/curl-confopts.m4
index 190ff00a7..9d4315626 100644
--- a/m4/curl-confopts.m4
+++ b/m4/curl-confopts.m4
@@ -21,7 +21,7 @@
#***************************************************************************
# File version for 'aclocal' use. Keep it a single number.
-# serial 15
+# serial 16
dnl CURL_CHECK_OPTION_THREADED_RESOLVER
dnl -------------------------------------------------
@@ -497,63 +497,63 @@ AC_DEFUN([CURL_CHECK_LIB_ARES], [
])
-dnl CURL_CHECK_OPTION_WINBIND_NTLM_AUTH
+dnl CURL_CHECK_OPTION_NTLM_WB
dnl -------------------------------------------------
dnl Verify if configure has been invoked with option
-dnl --enable-ntlm-auth or --disable-ntlm-auth, and
-dnl set shell variable want_wb_ntlm_auth and
-dnl want_wb_ntlm_auth_file as appropriate.
-
-AC_DEFUN([CURL_CHECK_OPTION_WINBIND_NTLM_AUTH], [
- AC_BEFORE([$0],[CURL_CHECK_WINBIND_NTLM_AUTH])dnl
- OPT_WINBIND_NTLM_AUTH="default"
- AC_ARG_ENABLE(wb-ntlm-auth,
-AC_HELP_STRING([--enable-wb-ntlm-auth@<:@=FILE@:>@],[Enable NTLM delegation to winbind's ntlm_auth helper, where FILE is ntlm_auth's absolute filename (default: /usr/bin/ntlm_auth)])
-AC_HELP_STRING([--disable-wb-ntlm-auth],[Disable NTLM delegation to winbind's ntlm_auth helper]),
- OPT_WINBIND_NTLM_AUTH=$enableval)
- want_wb_ntlm_auth_file="/usr/bin/ntlm_auth"
- case "$OPT_WINBIND_NTLM_AUTH" in
+dnl --enable-ntlm-wb or --disable-ntlm-wb, and set
+dnl shell variable want_ntlm_wb and want_ntlm_wb_file
+dnl as appropriate.
+
+AC_DEFUN([CURL_CHECK_OPTION_NTLM_WB], [
+ AC_BEFORE([$0],[CURL_CHECK_NTLM_WB])dnl
+ OPT_NTLM_WB="default"
+ AC_ARG_ENABLE(ntlm-wb,
+AC_HELP_STRING([--enable-ntlm-wb@<:@=FILE@:>@],[Enable NTLM delegation to winbind's ntlm_auth helper, where FILE is ntlm_auth's absolute filename (default: /usr/bin/ntlm_auth)])
+AC_HELP_STRING([--disable-ntlm-wb],[Disable NTLM delegation to winbind's ntlm_auth helper]),
+ OPT_NTLM_WB=$enableval)
+ want_ntlm_wb_file="/usr/bin/ntlm_auth"
+ case "$OPT_NTLM_WB" in
no)
- dnl --disable-wb-ntlm-auth option used
- want_wb_ntlm_auth="no"
+ dnl --disable-ntlm-wb option used
+ want_ntlm_wb="no"
;;
default)
dnl configure option not specified
- want_wb_ntlm_auth="yes"
+ want_ntlm_wb="yes"
;;
*)
- dnl --enable-wb-ntlm-auth option used
- want_wb_ntlm_auth="yes"
+ dnl --enable-ntlm-wb option used
+ want_ntlm_wb="yes"
if test -n "$enableval" && test "$enableval" != "yes"; then
- want_wb_ntlm_auth_file="$enableval"
+ want_ntlm_wb_file="$enableval"
fi
;;
esac
])
-dnl CURL_CHECK_WINBIND_NTLM_AUTH
+dnl CURL_CHECK_NTLM_WB
dnl -------------------------------------------------
-dnl Check if winbind's ntlm_auth helper support will
-dnl finally be enabled depending on configure option
-dnl given and target platform.
+dnl Check if support for NTLM delegation to winbind's
+dnl ntlm_auth helper will finally be enabled depending
+dnl on given configure options and target platform.
-AC_DEFUN([CURL_CHECK_WINBIND_NTLM_AUTH], [
- AC_REQUIRE([CURL_CHECK_OPTION_WINBIND_NTLM_AUTH])dnl
+AC_DEFUN([CURL_CHECK_NTLM_WB], [
+ AC_REQUIRE([CURL_CHECK_OPTION_NTLM_WB])dnl
AC_REQUIRE([CURL_CHECK_NATIVE_WINDOWS])dnl
AC_MSG_CHECKING([whether to enable NTLM delegation to winbind's helper])
if test "$ac_cv_native_windows" = "yes" ||
test "x$SSL_ENABLED" = "x"; then
- want_wb_ntlm_auth_file=""
- want_wb_ntlm_auth="no"
+ want_ntlm_wb_file=""
+ want_ntlm_wb="no"
fi
- AC_MSG_RESULT([$want_wb_ntlm_auth])
- if test "$want_wb_ntlm_auth" = "yes"; then
- AC_DEFINE(WINBIND_NTLM_AUTH_ENABLED, 1,
+ AC_MSG_RESULT([$want_ntlm_wb])
+ if test "$want_ntlm_wb" = "yes"; then
+ AC_DEFINE(NTLM_WB_ENABLED, 1,
[Define to enable NTLM delegation to winbind's ntlm_auth helper.])
- AC_DEFINE_UNQUOTED(WINBIND_NTLM_AUTH_FILE, "$want_wb_ntlm_auth_file",
+ AC_DEFINE_UNQUOTED(NTLM_WB_FILE, "$want_ntlm_wb_file",
[Define absolute filename for winbind's ntlm_auth helper.])
- WINBIND_NTLM_AUTH_ENABLED=1
+ NTLM_WB_ENABLED=1
fi
])
diff --git a/tests/data/test1310 b/tests/data/test1310
index fd389d3ef..840f3c5fa 100644
--- a/tests/data/test1310
+++ b/tests/data/test1310
@@ -62,7 +62,7 @@ debug
http
</server>
<name>
-HTTP with NTLM single-sign-on authorization
+HTTP with NTLM delegation to winbind helper
</name>
<setenv>
# we force our own host name, in order to make the test machine independent
@@ -70,7 +70,7 @@ CURL_GETHOSTNAME=curlhost
# we try to use the LD_PRELOAD hack, if not a debug build
LD_PRELOAD=%PWD/libtest/.libs/libhostname.so
# set path to fake_auth instead of real ntlm_auth to generate NTLM type1 and type 3 messages
-CURL_NTLM_AUTH=%PWD/server/fake_ntlm
+CURL_NTLM_WB_FILE=%PWD/server/fake_ntlm
# set source directory so fake_ntlm can find the test files
CURL_NTLM_AUTH_SRCDIR=%SRCDIR
# set the test number