aboutsummaryrefslogtreecommitdiff
path: root/lib/curl_ntlm_msgs.c
AgeCommit message (Collapse)Author
2014-11-16ntlm: Moved the SSPI based Type-3 message generation into the SASL moduleSteve Holme
2014-11-16ntlm: Moved the SSPI based Type-2 message decoding into the SASL moduleSteve Holme
2014-11-16ntlm: Moved the SSPI based Type-1 message generation into the SASL moduleSteve Holme
2014-11-14ntlm: Clean-up and standardisation of base64 decodingSteve Holme
2014-11-14ntlm: We prefer 'CURLcode result'Steve Holme
2014-11-09ntlm: Removed an unnecessary free of native Target InfoSteve Holme
Due to commit 40ee1ba0dc the free in Curl_ntlm_decode_type2_target() is longer required.
2014-11-09ntlm: Moved the native Target Info clean-up from HTTP specific functionSteve Holme
2014-11-09ntlm: Moved SSPI clean-up code into SASL moduleSteve Holme
2014-11-05sspi: Define authentication package name constantsSteve Holme
These were previously hard coded, and whilst defined in security.h, they may or may not be present in old header files given that these defines were never used in the original code. Not only that, but there appears to be some ambiguity between the ANSI and UNICODE NTLM definition name in security.h.
2014-10-29sspi: Return CURLE_LOGIN_DENIED on AcquireCredentialsHandle() failureSteve Holme
Return a more appropriate error, rather than CURLE_OUT_OF_MEMORY when acquiring the credentials handle fails. This is then consistent with the code prior to commit f7e24683c4 when log-in credentials were empty.
2014-10-26sspi: Synchronization of cleanup code between auth mechanismsSteve Holme
2014-10-26sspi: Renamed max token length variablesSteve Holme
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-26sspi: Renamed expiry time stamp variablesSteve Holme
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-26sspi: Only call CompleteAuthToken() when complete is neededSteve Holme
Don't call CompleteAuthToken() after InitializeSecurityContext() has returned SEC_I_CONTINUE_NEEDED as this return code only indicates the function should be called again after receiving a response back from the server. This only affected the Digest and NTLM authentication code.
2014-10-26ntlm: Return all errors from Curl_ntlm_core_mk_nt_hash()Steve Holme
For consistency with other areas of the NTLM code propagate all errors from Curl_ntlm_core_mk_nt_hash() up the call stack rather than just CURLE_OUT_OF_MEMORY.
2014-10-26ntlm: Return CURLcode from Curl_ntlm_core_mk_lm_hash()Steve Holme
2014-10-25ntlm: Changed handles to be dynamic like other SSPI handlesSteve Holme
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-25ntlm: Renamed handle variables to match other SSPI structuresSteve Holme
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-25ntlm: Renamed SSPI based input token variablesSteve Holme
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-25ntlm: We prefer 'CURLcode result'Steve Holme
Continuing commit 0eb3d15ccb more return code variable name changes.
2014-10-16ntlm: Fixed empty type-2 decoded message info textSteve Holme
Updated the info text when the base-64 decode of the type-2 message returns a null buffer to be more specific.
2014-10-16ntlm: Fixed empty/bad base-64 decoded buffer return codesSteve Holme
2014-10-16ntlm: Avoid unnecessary buffer allocation for SSPI based type-2 tokenSteve Holme
2014-09-12ntlm: Fixed HTTP proxy authentication when using Windows SSPIUlrich Telle
Removed ISC_REQ_* flags from calls to InitializeSecurityContext to fix bug in NTLM handshake for HTTP proxy authentication. NTLM handshake for HTTP proxy authentication failed with error SEC_E_INVALID_TOKEN from InitializeSecurityContext for certain proxy servers on generating the NTLM Type-3 message. The flag ISC_REQ_CONFIDENTIALITY seems to cause the problem according to the observations and suggestions made in a bug report for the QT project (https://bugreports.qt-project.org/browse/QTBUG-17322). Removing all the flags solved the problem. Bug: http://curl.haxx.se/mail/lib-2014-08/0273.html Reported-by: Ulrich Telle Assisted-by: Steve Holme, Daniel Stenberg
2014-08-08sspi: Minor code tidy up to standardise coding styleSteve Holme
Following the recent changes and in attempt to align the SSPI based authentication code performed the following: * Use NULL and SECBUFFVERSION rather than hard coded constants. * Avoid comparison of zero in if statements. * Standardised the buf and desc setup code.
2014-08-08curl_ntlm_msgs: make < 80 columns wideDaniel Stenberg
2014-08-08ntlm: Fixed hard coded buffer for SSPI based auth packet generationSteve Holme
Given the SSPI package info query indicates a token size of 2888 bytes, and as with the Winbind code and commit 9008f3d56, use a dynamic buffer for the Type-1 and Type-3 message generation rather than a fixed buffer of 1024 bytes.
2014-08-07ntlm: Added support for SSPI package info querySteve Holme
Just as with the SSPI implementations of Digest and Negotiate added a package info query so that libcurl can a) return a more appropriate error code when the NTLM package is not supported and b) it can be of use later to allocate a dynamic buffer for the Type-1 and Type-3 output tokens rather than use a fixed buffer of 1024 bytes.
