| Age | Commit message (Collapse) | Author |
|---|
|
|
|
According to RFC7628 a failure message may be sent by the server in a
base64 encoded JSON string as a continuation response.
Currently only implemented for OAUTHBEARER and not XAUTH2.
|
|
OAUTHBEARER is now the official "registered" SASL mechanism name for
OAuth 2.0. However, we don't want to drop support for XOAUTH2 as some
servers won't support the new mechanism yet.
|
|
Following the fix in commit d6d58dd558 it is necessary to re-introduce
XOAUTH2 in the default enabled authentication mechanism, which was
removed in commit 7b2012f262, otherwise users will have to specify
AUTH=XOAUTH2 in the URL.
Note: OAuth 2.0 will only be used when the bearer is specified.
|
|
|
|
Regression from commit 9e8ced9890 which meant if --oauth2-bearer was
specified but the SASL mechanism wasn't supported by the server then
the mechanism would be chosen.
|
|
Added support to the OAuth 2.0 message function for host and port, in
order to accommodate the official OAUTHBEARER SASL mechanism which is
to be added shortly.
|
|
|
|
|
|
In places the "host name" and "realm" variable was referred to as
"instance" whilst in others it was referred to as "host".
|
|
Without this, SSPI based digest auth was broken.
Bug: https://github.com/bagder/curl/pull/141.patch
|
|
This header file must be included after all header files except
memdebug.h, as it does similar memory function redefinitions and can be
similarly affected by conflicting definitions in system or dependent
library headers.
|
|
Since we just started make use of free(NULL) in order to simplify code,
this change takes it a step further and:
- converts lots of Curl_safefree() calls to good old free()
- makes Curl_safefree() not check the pointer before free()
The (new) rule of thumb is: if you really want a function call that
frees a pointer and then assigns it to NULL, then use Curl_safefree().
But we will prefer just using free() from now on.
|
|
... and as a consequence, introduce curl_printf.h with that re-define
magic instead and make all libcurl code use that instead.
|
|
Better use of 80 character line limit, comment corrections and line
spacing preferences.
|
|
curl_sasl.c:1506: warning: unused variable 'chlg'
|
|
curl_sasl.c:1317: warning: unused parameter 'conn'
|
|
|
|
|
|
Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and
by not setting the password.
|
|
Commit 7a8b2885e2 made some functions static and removed the public
Curl_ prefix. Unfortunately, it also removed the sasl_ prefix, which
is the naming convention we use in this source file.
|
|
|
|
|
|
curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local
variable
|
|
curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier
This error could also happen for non-SSPI builds when cryptography is
disabled (CURL_DISABLE_CRYPTO_AUTH is defined).
|
|
|
|
|
|
|
|
|
|
|
|
|
|
For consistency renamed USE_KRB5 to USE_KERBEROS5.
|
|
There was a mismatch in function parameter names.
|
|
Rather than define the function as extern in the source files that use
it, moved the function declaration into the SASL header file just like
the Digest and NTLM clean-up functions.
Additionally, added a function description comment block.
|
|
In preparation for moving the NTLM message code into the SASL module,
and separating the native code from the SSPI code, added functions that
simply call the functions in curl_ntlm_msg.c.
|
|
|
|
|
|
Fixed a couple of memory leaks as a result of moving code that used to
populate allocuserpwd and relied on it's clean up.
|
|
Post tidy up to ensure commonality of code style and variable names.
|
|
Introduced in commit 7e6d51a73c these functions and definitions are only
required by the internal challenge-response functions now.
|
|
This temporarily breaks HTTP digest authentication in SSPI based builds,
causing CURLE_NOT_BUILT_IN to be returned. A follow up commit will
resume normal operation.
|
|
Broken as part of the rework, in commit 7e6d51a73c, to assist with the
addition of HTTP digest via Windows SSPI.
|
|
|
|
|
|
|
|
Typically the USE_WINDOWS_SSPI definition would not be used when the
CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build
configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication
data structures and functions would incorrectly be used when they
shouldn't be.
Introduced a new USE_KRB5 definition that takes into account the use of
CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
|
|
|
|
|
|
|
|
Updated Curl_sasl_create_digest_md5_message() to use a dynamic buffer
for the SPN generation via the recently introduced Curl_sasl_build_spn()
function rather than a fixed buffer of 128 characters.
|
