aboutsummaryrefslogtreecommitdiff
path: root/lib/curl_config.h.cmake
AgeCommit message (Collapse)Author
2014-07-16Remove all traces of FBOpenSSL SPNEGO supportDavid Woodhouse
This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which allows client and server to negotiate the underlying mechanism which will actually be used to authenticate. This is *often* Kerberos, and can also be NTLM and other things. And to complicate matters, there are various different OIDs which can be used to specify the Kerberos mechanism too. A SPNEGO exchange will identify *which* GSSAPI mechanism is being used, and will exchange GSSAPI tokens which are appropriate for that mechanism. But this SPNEGO implementation just strips the incoming SPNEGO packet and extracts the token, if any. And completely discards the information about *which* mechanism is being used. Then we *assume* it was Kerberos, and feed the token into gss_init_sec_context() with the default mechanism (GSS_S_NO_OID for the mech_type argument). Furthermore... broken as this code is, it was never even *used* for input tokens anyway, because higher layers of curl would just bail out if the server actually said anything *back* to us in the negotiation. We assume that we send a single token to the server, and it accepts it. If the server wants to continue the exchange (as is required for NTLM and for SPNEGO to do anything useful), then curl was broken anyway. So the only bit which actually did anything was the bit in Curl_output_negotiate(), which always generates an *initial* SPNEGO token saying "Hey, I support only the Kerberos mechanism and this is its token". You could have done that by manually just prefixing the Kerberos token with the appropriate bytes, if you weren't going to do any proper SPNEGO handling. There's no need for the FBOpenSSL library at all. The sane way to do SPNEGO is just to *ask* the GSSAPI library to do SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context() is for. And then it should all Just Work™. That 'sane way' will be added in a subsequent patch, as will bug fixes for our failure to handle any exchange other than a single outbound token to the server which results in immediate success.
2012-04-13nss: unconditionally require PK11_CreateGenericObject()Kamil Dudka
This bumps the minimal supported version of NSS to 3.12.x.
2012-04-12configure: NATIVE_WINDOWS no longer defined in config filesYang Tse
2012-04-11build adjustments: CURL_HIDDEN_SYMBOLS no longer defined in config filesYang Tse
configure script now provides conditional definitions for Makefile.am that result in CURL_HIDDEN_SYMBOLS being defined by resulting makefiles when appropriate. Additionally, configure script option for symbol hiding control is now named --enable-symbol-hiding --disable-symbol-hiding. While still valid, old option name --enable-hidden-symbols --disable-hidden-symbols will be deprecated in some future release.
2011-06-21cmake: remove spurious definitionYang Tse
2010-06-04Enable OpenLDAP support for cygwin builds.Yang Tse
Enable OpenLDAP support for cygwin builds. This support was disabled back in 2008 due to incompatibilities between OpenSSL and OpenLDAP headers. cygwin's OpenSSL 0.9.8l and OpenLDAP 2.3.43 versions on cygwin 1.5.25 allow building an OpenLDAP enabled libcurl supporting back to Windows 95. Remove non-functional CURL_LDAP_HYBRID code and references.
2010-05-05PolarSSL: initial support addedHoi-Ho Chan
This is Hoi-Ho Chan's patch with some minor fixes by me. There are some potential issues in this, but none worse than we can sort out on the list and over time.
2010-03-24Fix curl CMake build.Bill Hoffman
This commit fixes the cmake build of curl, and cleans up the cmake code a little. It removes some commented out code and some trailing whitespace. To get curl to build the binary tree include/curl directory needed to be added to the include path. Also, SIZEOF_SHORT needed to be added. A check for the lack of defines of SIZEOF_* for warnless.c was added.
2009-07-14ENH: move config.h.cmake to curl_config.h.cmake so it builds againBill Hoffman