aboutsummaryrefslogtreecommitdiff
path: root/lib/curl_schannel.c
AgeCommit message (Collapse)Author
2012-06-25curl_schannel.c: Replace free() with Curl_safefree()Marc Hoersken
2012-06-20schannel: Implement new buffer size strategyMarc Hoersken
Increase decrypted and encrypted cache buffers using limitted doubling strategy. More information on the mailinglist: http://curl.haxx.se/mail/lib-2012-06/0255.html It updates the two remaining reallocations that have already been there and fixes the other one to use the same "do we need to increase the buffer"-condition as the other two. CURL_SCHANNEL_BUFFER_STEP_SIZE was renamed to CURL_SCHANNEL_BUFFER_FREE_SIZE since that is actually what it is now. Since we don't know how much more data we are going to read during the handshake, CURL_SCHANNEL_BUFFER_FREE_SIZE is used as the minimum free space required in the buffer for the next operation. CURL_SCHANNEL_BUFFER_STEP_SIZE was used for that before, too, but since we don't have a step size now, the define was renamed.
2012-06-20schannel SSL: fix compiler warningYang Tse
2012-06-20schannel SSL: fix for renegotiate problemMark Salisbury
In schannel_connect_step2() doread should be initialized based on connssl->connecting_state.
2012-06-20schannel_connect_step2: checksrc whitespace fixDaniel Stenberg
2012-06-20schannel SSL: changes in schannel_connect_step2Mark Salisbury
Process extra data buffer before returning from schannel_connect_step2. Without this change I've seen WinCE hang when schannel_connect_step2 returns and calls Curl_socket_ready. If the encrypted handshake does not fit in the intial buffer (seen with large certificate chain), increasing the encrypted data buffer is necessary. Fixed warning in curl_schannel.c line 1215.
2012-06-20schannel SSL: Made send method handle unexpected cases betterMark Salisbury
Implemented timeout loop in schannel_send while sending data. This is as close as I think we can get to write buffering; I put a big comment in to explain my thinking. With some committer adjustments
2012-06-19curl_schannel.c: Avoid unnecessary realloc calls to reduce buffer sizeMarc Hoersken
2012-06-19schannel SSL: Use standard Curl read/write methodsMark Salisbury
Replaced calls to swrite with Curl_write_plain and calls to sread with Curl_read_plain. With some committer adjustments
2012-06-19schannel SSL: make wording of some trace messages better reflect realityYang Tse
2012-06-19schannel SSL: Implemented SSL shutdownMark Salisbury
curl_schannel.c - implemented graceful SSL shutdown. If we fail to shutdown the connection gracefully, I've seen schannel try to use a session ID for future connects and the server aborts the connection during the handshake.
2012-06-19schannel SSL: certificate validation on WinCEMark Salisbury
curl_schannel.c - auto certificate validation doesn't seem to work right on CE. I added a method to perform the certificate validation which uses CertGetCertificateChain and manually handles the result.
2012-06-19schannel SSL: Added helper methods to simplify codeMark Salisbury
Added helper methods InitSecBuffer() and InitSecBufferDesc() to make it easier to set up SecBuffer & SecBufferDesc structs.
2012-06-16Win32: downplay MS bazillion type synonyms gameYang Tse
Avoid usage of some MS type synonyms to allow compilation with compiler headers that don't define these, using simpler synonyms.
2012-06-15SSPI related code: Unicode support for WinCEMark Salisbury
SSPI related code now compiles with ANSI and WCHAR versions of security methods (WinCE requires WCHAR versions of methods). Pulled UTF8 to WCHAR conversion methods out of idn_win32.c into their own file. curl_sasl.c - include curl_memory.h to use correct memory functions. getenv.c and telnet.c - WinCE compatibility fix With some committer adjustments
2012-06-14schannel: fix printf-style format stringsYang Tse
2012-06-14Fix bad failf() and info() usageYang Tse
Calls to failf() are not supposed to provide trailing newline. Calls to infof() must provide trailing newline. Fixed 30 or so strings.
