aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--CHANGES9
-rw-r--r--include/curl/curl.h18
-rw-r--r--lib/url.c36
-rw-r--r--lib/urldata.h2
-rw-r--r--src/main.c21
5 files changed, 52 insertions, 34 deletions
diff --git a/CHANGES b/CHANGES
index 012567158..303134def 100644
--- a/CHANGES
+++ b/CHANGES
@@ -7,10 +7,15 @@
Changelog
Daniel (10 June)
+- Modified how to set auth type to libcurl. Now use CURLOPT_HTTPAUTH instead,
+ and pick method. Supported ones currently are:
+ CURLHTTP_BASIC - default selection
+ CURLHTTP_DIGEST - formerly CURLOPT_HTTPDIGEST
+ CURLHTTP_NEGOTIATE
+
- Daniel Kouril added HTTP Negotiate authentication support, as defined in the
IETF draft draft-brezak-spnego-http-04.txt. In use already by various
- Microsoft web applications. CURLOPT_HTTPNEGOTIATE and --negotiate are the
- new family members.
+ Microsoft web applications. --negotiate is the new family member.
- A missing ending bracket (']') while doing URL globbing could lead to a
segfault. While fixing this, I also introduced better error reporting in the
diff --git a/include/curl/curl.h b/include/curl/curl.h
index 46e09f429..0d590d6ab 100644
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@@ -213,6 +213,14 @@ typedef enum {
CURLPROXY_SOCKS5 = 5
} curl_proxytype;
+typedef enum {
+ CURLHTTP_BASIC = 0, /* default */
+ CURLHTTP_DIGEST = 1, /* Digest */
+ CURLHTTP_NEGOTIATE = 2, /* Negotiate */
+ CURLHTTP_NTLM = 3, /* NTLM */
+ CURLHTTP_LAST /* never to be used */
+} curl_httpauth;
+
/* this was the error code 50 in 7.7.3 and a few earlier versions, this
is no longer used by libcurl but is instead #defined here only to not
make programs break */
@@ -625,13 +633,9 @@ typedef enum {
attempted before the good old traditional PORT command. */
CINIT(FTP_USE_EPRT, LONG, 106),
- /* Set this to a non-zero value to enable HTTP Digest Authentication.
- You should use this in combination with CURLOPT_USERPWD. */
- CINIT(HTTPDIGEST, LONG, 107),
-
- /* Set this to a non-zero value to enable HTTP Negotiate Authentication.
- You should use this in combination with CURLOPT_USERPWD. */
- CINIT(HTTPNEGOTIATE, LONG, 108),
+ /* Set this to a curl_httpauth value to enable that particular authentication
+ method. Use this in combination with CURLOPT_USERPWD. */
+ CINIT(HTTPAUTH, LONG, 107),
CURLOPT_LASTENTRY /* the last unused */
} CURLoption;
diff --git a/lib/url.c b/lib/url.c
index 0ac487e91..c328e5ac4 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -844,18 +844,38 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, ...)
data->set.encoding = (char*)ALL_CONTENT_ENCODINGS;
break;
- case CURLOPT_HTTPDIGEST:
+ case CURLOPT_HTTPAUTH:
/*
- * Enable HTTP Digest Authentication
+ * Set HTTP Authentication type.
*/
- data->set.httpdigest = va_arg(param, long);
- break;
+ {
+ curl_httpauth auth = va_arg(param, long);
+ switch(auth) {
+ case CURLHTTP_BASIC:
+ /* default */
+ data->set.httpdigest = FALSE;
+ data->set.httpnegotiate = FALSE;
+ break;
+ case CURLHTTP_DIGEST:
+ /* Enable HTTP Digest authentication */
+ data->set.httpdigest = TRUE;
+ data->set.httpnegotiate = FALSE;
+ break;
+ case CURLHTTP_NEGOTIATE:
#ifdef GSSAPI
- case CURLOPT_HTTPNEGOTIATE:
- /* Enable HTTP Negotaiate authentication */
- data->set.httpnegotiate = va_arg(param, long);
- break;
+ /* Enable HTTP Negotaiate authentication */
+ data->set.httpdigest = FALSE;
+ data->set.httpnegotiate = TRUE;
+ break;
+#else
+ /* fall-through */
#endif
+ default:
+ return CURLE_FAILED_INIT; /* unsupported type */
+ }
+ }
+ break;
+
case CURLOPT_USERPWD:
/*
* user:password to use in the operation
diff --git a/lib/urldata.h b/lib/urldata.h
index 4dbd4092a..459c5c468 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -689,9 +689,7 @@ struct UserDefined {
long use_port; /* which port to use (when not using default) */
char *userpwd; /* <user:password>, if used */
bool httpdigest; /* if HTTP Digest is enabled */
-#ifdef GSSAPI
bool httpnegotiate; /* if HTTP Negotiate authentication is enabled */
-#endif
char *set_range; /* range, if used. See README for detailed specification
on this syntax. */
long followlocation; /* as in HTTP Location: */
diff --git a/src/main.c b/src/main.c
index 0e740f3ed..ef5217280 100644
--- a/src/main.c
+++ b/src/main.c
@@ -359,9 +359,7 @@ static void help(void)
" -d/--data <data> HTTP POST data (H)\n"
" --data-ascii <data> HTTP POST ASCII data (H)\n"
" --data-binary <data> HTTP POST binary data (H)\n"
-#ifdef GSSAPI
- " --negotiate Enable HTTP Negotiate Authentication\n"
-#endif
+ " --negotiate Enable HTTP Negotiate Authentication (req GSS-lib)\n"
" --digest Enable HTTP Digest Authentication");
puts(" --disable-eprt Prevents curl from using EPRT or LPRT (F)\n"
" --disable-epsv Prevents curl from using EPSV (F)\n"
@@ -464,9 +462,7 @@ struct Configurable {
bool cookiesession; /* new session? */
bool encoding; /* Accept-Encoding please */
bool digest; /* Digest Authentication */
-#ifdef GSSAPI
bool negotiate; /* Negotiate Authentication */
-#endif
bool use_resume;
bool resume_from_current;
bool disable_epsv;
@@ -1059,9 +1055,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
{"5i", "limit-rate", TRUE},
{"5j", "compressed", FALSE}, /* might take an arg someday */
{"5k", "digest", FALSE},
-#ifdef GSSAPI
{"5l", "negotiate", FALSE},
-#endif
{"0", "http1.0", FALSE},
{"1", "tlsv1", FALSE},
{"2", "sslv2", FALSE},
@@ -1290,11 +1284,9 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
config->digest ^= TRUE;
break;
-#ifdef GSSAPI
case 'l': /* --negotiate */
config->negotiate ^= TRUE;
break;
-#endif
default: /* the URL! */
{
@@ -2989,12 +2981,11 @@ operate(struct Configurable *config, int argc, char *argv[])
/* disable it */
curl_easy_setopt(curl, CURLOPT_FTP_USE_EPRT, FALSE);
- /* new in libcurl 7.10.6 */
- curl_easy_setopt(curl, CURLOPT_HTTPDIGEST, config->digest);
-
-#ifdef GSSAPI
- curl_easy_setopt(curl, CURLOPT_HTTPNEGOTIATE, config->negotiate);
-#endif
+ /* new in libcurl 7.10.6 (default is Basic) */
+ if(config->digest)
+ curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLHTTP_DIGEST);
+ else if(config->negotiate)
+ curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLHTTP_NEGOTIATE);
/* new in curl 7.9.7 */
if(config->trace_dump) {