| Age | Commit message (Collapse) | Author |
|---|
|
Regression from commit 9e8ced9890 which meant if --oauth2-bearer was
specified but the SASL mechanism wasn't supported by the server then
the mechanism would be chosen.
|
|
Added support to the OAuth 2.0 message function for host and port, in
order to accommodate the official OAUTHBEARER SASL mechanism which is
to be added shortly.
|
|
|
|
|
|
In places the "host name" and "realm" variable was referred to as
"instance" whilst in others it was referred to as "host".
|
|
Without this, SSPI based digest auth was broken.
Bug: https://github.com/bagder/curl/pull/141.patch
|
|
This header file must be included after all header files except
memdebug.h, as it does similar memory function redefinitions and can be
similarly affected by conflicting definitions in system or dependent
library headers.
|
|
Since we just started make use of free(NULL) in order to simplify code,
this change takes it a step further and:
- converts lots of Curl_safefree() calls to good old free()
- makes Curl_safefree() not check the pointer before free()
The (new) rule of thumb is: if you really want a function call that
frees a pointer and then assigns it to NULL, then use Curl_safefree().
But we will prefer just using free() from now on.
|
|
... and as a consequence, introduce curl_printf.h with that re-define
magic instead and make all libcurl code use that instead.
|
|
Better use of 80 character line limit, comment corrections and line
spacing preferences.
|
|
curl_sasl.c:1506: warning: unused variable 'chlg'
|
|
curl_sasl.c:1317: warning: unused parameter 'conn'
|
|
|
|
|
|
Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and
by not setting the password.
|
|
Commit 7a8b2885e2 made some functions static and removed the public
Curl_ prefix. Unfortunately, it also removed the sasl_ prefix, which
is the naming convention we use in this source file.
|
|
|
|
|
|
curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local
variable
|
|
curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier
This error could also happen for non-SSPI builds when cryptography is
disabled (CURL_DISABLE_CRYPTO_AUTH is defined).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
For consistency renamed USE_KRB5 to USE_KERBEROS5.
|
|
There was a mismatch in function parameter names.
|
|
Rather than define the function as extern in the source files that use
it, moved the function declaration into the SASL header file just like
the Digest and NTLM clean-up functions.
Additionally, added a function description comment block.
|
|
In preparation for moving the NTLM message code into the SASL module,
and separating the native code from the SSPI code, added functions that
simply call the functions in curl_ntlm_msg.c.
|
|
|
|
|
|
Fixed a couple of memory leaks as a result of moving code that used to
populate allocuserpwd and relied on it's clean up.
|
|
Post tidy up to ensure commonality of code style and variable names.
|
|
Introduced in commit 7e6d51a73c these functions and definitions are only
required by the internal challenge-response functions now.
|
|
This temporarily breaks HTTP digest authentication in SSPI based builds,
causing CURLE_NOT_BUILT_IN to be returned. A follow up commit will
resume normal operation.
|
|
Broken as part of the rework, in commit 7e6d51a73c, to assist with the
addition of HTTP digest via Windows SSPI.
|
|
|
|
|
|
|
|
Typically the USE_WINDOWS_SSPI definition would not be used when the
CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build
configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication
data structures and functions would incorrectly be used when they
shouldn't be.
Introduced a new USE_KRB5 definition that takes into account the use of
CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
|
|
|
|
|
|
|
|
Updated Curl_sasl_create_digest_md5_message() to use a dynamic buffer
for the SPN generation via the recently introduced Curl_sasl_build_spn()
function rather than a fixed buffer of 128 characters.
|
|
Various parts of the libcurl source code build a SPN for inclusion in
authentication data. This information is either used by our own native
generation routines or passed to authentication functions in third-party
libraries such as SSPI. However, some of these instances use fixed
buffers rather than dynamically allocated ones and not all of those that
should, convert to wide character strings in Unicode builds.
Implemented a common function that generates a SPN and performs the
wide character conversion where necessary.
|
|
This caused segfaults on tests 823 869 907.
|
|
They were added because of an older code path that used allocations and
should not have been left in the code. With this change the logic goes
back to how it was.
|
|
Curl_rand() will return a dummy and repatable random value for this
case. Makes it possible to write test cases that verify output.
Also, fake timestamp with CURL_FORCETIME set.
Only when built debug enabled of course.
Curl_ssl_random() was not used anymore so it has been
removed. Curl_rand() is enough.
create_digest_md5_message: generate base64 instead of hex string
curl_sasl: also fix memory leaks in some OOM situations
|
|
The SASL/Digest previously used the current time's seconds +
microseconds to add randomness but it is much better to instead get more
data from Curl_rand().
It will also allow us to easier "fake" that for debug builds on demand
in a future.
|
