aboutsummaryrefslogtreecommitdiff
path: root/lib/curl_sasl.c
AgeCommit message (Collapse)Author
2015-08-31sasl: Updated SPN variables and comments for consistencySteve Holme
In places the "host name" and "realm" variable was referred to as "instance" whilst in others it was referred to as "host".
2015-04-26sasl_sspi: Populate domain from the realm in the challengeGrant Pannell
Without this, SSPI based digest auth was broken. Bug: https://github.com/bagder/curl/pull/141.patch
2015-03-24curl_memory: make curl_memory.h the second-last header file loadedDan Fandrich
This header file must be included after all header files except memdebug.h, as it does similar memory function redefinitions and can be similarly affected by conflicting definitions in system or dependent library headers.
2015-03-16free: instead of Curl_safefree()Daniel Stenberg
Since we just started make use of free(NULL) in order to simplify code, this change takes it a step further and: - converts lots of Curl_safefree() calls to good old free() - makes Curl_safefree() not check the pointer before free() The (new) rule of thumb is: if you really want a function call that frees a pointer and then assigns it to NULL, then use Curl_safefree(). But we will prefer just using free() from now on.
2015-03-03mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg
... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
2015-02-02curl_sasl.c: More code policingSteve Holme
Better use of 80 character line limit, comment corrections and line spacing preferences.
2015-01-29curl_sasl.c: Fixed compilation warning when cryptography is disabledSteve Holme
curl_sasl.c:1506: warning: unused variable 'chlg'
2015-01-28curl_sasl.c: Fixed compilation warning when verbose debug output disabledSteve Holme
curl_sasl.c:1317: warning: unused parameter 'conn'
2015-01-28sasl: Minor code policing and grammar correctionsSteve Holme
2015-01-27sasl: remove XOAUTH2 from default enabled authentication mechanism.Patrick Monnerat
2015-01-27sasl: implement EXTERNAL authentication mechanism.Patrick Monnerat
Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and by not setting the password.
2015-01-22curl_sasl: Reinstate the sasl_ prefix for locally scoped functionsSteve Holme
Commit 7a8b2885e2 made some functions static and removed the public Curl_ prefix. Unfortunately, it also removed the sasl_ prefix, which is the naming convention we use in this source file.
2015-01-22curl_sasl: Minor code policing following recent commitsSteve Holme
2015-01-20curl_sasl.c: chlglen is not used when cryptography is disabledSteve Holme
2015-01-20curl_sasl.c: Fixed compilation warning when cyptography is disabledSteve Holme
curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local variable
2015-01-20curl_sasl.c: Fixed compilation error when USE_WINDOWS_SSPI definedSteve Holme
curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier This error could also happen for non-SSPI builds when cryptography is disabled (CURL_DISABLE_CRYPTO_AUTH is defined).
2015-01-20SASL: make some procedures local-scopedPatrick Monnerat
2015-01-20SASL: common state engine for imap/pop3/smtpPatrick Monnerat
2015-01-20SASL: common URL option and auth capabilities decoders for all protocolsPatrick Monnerat
2014-11-23sasl: Tidied up some parameter commentsSteve Holme
2014-11-23sasl: Reduced the need for two sets of NTLM functionsSteve Holme
2014-11-23ntlm: Moved NSS initialisation to base decode functionSteve Holme
2014-11-16kerberos: Use symbol qualified with _KERBEROS5Michael Osipov
For consistency renamed USE_KRB5 to USE_KERBEROS5.
2014-11-15sasl: Corrected Curl_sasl_build_spn() function descriptionSteve Holme
There was a mismatch in function parameter names.
2014-11-14sasl: Moved Curl_sasl_gssapi_cleanup() definition into header fileSteve Holme
Rather than define the function as extern in the source files that use it, moved the function declaration into the SASL header file just like the Digest and NTLM clean-up functions. Additionally, added a function description comment block.
2014-11-09ntlm: Added separate SSPI based functionsSteve Holme
In preparation for moving the NTLM message code into the SASL module, and separating the native code from the SSPI code, added functions that simply call the functions in curl_ntlm_msg.c.
2014-11-09ntlm: Moved the native Target Info clean-up from HTTP specific functionSteve Holme
2014-11-09ntlm: Moved SSPI clean-up code into SASL moduleSteve Holme
2014-11-07http_digest: Fixed some memory leaks introduced in commit 6f8d8131b1Steve Holme
Fixed a couple of memory leaks as a result of moving code that used to populate allocuserpwd and relied on it's clean up.