2012-06-14schannel: fix unused parameter warningsYang Tse
2012-06-14schannel: fix comparisons between signed and unsignedYang Tse
2012-06-14schannel: fix discarding qualifier from pointer typeYang Tse
2012-06-14schannel: fix shadowing of global declarationsYang Tse
2012-06-14schannel: fix Curl_schannel_init() and Curl_schannel_cleanup() declarationsYang Tse
2012-06-13Changed Schannel string to SSL-Windows-native.Guenter Knauf
This is more descriptive for the user who might not even know what schannnel is at all.
2012-06-13schannel: remove version number and identify its use with 'schannel' literalYang Tse
Version number is removed in order to make this info consistent with how we do it with other MS and Linux system libraries for which we don't provide this info. Identifier changed from 'WinSSPI' to 'schannel' given that this is the actual provider of the SSL/TLS support. libcurl can still be built with SSPI and without SCHANNEL support.
2012-06-12sspi: make Curl_sspi_strerror() libcurl's sspi status code string functionYang Tse
2012-06-11checksrc: shorten a few lines to complyDaniel Stenberg
2012-06-11sspi: Reworked Curl_sspi_version() to return version componentsSteve Holme
Reworked the version function to return four version components rather than a string that has to be freed by the caller.
2012-06-11schannel: Code cleanup and bug fixesMarc Hoersken
curl_sspi.c: Fixed mingw32-gcc compiler warnings curl_sspi.c: Fixed length of error code hex output The hex value was printed as signed 64-bit value on 64-bit systems: SEC_E_WRONG_PRINCIPAL (0xFFFFFFFF80090322) It is now correctly printed as the following: SEC_E_WRONG_PRINCIPAL (0x80090322) curl_sspi.c: Fallback to security function table version number Instead of reporting an unknown version, the interface version is used. curl_sspi.c: Removed SSPI/ version prefix from Curl_sspi_version curl_schannel: Replaced static buffer sizes with defined names curl_schannel.c: First brace when declaring functions on column 0 curl_schannel.c: Put the pointer sign directly at variable name curl_schannel.c: Use structs directly instead of typedef'ed structs curl_schannel.c: Removed space before opening brace curl_schannel.c: Fixed lines being longer than 80 chars
2012-06-11curl_sspi: Added Curl_sspi_version functionMarc Hoersken
Added new function to get SSPI version as string. Added required library version.lib to makefiles. Changed curl_schannel.c to use Curl_sspi_version.
2012-06-11schannel: Replace ASCII specific code with general definesMarc Hoersken
2012-06-11schannel: Moved interal struct types to urldata.hMarc Hoersken
Moved type definitions in order to avoid inclusion loop
2012-06-11schannel: Fixed compiler warnings about pointer type assignmentsMarc Hoersken
2012-06-11schannel: Fixed critical typo in conditions and added buffer length checksMarc Hoersken
2012-06-11sspi: Refactored socks_sspi and schannel to use same error message functionsMarc Hoersken
Moved the error constant switch to curl_sspi.c and added two new helper functions to curl_sspi.[ch] which either return the constant or a fully translated message representing the SSPI security status. Updated socks_sspi.c and curl_schannel.c to use the new functions.
2012-06-11schannel: Added special shutdown check for Windows 2000 ProfessionalMarc Hoersken
Windows 2000 Professional: Schannel returns SEC_E_OK instead of SEC_I_CONTEXT_EXPIRED. If the length of the output buffer is zero and the first byte of the encrypted packet is 0x15, the application can safely assume that the message was a close_notify message and change the return value to SEC_I_CONTEXT_EXPIRED. Connection shutdown does not mean that there is no data to read Correctly handle incomplete message and ask curl to re-read Fixed buffer for decrypted being to small Re-structured read condition to be more effective Removed obsolete verbose messages Changed memory reduction method to keep a minimum buffer of size 4096
2012-06-11schannel: Implemented SSL/TLS renegotiationMarc Hoersken
Updated TODO information and added related MSDN articles
2012-06-11schannel: Save session credential handles in session cacheMarc Hoersken
2012-06-11schannel: Code cleanupMarc Hoersken
2012-06-11schannel: Check for required context attributesMarc Hoersken
2012-06-11schannel: Allow certificate and revocation checks being deactivatedMarc Hoersken
2012-06-11schannel: Added SSL/TLS support with Microsoft Windows Schannel SSPIMarc Hoersken