Age | Commit message (Collapse) | Author |
|
|
|
|
|
As the list has gotten a little messy and hard to read, especially with
the introduction of deprecated items, aligned the values and comments
into clean columns and reworked some of the comments in the process.
|
|
|
|
|
|
|
|
|
|
|
|
Fixed a couple of memory leaks as a result of moving code that used to
populate allocuserpwd and relied on it's clean up.
|
|
|
|
Following the addition of SSPI support for HTTP digest, synchronised
elements of the email digest code with that of the new HTTP code.
|
|
Post tidy up to ensure commonality of code style and variable names.
|
|
Technical difficulties prevented this from going into the
previous commit.
|
|
Added !SSPI to the features list of the HTTP digest tests, as SSPI
based builds now use the Windows SSPI messaging API rather than the
internal functions, and we can't control the random numbers that get
used as part of the digest.
|
|
|
|
|
|
Reworked the input token (challenge message) storage as what is passed
to the buf and desc in the response generation are typically blobs of
data rather than strings, so this is more in keeping with other areas
of the SSPI code, such as the NTLM message functions.
|
|
Added void reference to unused 'data' parameter back to fix compilation
warning.
|
|
|
|
Some versions of Microsoft's sspi.h don't define this.
|
|
Introduced in commit 7e6d51a73c these functions and definitions are only
required by the internal challenge-response functions now.
|
|
|
|
|
|
|
|
This temporarily breaks HTTP digest authentication in SSPI based builds,
causing CURLE_NOT_BUILT_IN to be returned. A follow up commit will
resume normal operation.
|
|
|
|
This is very handy when updating the RELEASE-NOTES as then we sometimes
have names added manually in the existing list and we use this script to
update the set.
|
|
|
|
Reported-by: Christian Hägele
Bug: http://curl.haxx.se/mail/lib-2014-11/0078.html
|
|
As the curl command-line tool now includes it's own version of strdup(),
for platforms that don't have it, fixed up the git respository Visual
Studio project file generator to not include the version from lib in the
tool project files, rather than having both lib\strdup.[c|h] and
src\tool_strdup.[c|h] present.
|
|
... not the lib/ one that the tool no longer uses!
|
|
|
|
... and require the space after the filtering to make the filter able to
remove names.
|
|
|
|
Added forward declaration of digestdata to overcome the following
compilation warning:
warning: 'struct digestdata' declared inside parameter list
Additionally made the ntlmdata forward declaration dependent on
USE_NTLM similar to how digestdata and kerberosdata are.
|
|
Broken as part of the rework, in commit 7e6d51a73c, to assist with the
addition of HTTP digest via Windows SSPI.
|
|
error: invalid operands to binary
warning: pointer targets in assignment differ in signedness
|
|
|
|
|
|
|
|
|
|
Bug: http://curl.haxx.se/mail/lib-2014-11/0035.html
Reported-by: Jan Ehrhardt
|
|
...as Curl_memdup() duplicates an area of fix size memory, that may be
binary, and not a null terminated string.
|
|
conversion from 'curl_off_t' to 'size_t', possible loss of data
|
|
To provide consistent behaviour between the various HTTP authentication
functions use CURLcode based error codes for Curl_input_digest()
especially as the calling code doesn't use the specific error code just
that it failed.
|
|
docs/THANKS-filter is a new filter file for converting contributor names
we get or have recorded in alternative formats to the one we already use
in THANKS. To help us show individual contributors using a single
presentation of their names.
|
|
|
|
The removed names also appear as:
Andrés García, François Charlier, Gökhan Şengün, Michał Górny, Sébastien
Willemijns, Christopher Conroy, John E. Malmberg, Luca Altea, Peter Su,
S. Moonesamy, Samuel Listopad, Yasuharu Yamada, Karl Moerder
|
|
These were previously hard coded, and whilst defined in security.h,
they may or may not be present in old header files given that these
defines were never used in the original code.
Not only that, but there appears to be some ambiguity between the ANSI
and UNICODE NTLM definition name in security.h.
|
|
|