aboutsummaryrefslogtreecommitdiff
path: root/lib/curl_sasl.h
AgeCommit message (Collapse)Author
2016-06-22internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg
2016-03-25vauth: Moved the NTLM authentication code to the new vauth directorySteve Holme
2016-03-25vauth: Moved the Kerberos V5 authentication code to the new vauth directorySteve Holme
2016-03-25vauth: Moved the DIGEST authentication code to the new vauth directorySteve Holme
2016-03-25vauth: Moved Curl_sasl_build_spn() to create the initial vauth source filesSteve Holme
2016-03-12digest: Use boolean based success code for Curl_sasl_digest_get_pair()Steve Holme
Rather than use a 0 and 1 integer base result code use a TRUE / FALSE based success code.
2016-02-03URLs: change all http:// URLs to https://Daniel Stenberg
2015-11-15oauth2: Support OAUTHBEARER failures sent as continuation responsesSteve Holme
According to RFC7628 a failure message may be sent by the server in a base64 encoded JSON string as a continuation response. Currently only implemented for OAUTHBEARER and not XAUTH2.
2015-11-14oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMPSteve Holme
OAUTHBEARER is now the official "registered" SASL mechanism name for OAuth 2.0. However, we don't want to drop support for XOAUTH2 as some servers won't support the new mechanism yet.
2015-11-12sasl: Re-introduced XOAUTH2 in the default enabled authentication mechanismSteve Holme
Following the fix in commit d6d58dd558 it is necessary to re-introduce XOAUTH2 in the default enabled authentication mechanism, which was removed in commit 7b2012f262, otherwise users will have to specify AUTH=XOAUTH2 in the URL. Note: OAuth 2.0 will only be used when the bearer is specified.
2015-11-12oauth2: Re-factored OAuth 2.0 state variableSteve Holme
2015-08-31sasl: Only define Curl_sasl_digest_get_pair() when CRYPTO_AUTH enabledSteve Holme
Introduced in commit 59f3f92ba6 this function is only implemented when CURL_DISABLE_CRYPTO_AUTH is not defined. As such we shouldn't define the function in the header file either.
2015-08-31sasl: Updated SPN variables and comments for consistencySteve Holme
In places the "host name" and "realm" variable was referred to as "instance" whilst in others it was referred to as "host".
2015-04-26sasl_sspi: Populate domain from the realm in the challengeGrant Pannell
Without this, SSPI based digest auth was broken. Bug: https://github.com/bagder/curl/pull/141.patch
2015-01-27sasl: remove XOAUTH2 from default enabled authentication mechanism.Patrick Monnerat
2015-01-27sasl: implement EXTERNAL authentication mechanism.Patrick Monnerat
Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and by not setting the password.
2015-01-22curl_sasl: Minor code policing following recent commitsSteve Holme
2015-01-20SASL: make some procedures local-scopedPatrick Monnerat
2015-01-20SASL: common state engine for imap/pop3/smtpPatrick Monnerat
2015-01-20SASL: common URL option and auth capabilities decoders for all protocolsPatrick Monnerat
2015-01-20IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.Patrick Monnerat
2015-01-18sasl_gssapi: Make Curl_sasl_build_gssapi_spn() publicSteve Holme
2014-11-16kerberos: Use symbol qualified with _KERBEROS5Michael Osipov
For consistency renamed USE_KRB5 to USE_KERBEROS5.
2014-11-14sasl: Moved Curl_sasl_gssapi_cleanup() definition into header fileSteve Holme
Rather than define the function as extern in the source files that use it, moved the function declaration into the SASL header file just like the Digest and NTLM clean-up functions. Additionally, added a function description comment block.
2014-11-09ntlm: Moved the native Target Info clean-up from HTTP specific functionSteve Holme
2014-11-09ntlm: Moved SSPI clean-up code into SASL moduleSteve Holme
2014-11-05sasl: Fixed compilation warning from commit 25264131e2Steve Holme
Added forward declaration of digestdata to overcome the following compilation warning: warning: 'struct digestdata' declared inside parameter list Additionally made the ntlmdata forward declaration dependent on USE_NTLM similar to how digestdata and kerberosdata are.
