aboutsummaryrefslogtreecommitdiff
path: root/lib/http_ntlm.c
AgeCommit message (Collapse)Author
2011-04-22NTLM: work with unicodeDaniel Stenberg
Rewritten code from a patch brought by Matteo Rocco.
2011-04-20CURL_DOES_CONVERSIONS: cleanupDaniel Stenberg
Massively reduce #ifdefs all over (23 #ifdef lines less so far) Moved conversion-specific code to non-ascii.c
2010-07-30NTLM tests: boost coverage by forcing the hostnameKamil Dudka
A shared library tests/libtest/.libs/lihostname.so is preloaded in NTLM test-cases to override the system implementation of gethostname(). It makes it possible to test the NTLM authentication for exact match, and this way test the implementation of MD4 and DES. If LD_PRELOAD doesn't work, a debug build willl also workk as debug builds are now made to prefer a specific environment variable and will then return that content as host name instead of the actual one. Kamil wrote the bulk of this, Daniel Stenberg polished it.
2010-06-30http_ntlm: add support for NSSKamil Dudka
When configured with '--without-ssl --with-nss', NTLM authentication now uses NSS crypto library for MD5 and DES. For MD4 we have a local implementation in that case. More details are available at https://bugzilla.redhat.com/603783 In order to get it working, curl_global_init() must be called with CURL_GLOBAL_SSL or CURL_GLOBAL_ALL. That's necessary because NSS needs to be initialized globally and we do so only when the NSS library is actually required by protocol. The mentioned call of curl_global_init() is responsible for creating of the initialization mutex. There was also slightly changed the NSS initialization scenario, in particular, loading of the NSS PEM module. It used to be loaded always right after the NSS library was initialized. Now the library is initialized as soon as any SSL or NTLM is required, while the PEM module is prevented from being loaded until the SSL is actually required.
2010-03-24remove the CVSish $Id$ linesDaniel Stenberg
2010-03-11Allow compilation even when OpenSSL has been configured without MD4 support.Dan Fandrich
2010-01-24Julien Chaffraix corrected bad #elif lines to silence warningsDaniel Stenberg
2009-04-21libcurl's memory.h renamed to curl_memory.hYang Tse
2009-03-05Fix NTLM authentication memory leak on SSPI enabled Windows buildsYang Tse
2009-02-27Indentation fixes, untabify and related whitespace-cleanup. No code changed.Daniel Stenberg
2009-02-12Added support for Digest and NTLM authentication using GnuTLS.Dan Fandrich
2009-01-30ensure that we use the ANSI version functionsYang Tse
2009-01-29Introduced curl_sspi.c and curl_sspi.h for the implementation of functionsYang Tse
Curl_sspi_global_init() and Curl_sspi_global_cleanup() which previously were named Curl_ntlm_global_init() and Curl_ntlm_global_cleanup() in http_ntlm.c Also adjusted socks_sspi.c to remove the link-time dependency on the Windows SSPI library using it now in the same way as it was done in http_ntlm.c.
2009-01-21Fixed a couple more locale-dependent toupper conversions, mainly forDan Fandrich
clarity. This does fix one problem that causes ;type=i FTP URLs to fail in the Turkish locale when CURLOPT_PROXY_TRANSFER_MODE is used (test case 561) Added tests 561 and 1092 through 1094 to test various combinations of ;type= and ;mode= URLs that could potentially fail in the Turkish locale.
2008-10-23moved the Curl_raw_ functions into the new lib/rawstr.c file for easier curlx_Daniel Stenberg
inclusion by the curl tool without colliding with the curl_strequal functions.
2008-09-30fix compiler warning: function declaration isn't a prototypeYang Tse
2008-09-02Made some variables const which eliminated some castsDan Fandrich
2008-08-17Adjust usage of conditional definition of USE_OPENSSLYang Tse
2008-08-17libcurl internal base64.h header file renamed to curl_base64.hYang Tse
2008-08-11- Constantine Sapuntzakis filed bug report #2042430Daniel Stenberg
(http://curl.haxx.se/bug/view.cgi?id=2042430) with a patch. "NTLM Windows SSPI code is not thread safe". This was due to libcurl using static variables to tell wether to load the necessary SSPI DLL, but now the loading has been moved to the more suitable curl_global_init() call.
2007-11-05removed space after if and while before the parenthesis for better source codeDaniel Stenberg
consistency
2007-09-27Enabled a few more gcc warnings with --enable-debug. Renamed a fewDan Fandrich
variables to avoid shadowing global declarations.
2007-08-27Fixed some minor type mismatches and missing consts mainly found by splint.Dan Fandrich
2007-08-14Andrew Wansink provided an NTLM bugfix: in the case the server sets the flagDaniel Stenberg
NTLMFLAG_NEGOTIATE_UNICODE, we need to filter it off because libcurl doesn't unicode encode the strings it packs into the NTLM authenticate packet.