2014-06-11NTLM: set a fake entropy for debug builds with CURL_ENTROPY setDaniel Stenberg
Curl_rand() will return a dummy and repatable random value for this case. Makes it possible to write test cases that verify output. Also, fake timestamp with CURL_FORCETIME set. Only when built debug enabled of course. Curl_ssl_random() was not used anymore so it has been removed. Curl_rand() is enough. create_digest_md5_message: generate base64 instead of hex string curl_sasl: also fix memory leaks in some OOM situations
2014-04-06sasl: Post DIGEST-MD5 SSPI code tidy upSteve Holme
* Added comments to SSPI NTLM message generation * Added comments to native DIGEST-MD5 code * Removed redundant identity pointer
2014-04-06ntlm: Moved the identity generation into shared SSPI codeSteve Holme
2014-01-30ntlm: Use static client nonce for the test suiteSteve Holme
2014-01-29ntlm: Coding style policing dating back to 2011Steve Holme
2014-01-29ntlm: Added support for NTLMv2Prash Dush
2013-12-20vtls: renamed sslgen.[ch] to vtls.[ch]Daniel Stenberg
2013-12-20vtls: created subdir, moved sslgen.[ch] there, updated all include linesDaniel Stenberg
2013-03-25curl_ntlm_msgs.c: revert commit 463082bea4Yang Tse
reverts unreleased invalid memory leak fix
2013-02-11ntlm: Updated comments for the addition of SASL support to IMAP in v7.29Steve Holme
2013-02-08ntlm: fix memory leakGisle Vanem
Running tests\libtest\libntlmconnect.exe reveals a 1 byte (!) leak in ./lib/curl_ntlm_msgs.c: perl ..\memanalyze.pl c:memdebug.curl Leak detected: memory still allocated: 1 bytes At 9771e8, there's 1 bytes. allocated by curl_ntlm_msgs.c:399 Snippet from curl_ntlm_msgs.c: /* setup ntlm identity's domain and length */ dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1)); (my domlen == 0). 'dup_domain.tbyte_ptr' looks to be freed in Curl_ntlm_sspi_cleanup() via 'ntlm->identity.Domain'. But I see no freeing of 'dup_domain.tchar_ptr'.
2013-01-09build: fix circular header inclusion with other packagesYang Tse
This commit renames lib/setup.h to lib/curl_setup.h and renames lib/setup_once.h to lib/curl_setup_once.h. Removes the need and usage of a header inclusion guard foreign to libcurl. [1] Removes the need and presence of an alarming notice we carried in old setup_once.h [2] ---------------------------------------- 1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H, this single inclusion guard is enough to ensure that inclusion of lib/setup_once.h done from lib/setup.h is only done once. Additionally lib/setup.h has always used __SETUP_ONCE_H macro to protect inclusion of setup_once.h even after commit ec691ca3, this was to avoid a circular header inclusion triggered when building a c-ares enabled version with c-ares sources available which also has a setup_once.h header. Commit ec691ca3 exposes the real nature of __SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard foreign to libcurl belonging to c-ares's setup_once.h The renaming this commit does, fixes the circular header inclusion, and as such removes the need and usage of a header inclusion guard foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl. 2 - Due to the circular interdependency of old lib/setup_once.h and the c-ares setup_once.h header, old file lib/setup_once.h has carried back from 2006 up to now days an alarming and prominent notice about the need of keeping libcurl's and c-ares's setup_once.h in sync. Given that this commit fixes the circular interdependency, the need and presence of mentioned notice is removed. All mentioned interdependencies come back from now old days when the c-ares project lived inside a curl subdirectory. This commit removes last traces of such fact.
2013-01-06Revert changes relative to lib/*.[ch] recent renamingYang Tse
This reverts renaming and usage of lib/*.h header files done 28-12-2012, reverting 2 commits: f871de0... build: make use of 76 lib/*.h renamed files ffd8e12... build: rename 76 lib/*.h files This also reverts removal of redundant include guard (redundant thanks to changes in above commits) done 2-12-2013, reverting 1 commit: c087374... curl_setup.h: remove redundant include guard This also reverts renaming and usage of lib/*.c source files done 3-12-2013, reverting 3 commits: 13606bb... build: make use of 93 lib/*.c renamed files 5b6e792... build: rename 93 lib/*.c files 7d83dff... build: commit 13606bbfde follow-up 1 Start of related discussion thread: http://curl.haxx.se/mail/lib-2013-01/0012.html Asking for confirmation on pushing this revertion commit: http://curl.haxx.se/mail/lib-2013-01/0048.html Confirmation summary: http://curl.haxx.se/mail/lib-2013-01/0079.html NOTICE: The list of 2 files that have been modified by other intermixed commits, while renamed, and also by at least one of the 6 commits this one reverts follows below. These 2 files will exhibit a hole in history unless git's '--follow' option is used when viewing logs. lib/curl_imap.h lib/curl_smtp.h
2013-01-03build: make use of 93 lib/*.c renamed filesYang Tse
93 *.c source files renamed to use our standard naming scheme. This change affects 77 files in libcurl's source tree.
2012-12-28build: make use of 76 lib/*.h renamed filesYang Tse
76 private header files renamed to use our standard naming scheme. This change affects 322 files in libcurl's source tree.
2012-07-06code police: narrow source to < 80 columnsDaniel Stenberg
2012-07-05unicode NTLM SSPI: cleanupYang Tse
Reduce the number of #ifdef UNICODE directives used in source files.
2012-07-03curl_ntlm_msgs.c: Removed unused variable passwdMarc Hoersken
2012-07-03curl_ntlm_msgs.c: include <tchar.h> for prototypesYang Tse
2012-07-02unicode NTLM SSPI: heap corruption fixedChristian Hägele
When compiling libcurl with UNICODE defined and using unicode characters in username.
2012-06-26SSL cleanup: use crypto functions through the sslgen layerDaniel Stenberg
curl_ntlm_msgs.c would previously use an #ifdef maze and direct SSL-library calls instead of using the SSL layer we have for this purpose.
2012-06-16Win32: downplay MS bazillion type synonyms gameYang Tse
Avoid usage of some MS type synonyms to allow compilation with compiler headers that don't define these, using simpler synonyms.