aboutsummaryrefslogtreecommitdiff
path: root/lib/curl_ntlm_msgs.c
AgeCommit message (Collapse)Author
2014-12-14ntlm: Fixed return code for bad type-2 Target InfoSteve Holme
Use CURLE_BAD_CONTENT_ENCODING for bad type-2 Target Info security buffers just like we do for bad decodes.
2014-12-14ntlm: Remove unnecessary casts in readshort_le()Steve Holme
I don't think both of my fix ups from yesterday were needed to fix the compilation warning, so remove the one that I think is unnecessary and let the next Android autobuild prove/disprove it.
2014-12-13curl_ntlm_msgs.c: Another attempt to fix compilation warningSteve Holme
curl_ntlm_msgs.c:170: warning: conversion to 'short unsigned int' from 'int' may alter its value
2014-12-13curl_ntlm_msgs.c: Fixed compilation warning from commit 783b5c3b11Steve Holme
curl_ntlm_msgs.c:169: warning: conversion to 'short unsigned int' from 'int' may alter its value
2014-12-13ntlm: Use short integer when decoding 16-bit valuesSteve Holme
2014-12-12ntlm: Disable NTLM v2 when 64-bit integers are not supportedSteve Holme
This fixes compilation issues with compilers that don't support 64-bit integers through long long or __int64 which was introduced in commit 07b66cbfa4.
2014-12-12ntlm: Allow NTLM2Session messages when USE_NTRESPONSES manually definedSteve Holme
Previously USE_NTLM2SESSION would only be defined automatically when USE_NTRESPONSES wasn't already defined. Separated the two definitions so that the user can manually set USE_NTRESPONSES themselves but USE_NTLM2SESSION is defined automatically if they don't define it.
2014-11-23sasl: Reduced the need for two sets of NTLM functionsSteve Holme
2014-11-23ntlm: Moved NSS initialisation to base decode functionSteve Holme
2014-11-23ntlm: Fixed static'ness of local decode functionSteve Holme
2014-11-23ntlm: Corrected some parameter names and commentsSteve Holme
2014-11-16ntlm: Moved the SSPI based Type-3 message generation into the SASL moduleSteve Holme
2014-11-16ntlm: Moved the SSPI based Type-2 message decoding into the SASL moduleSteve Holme
2014-11-16ntlm: Moved the SSPI based Type-1 message generation into the SASL moduleSteve Holme
2014-11-14ntlm: Clean-up and standardisation of base64 decodingSteve Holme
2014-11-14ntlm: We prefer 'CURLcode result'Steve Holme
2014-11-09ntlm: Removed an unnecessary free of native Target InfoSteve Holme
Due to commit 40ee1ba0dc the free in Curl_ntlm_decode_type2_target() is longer required.
2014-11-09ntlm: Moved the native Target Info clean-up from HTTP specific functionSteve Holme
2014-11-09ntlm: Moved SSPI clean-up code into SASL moduleSteve Holme
2014-11-05sspi: Define authentication package name constantsSteve Holme
These were previously hard coded, and whilst defined in security.h, they may or may not be present in old header files given that these defines were never used in the original code. Not only that, but there appears to be some ambiguity between the ANSI and UNICODE NTLM definition name in security.h.
2014-10-29sspi: Return CURLE_LOGIN_DENIED on AcquireCredentialsHandle() failureSteve Holme
Return a more appropriate error, rather than CURLE_OUT_OF_MEMORY when acquiring the credentials handle fails. This is then consistent with the code prior to commit f7e24683c4 when log-in credentials were empty.
2014-10-26sspi: Synchronization of cleanup code between auth mechanismsSteve Holme
2014-10-26sspi: Renamed max token length variablesSteve Holme
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-26sspi: Renamed expiry time stamp variablesSteve Holme
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-26sspi: Only call CompleteAuthToken() when complete is neededSteve Holme
Don't call CompleteAuthToken() after InitializeSecurityContext() has returned SEC_I_CONTINUE_NEEDED as this return code only indicates the function should be called again after receiving a response back from the server. This only affected the Digest and NTLM authentication code.
2014-10-26ntlm: Return all errors from Curl_ntlm_core_mk_nt_hash()Steve Holme
For consistency with other areas of the NTLM code propagate all errors from Curl_ntlm_core_mk_nt_hash() up the call stack rather than just CURLE_OUT_OF_MEMORY.
2014-10-26ntlm: Return CURLcode from Curl_ntlm_core_mk_lm_hash()Steve Holme
2014-10-25ntlm: Changed handles to be dynamic like other SSPI handlesSteve Holme
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-25ntlm: Renamed handle variables to match other SSPI structuresSteve Holme
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-25ntlm: Renamed SSPI based input token variablesSteve Holme
Code cleanup to try and synchronise code between the different SSPI based authentication mechanisms.
