diff options
| -rw-r--r-- | CHANGES | 9 | ||||
| -rw-r--r-- | include/curl/curl.h | 18 | ||||
| -rw-r--r-- | lib/url.c | 36 | ||||
| -rw-r--r-- | lib/urldata.h | 2 | ||||
| -rw-r--r-- | src/main.c | 21 |
5 files changed, 52 insertions, 34 deletions
@@ -7,10 +7,15 @@ Changelog Daniel (10 June) +- Modified how to set auth type to libcurl. Now use CURLOPT_HTTPAUTH instead, + and pick method. Supported ones currently are: + CURLHTTP_BASIC - default selection + CURLHTTP_DIGEST - formerly CURLOPT_HTTPDIGEST + CURLHTTP_NEGOTIATE + - Daniel Kouril added HTTP Negotiate authentication support, as defined in the IETF draft draft-brezak-spnego-http-04.txt. In use already by various - Microsoft web applications. CURLOPT_HTTPNEGOTIATE and --negotiate are the - new family members. + Microsoft web applications. --negotiate is the new family member. - A missing ending bracket (']') while doing URL globbing could lead to a segfault. While fixing this, I also introduced better error reporting in the diff --git a/include/curl/curl.h b/include/curl/curl.h index 46e09f429..0d590d6ab 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -213,6 +213,14 @@ typedef enum { CURLPROXY_SOCKS5 = 5 } curl_proxytype; +typedef enum { + CURLHTTP_BASIC = 0, /* default */ + CURLHTTP_DIGEST = 1, /* Digest */ + CURLHTTP_NEGOTIATE = 2, /* Negotiate */ + CURLHTTP_NTLM = 3, /* NTLM */ + CURLHTTP_LAST /* never to be used */ +} curl_httpauth; + /* this was the error code 50 in 7.7.3 and a few earlier versions, this is no longer used by libcurl but is instead #defined here only to not make programs break */ @@ -625,13 +633,9 @@ typedef enum { attempted before the good old traditional PORT command. */ CINIT(FTP_USE_EPRT, LONG, 106), - /* Set this to a non-zero value to enable HTTP Digest Authentication. - You should use this in combination with CURLOPT_USERPWD. */ - CINIT(HTTPDIGEST, LONG, 107), - - /* Set this to a non-zero value to enable HTTP Negotiate Authentication. - You should use this in combination with CURLOPT_USERPWD. */ - CINIT(HTTPNEGOTIATE, LONG, 108), + /* Set this to a curl_httpauth value to enable that particular authentication + method. Use this in combination with CURLOPT_USERPWD. */ + CINIT(HTTPAUTH, LONG, 107), CURLOPT_LASTENTRY /* the last unused */ } CURLoption; @@ -844,18 +844,38 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, ...) data->set.encoding = (char*)ALL_CONTENT_ENCODINGS; break; - case CURLOPT_HTTPDIGEST: + case CURLOPT_HTTPAUTH: /* - * Enable HTTP Digest Authentication + * Set HTTP Authentication type. */ - data->set.httpdigest = va_arg(param, long); - break; + { + curl_httpauth auth = va_arg(param, long); + switch(auth) { + case CURLHTTP_BASIC: + /* default */ + data->set.httpdigest = FALSE; + data->set.httpnegotiate = FALSE; + break; + case CURLHTTP_DIGEST: + /* Enable HTTP Digest authentication */ + data->set.httpdigest = TRUE; + data->set.httpnegotiate = FALSE; + break; + case CURLHTTP_NEGOTIATE: #ifdef GSSAPI - case CURLOPT_HTTPNEGOTIATE: - /* Enable HTTP Negotaiate authentication */ - data->set.httpnegotiate = va_arg(param, long); - break; + /* Enable HTTP Negotaiate authentication */ + data->set.httpdigest = FALSE; + data->set.httpnegotiate = TRUE; + break; +#else + /* fall-through */ #endif + default: + return CURLE_FAILED_INIT; /* unsupported type */ + } + } + break; + case CURLOPT_USERPWD: /* * user:password to use in the operation diff --git a/lib/urldata.h b/lib/urldata.h index 4dbd4092a..459c5c468 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -689,9 +689,7 @@ struct UserDefined { long use_port; /* which port to use (when not using default) */ char *userpwd; /* <user:password>, if used */ bool httpdigest; /* if HTTP Digest is enabled */ -#ifdef GSSAPI bool httpnegotiate; /* if HTTP Negotiate authentication is enabled */ -#endif char *set_range; /* range, if used. See README for detailed specification on this syntax. */ long followlocation; /* as in HTTP Location: */ diff --git a/src/main.c b/src/main.c index 0e740f3ed..ef5217280 100644 --- a/src/main.c +++ b/src/main.c @@ -359,9 +359,7 @@ static void help(void) " -d/--data <data> HTTP POST data (H)\n" " --data-ascii <data> HTTP POST ASCII data (H)\n" " --data-binary <data> HTTP POST binary data (H)\n" -#ifdef GSSAPI - " --negotiate Enable HTTP Negotiate Authentication\n" -#endif + " --negotiate Enable HTTP Negotiate Authentication (req GSS-lib)\n" " --digest Enable HTTP Digest Authentication"); puts(" --disable-eprt Prevents curl from using EPRT or LPRT (F)\n" " --disable-epsv Prevents curl from using EPSV (F)\n" @@ -464,9 +462,7 @@ struct Configurable { bool cookiesession; /* new session? */ bool encoding; /* Accept-Encoding please */ bool digest; /* Digest Authentication */ -#ifdef GSSAPI bool negotiate; /* Negotiate Authentication */ -#endif bool use_resume; bool resume_from_current; bool disable_epsv; @@ -1059,9 +1055,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */ {"5i", "limit-rate", TRUE}, {"5j", "compressed", FALSE}, /* might take an arg someday */ {"5k", "digest", FALSE}, -#ifdef GSSAPI {"5l", "negotiate", FALSE}, -#endif {"0", "http1.0", FALSE}, {"1", "tlsv1", FALSE}, {"2", "sslv2", FALSE}, @@ -1290,11 +1284,9 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */ config->digest ^= TRUE; break; -#ifdef GSSAPI case 'l': /* --negotiate */ config->negotiate ^= TRUE; break; -#endif default: /* the URL! */ { @@ -2989,12 +2981,11 @@ operate(struct Configurable *config, int argc, char *argv[]) /* disable it */ curl_easy_setopt(curl, CURLOPT_FTP_USE_EPRT, FALSE); - /* new in libcurl 7.10.6 */ - curl_easy_setopt(curl, CURLOPT_HTTPDIGEST, config->digest); - -#ifdef GSSAPI - curl_easy_setopt(curl, CURLOPT_HTTPNEGOTIATE, config->negotiate); -#endif + /* new in libcurl 7.10.6 (default is Basic) */ + if(config->digest) + curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLHTTP_DIGEST); + else if(config->negotiate) + curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLHTTP_NEGOTIATE); /* new in curl 7.9.7 */ if(config->trace_dump) { |