2014-11-06http_digest: Post SSPI support tidy upSteve Holme
Post tidy up to ensure commonality of code style and variable names.
2014-11-06sasl: Removed non-SSPI Digest functions and defines from SSPI based buildsSteve Holme
Introduced in commit 7e6d51a73c these functions and definitions are only required by the internal challenge-response functions now.
2014-11-06http_digest: Added SSPI based authentication functionsSteve Holme
This temporarily breaks HTTP digest authentication in SSPI based builds, causing CURLE_NOT_BUILT_IN to be returned. A follow up commit will resume normal operation.
2014-11-05sasl: Fixed HTTP digest challenges with spaces between auth parametersSteve Holme
Broken as part of the rework, in commit 7e6d51a73c, to assist with the addition of HTTP digest via Windows SSPI.
2014-11-05http_digest: Moved response generation into SASL moduleSteve Holme
2014-11-05http_digest: Moved challenge decoding into SASL moduleSteve Holme
2014-11-05http_digest: Moved clean-up function into SASL moduleSteve Holme
2014-11-02sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is usedSteve Holme
Typically the USE_WINDOWS_SSPI definition would not be used when the CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication data structures and functions would incorrectly be used when they shouldn't be. Introduced a new USE_KRB5 definition that takes into account the use of CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
2014-08-22sasl: Fixed a memory leak on OOMDan Fandrich
2014-08-14sasl_sspi: Added GSSAPI message functionsSteve Holme
2014-08-09sasl: Tidy up to rename SPN variable from URISteve Holme
2014-08-09sasl: Use a dynamic buffer for SPN generationSteve Holme
Updated Curl_sasl_create_digest_md5_message() to use a dynamic buffer for the SPN generation via the recently introduced Curl_sasl_build_spn() function rather than a fixed buffer of 128 characters.
2014-08-09sasl: Introduced Curl_sasl_build_spn() for building a SPNSteve Holme
Various parts of the libcurl source code build a SPN for inclusion in authentication data. This information is either used by our own native generation routines or passed to authentication functions in third-party libraries such as SSPI. However, some of these instances use fixed buffers rather than dynamically allocated ones and not all of those that should, convert to wide character strings in Unicode builds. Implemented a common function that generates a SPN and performs the wide character conversion where necessary.
2014-06-15sasl: Added back qop argument mistakenly removed in e95ca7ceDan Fandrich
This caused segfaults on tests 823 869 907.
2014-06-11curl_sasl: revert the goto for error bailoutDaniel Stenberg
They were added because of an older code path that used allocations and should not have been left in the code. With this change the logic goes back to how it was.
2014-06-11NTLM: set a fake entropy for debug builds with CURL_ENTROPY setDaniel Stenberg
Curl_rand() will return a dummy and repatable random value for this case. Makes it possible to write test cases that verify output. Also, fake timestamp with CURL_FORCETIME set. Only when built debug enabled of course. Curl_ssl_random() was not used anymore so it has been removed. Curl_rand() is enough. create_digest_md5_message: generate base64 instead of hex string curl_sasl: also fix memory leaks in some OOM situations
2014-06-03random: use Curl_rand() for proper random dataDaniel Stenberg
The SASL/Digest previously used the current time's seconds + microseconds to add randomness but it is much better to instead get more data from Curl_rand(). It will also allow us to easier "fake" that for debug builds on demand in a future.
2014-06-02curl_sasl: Fixed copy/paste error of now.tv_sec in commit eefeb73af4Steve Holme
2014-06-01curl_sasl: Fixed compilation warning under DEBUGBUILDSteve Holme
2014-06-01curl_sasl: Extended native DIGEST-MD5 cnonce to be a 32-byte hex stringSteve Holme
Rather than use a short 8-byte hex string, extended the cnonce to be 32-bytes long, like Windows SSPI does. Used a combination of random data as well as the current date and time for the generation.
2014-05-11sasl: Fixed missing qop in the client's challenge-response messageSteve Holme
Whilst the qop directive isn't required to be present in a client's response, as servers should assume a qop of "auth" if it isn't specified, some may return authentication failure if it is missing.