2014-10-25ntlm: We prefer 'CURLcode result'Steve Holme
Continuing commit 0eb3d15ccb more return code variable name changes.
2014-10-16ntlm: Fixed empty type-2 decoded message info textSteve Holme
Updated the info text when the base-64 decode of the type-2 message returns a null buffer to be more specific.
2014-10-16ntlm: Fixed empty/bad base-64 decoded buffer return codesSteve Holme
2014-10-16ntlm: Avoid unnecessary buffer allocation for SSPI based type-2 tokenSteve Holme
2014-09-12ntlm: Fixed HTTP proxy authentication when using Windows SSPIUlrich Telle
Removed ISC_REQ_* flags from calls to InitializeSecurityContext to fix bug in NTLM handshake for HTTP proxy authentication. NTLM handshake for HTTP proxy authentication failed with error SEC_E_INVALID_TOKEN from InitializeSecurityContext for certain proxy servers on generating the NTLM Type-3 message. The flag ISC_REQ_CONFIDENTIALITY seems to cause the problem according to the observations and suggestions made in a bug report for the QT project (https://bugreports.qt-project.org/browse/QTBUG-17322). Removing all the flags solved the problem. Bug: http://curl.haxx.se/mail/lib-2014-08/0273.html Reported-by: Ulrich Telle Assisted-by: Steve Holme, Daniel Stenberg
2014-08-08sspi: Minor code tidy up to standardise coding styleSteve Holme
Following the recent changes and in attempt to align the SSPI based authentication code performed the following: * Use NULL and SECBUFFVERSION rather than hard coded constants. * Avoid comparison of zero in if statements. * Standardised the buf and desc setup code.
2014-08-08curl_ntlm_msgs: make < 80 columns wideDaniel Stenberg
2014-08-08ntlm: Fixed hard coded buffer for SSPI based auth packet generationSteve Holme
Given the SSPI package info query indicates a token size of 2888 bytes, and as with the Winbind code and commit 9008f3d56, use a dynamic buffer for the Type-1 and Type-3 message generation rather than a fixed buffer of 1024 bytes.
2014-08-07ntlm: Added support for SSPI package info querySteve Holme
Just as with the SSPI implementations of Digest and Negotiate added a package info query so that libcurl can a) return a more appropriate error code when the NTLM package is not supported and b) it can be of use later to allocate a dynamic buffer for the Type-1 and Type-3 output tokens rather than use a fixed buffer of 1024 bytes.
2014-06-11NTLM: set a fake entropy for debug builds with CURL_ENTROPY setDaniel Stenberg
Curl_rand() will return a dummy and repatable random value for this case. Makes it possible to write test cases that verify output. Also, fake timestamp with CURL_FORCETIME set. Only when built debug enabled of course. Curl_ssl_random() was not used anymore so it has been removed. Curl_rand() is enough. create_digest_md5_message: generate base64 instead of hex string curl_sasl: also fix memory leaks in some OOM situations
2014-04-06sasl: Post DIGEST-MD5 SSPI code tidy upSteve Holme
* Added comments to SSPI NTLM message generation * Added comments to native DIGEST-MD5 code * Removed redundant identity pointer
2014-04-06ntlm: Moved the identity generation into shared SSPI codeSteve Holme
2014-01-30ntlm: Use static client nonce for the test suiteSteve Holme
2014-01-29ntlm: Coding style policing dating back to 2011Steve Holme
2014-01-29ntlm: Added support for NTLMv2Prash Dush
2013-12-20vtls: renamed sslgen.[ch] to vtls.[ch]Daniel Stenberg
2013-12-20vtls: created subdir, moved sslgen.[ch] there, updated all include linesDaniel Stenberg
2013-03-25curl_ntlm_msgs.c: revert commit 463082bea4Yang Tse
reverts unreleased invalid memory leak fix
2013-02-11ntlm: Updated comments for the addition of SASL support to IMAP in v7.29Steve Holme
2013-02-08ntlm: fix memory leakGisle Vanem
Running tests\libtest\libntlmconnect.exe reveals a 1 byte (!) leak in ./lib/curl_ntlm_msgs.c: perl ..\memanalyze.pl c:memdebug.curl Leak detected: memory still allocated: 1 bytes At 9771e8, there's 1 bytes. allocated by curl_ntlm_msgs.c:399 Snippet from curl_ntlm_msgs.c: /* setup ntlm identity's domain and length */ dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1)); (my domlen == 0). 'dup_domain.tbyte_ptr' looks to be freed in Curl_ntlm_sspi_cleanup() via 'ntlm->identity.Domain'. But I see no freeing of 'dup_domain.tchar_ptr'.