Age | Commit message (Collapse) | Author |
|
- If the server has provided another challenge use it as the replacement
input token if stale=TRUE. Otherwise previous credentials have failed
so return CURLE_LOGIN_DENIED.
Prior to this change the stale directive was ignored and if another
challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING.
Ref: https://tools.ietf.org/html/rfc2617#page-10
Bug: https://github.com/curl/curl/issues/928
Reported-by: tarek112@users.noreply.github.com
|
|
- on the first invocation: keep security context returned by
InitializeSecurityContext()
- on subsequent invocations: use MakeSignature() instead of
InitializeSecurityContext() to generate HTTP digest response
Bug: https://github.com/curl/curl/issues/870
Reported-by: Andreas Roth
Closes https://github.com/curl/curl/pull/1251
|
|
Curl_auth_decode_digest_http_message(): copy terminating NUL as later
Curl_override_sspi_http_realm() expects a NUL-terminated string.
Fixes #1180
|
|
|
|
Fix compile break from 811a693b80
|
|
We had some confusions on when each function was used. We should not act
differently on different locales anyway.
|
|
Completing commit 00417fd66c and 2708d4259b.
|
|
As Windows SSPI authentication calls fail when a particular mechanism
isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5
and Negotiate to allow both HTTP and SASL authentication the opportunity
to query support for a supported mechanism before selecting it.
For now each function returns TRUE to maintain compatability with the
existing code when called.
|
|
This is a follow up to the parent commit dcdd4be which fixes one leak
but creates another by failing to free the credentials handle if out of
memory. Also there's a second location a few lines down where we fail to
do same. This commit fixes both of those issues.
|
|
This patch allocates memory to "output_token" only when it is required
so that memory is not leaked if function returns.
|
|
|
|
Closes #754
|
|
Reported-by: Michael Osipov
|
|
|
|
Renamed all the SASL functions that moved to the new vauth directory to
include the correct module name.
|
|
As most of this work was performed in 2015 but not pushed until 2016
updated the copyright year to reflect the public facing changes.
|
|
|