2007-07-11added netdb.h for NetWare CLIB since gethostname() is defined there.Gunter Knauf
2007-04-10Fixed some out of memory handling issues.Dan Fandrich
2007-04-10Update NTLM flag and descriptionYang Tse
2007-04-04Fixes some more out of memory handling bugs.Dan Fandrich
2007-02-21silence two cases of "comparison between signed and unsigned"Daniel Stenberg
2007-02-21curlassert macro replaced with DEBUGASSERT macro defined in setup_once.hYang Tse
2007-01-23- David McCreedy did NTLM changes mainly for non-ASCII platforms:Daniel Stenberg
#1 There's a compilation error in http_ntlm.c if USE_NTLM2SESSION is NOT defined. I noticed this while testing various configurations. Line 867 of the current http_ntlm.c is a closing bracket for an if/else pair that only gets compiled in if USE_NTLM2SESSION is defined. But this closing bracket wasn't in an #ifdef so the code fails to compile unless USE_NTLM2SESSION was defined. Lines 198 and 140 of my patch wraps that closing bracket in an #ifdef USE_NTLM2SESSION. #2 I noticed several picky compiler warnings when DEBUG_ME is defined. I've fixed them with casting. By the way, DEBUG_ME was a huge help in understanding this code. #3 Hopefully the last non-ASCII conversion patch for libcurl in a while. I changed the "NTLMSSP" literal to hex since this signature must always be in ASCII. Conversion code was strategically added where necessary. And the Curl_base64_encode calls were changed so the binary "blobs" http_ntlm.c creates are NOT translated on non-ASCII platforms.
2007-01-03- David McCreedy made changes to allow base64 encoding/decoding to work onDaniel Stenberg
non-ASCII platforms.
2006-11-02prototype for gethostname is in unistd.hYang Tse
2006-10-17Avoid typecasting a signed char to an int when using is*() functions, as thatDaniel Stenberg
could very well cause a negate number get passed in and thus cause reading outside of the array usually used for this purpose. We avoid this by using the uppercase macro versions introduced just now that does some extra crazy typecasts to avoid byte codes > 127 to cause negative int values.
2006-09-09Michele Bini fixed how the hostname is put in NTLM packages. As serversDaniel Stenberg
don't expect fully qualified names we need to cut them off at the first dot.
2006-07-19Fix compiler warningsYang Tse
2006-06-07NTLM2 session response supportDaniel Stenberg
2006-04-08readint_le() not needed in USE_WINDOWS_SSPI code.Gisle Vanem
2006-04-05Michele Bini modified the NTLM code to work for his "weird IIS case"Daniel Stenberg
(http://curl.haxx.se/mail/lib-2006-02/0154.html) by adding the NTLM hash function in addition to the LM one and making some other adjustments in the order the different parts of the data block are sent in the Type-2 reply. Inspiration for this work was taken from the Firefox NTLM implementation. I edited the existing 21(!) NTLM test cases to run fine with these news. Due to the fact that we now properly include the host name in the Type-2 message the test cases now only compare parts of that chunk.
2005-11-14Quagmire reported that he needed to raise a NTLM buffer for SSPI to workDaniel Stenberg
properly for a case, and so we did. We raised it even for non-SSPI builds but it should not do any harm. http://curl.haxx.se/bug/view.cgi?id=1356715
2005-11-08Dmitry Bartsevich discovered some issues in compatibilty of SSPI-enabledDaniel Stenberg
version of libcurl with different Windows versions. Current version of libcurl imports SSPI functions from secur32.dll. However, under Windows NT 4.0 these functions are located in security.dll, under Windows 9x - in secur32.dll and Windows 2000 and XP contains both these DLLs (security.dll just forwards calls to secur32.dll). Dmitry's patch loads proper library dynamically depending on Windows version. Function InitSecurityInterface() is used to obtain pointers to all of SSPI function in one structure. : ----------------------------------------------------------------------
2005-10-13Make sure that the user and domain strings fit in the target buffer before weDaniel Stenberg
copy them there.
2005-10-02Avoid gcc warning "dereferencing type-punned pointerGisle Vanem
will break strict-aliasing rules".
2005-09-20Uses __stdcall instead of SEC_ENTRY since it seems (at least) mingw doesn'tDaniel Stenberg
define SEC_ENTRY and thus fails unless this is done!
2005-09-19Dmitry Bartsevich made the SSPI support work on Windows 9x as wellDaniel Stenberg
2005-04-07GnuTLS support added. There's now a "generic" SSL layer that we use all overDaniel Stenberg
internally, with code provided by sslgen.c. All SSL-layer-specific code is then written in ssluse.c (for OpenSSL) and gtls.c (for GnuTLS). As far as possible, internals should not need to know what SSL layer that is in use. Building with GnuTLS currently makes two test cases fail. TODO.gnutls contains a few known outstanding issues for the GnuTLS support. GnuTLS support is enabled with configure --with-gnutls
2005-03-14hushing up more warningsDaniel Stenberg
2005-03-14Avoid "unused variable" warnings.Gisle Vanem
2005-03-11Fixed some compiler warnings.Dan Fandrich
2005-03-10Christopher R. Palmer made it possible to build libcurl with theDaniel Stenberg
USE_WINDOWS_SSPI on Windows, and then libcurl will be built to use the native way to do NTLM. SSPI also allows libcurl to pass on the current user and its password in the request.