2014-11-05http_digest: Moved response generation into SASL moduleSteve Holme
2014-11-05http_digest: Moved challenge decoding into SASL moduleSteve Holme
2014-11-05http_digest: Moved clean-up function into SASL moduleSteve Holme
2014-11-05http_digest: Moved algorithm definitions to SASL moduleSteve Holme
2014-11-02sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is usedSteve Holme
Typically the USE_WINDOWS_SSPI definition would not be used when the CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication data structures and functions would incorrectly be used when they shouldn't be. Introduced a new USE_KRB5 definition that takes into account the use of CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
2014-08-14curl_sasl.h: Fixed compilation error from commit 4b491c675fSteve Holme
warning: 'struct kerberos5data' declared inside parameter list Due to missing forward declaration.
2014-08-14sasl_sspi: Added GSSAPI message functionsSteve Holme
2014-08-09sasl: Introduced Curl_sasl_build_spn() for building a SPNSteve Holme
Various parts of the libcurl source code build a SPN for inclusion in authentication data. This information is either used by our own native generation routines or passed to authentication functions in third-party libraries such as SSPI. However, some of these instances use fixed buffers rather than dynamically allocated ones and not all of those that should, convert to wide character strings in Unicode builds. Implemented a common function that generates a SPN and performs the wide character conversion where necessary.
2014-04-06sasl: Added forward declaration of structures following recent changesSteve Holme
To avoid urldata.h being included from the header file or that the source file has the correct include order as highlighted by one of the auto builds recently.
2014-04-06sasl: Corrected add of Curl_sasl_decode_digest_md5_message() from 2c49e96092Steve Holme
2014-04-06sasl: Corrected pre-processor inclusion of SSPI based DIGEST-MD5 codeSteve Holme
When CURL_DISABLE_CRYPTO_AUTH is defined the DIGEST-MD5 code should not be included, regardless of whether USE__WINDOWS_SSPI is defined or not. This is indicated by the definition of USE_HTTP_NEGOTIATE and USE_NTLM in curl_setup.h.
2014-04-05sasl: Added initial stub functions for SSPI DIGEST-MD supportSteve Holme
2014-04-05sasl: Combined DIGEST-MD5 message decoding and generationSteve Holme
2013-10-27email: Added support for cancelling NTLM authenticationSteve Holme
2013-10-27email: Added support for cancelling DIGEST-MD5 authenticationSteve Holme
2013-10-27email: Corrected a couple of typos from 1e39b95682781fSteve Holme
2013-10-27email: Added support for canceling CRAM-MD5 authenticationSteve Holme
2013-09-24sasl: Centralised the authentication mechanism stringsSteve Holme
Moved the standard SASL mechanism strings into curl_sasl.h rather than hard coding the same values over and over again in the protocols that use SASL authentication. For more information about the mechanism strings see: http://www.iana.org/assignments/sasl-mechanisms
2013-09-04SASL: fix compiler warningsDaniel Stenberg
comparison between signed and unsigned integer expressions suggest parentheses around '&&' within '||' (twice)
2013-08-25sasl: added basic SASL XOAUTH2 supportKyle L. Huff
Added the ability to generated a base64 encoded XOAUTH2 token containing: "user=<username>^Aauth=Bearer <bearer token>^A^A" as per RFC6749 "OAuth 2.0 Authorization Framework".
2013-04-13sasl: Reworked SASL mechanism constantsSteve Holme
... to use left-shifted values, like those defined in curl.h, rather than 16-bit hexadecimal values.
2013-04-13sasl: Added predefined preferred mechanism valuesSteve Holme
In preparation for the upcoming changes to IMAP, POP3 and SMTP added preferred mechanism values.
2013-03-21sasl: Corrected a few violations of the curl coding standardsSteve Holme
Corrected some incorrectly positioned pointer variable declarations to be "char *" rather than "char* ".