aboutsummaryrefslogtreecommitdiff
path: root/lib/vauth/krb5_gssapi.c
AgeCommit message (Collapse)Author
2018-10-03comment: Fix multiple typos in function parametersDaniel Gustafsson
Ensure that the parameters in the comment match the actual names in the prototype. Closes #3079 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2017-03-26spelling fixesklemens
Closes #1356
2016-08-18vauth: Introduced Curl_auth_is_<mechansism>_supported() functionsSteve Holme
As Windows SSPI authentication calls fail when a particular mechanism isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5 and Negotiate to allow both HTTP and SASL authentication the opportunity to query support for a supported mechanism before selecting it. For now each function returns TRUE to maintain compatability with the existing code when called.
2016-06-22internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg
2016-04-06vauth: Corrected a number of typos in commentsSteve Holme
Reported-by: Michael Osipov
2016-04-03vauth: Removed the need for a separate GSS-API based SPN functionSteve Holme
2016-04-03krb5: Small code tidy upSteve Holme
* Prefer dereference of string pointer rather than strlen() * Free challenge pointer in one place * Additional comments
2016-04-03krb5_gssapi: Only process challenge when presentSteve Holme
This wouldn't cause a problem because of the way the function is called, but prior to this change, we were processing the challenge message when the credentials were NULL rather than when the challenge message was populated. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
2016-04-03krb5: Fixed missing client response when mutual authentication enabledSteve Holme
Although mutual authentication is currently turned off and can only be enabled by changing libcurl source code, authentication using Kerberos 5 has been broken since commit 79543caf90 in this use case.
2016-04-03krb5: Only generate a SPN when its not knownSteve Holme
Prior to this change, we were generating the SPN in the SSPI code when the credentials were NULL and in the GSS-API code when the context was empty. It is better to decouple the SPN generation from these checks and only generate it when the SPN itself is NULL. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
2016-04-02krb5_gssapi: Renamed the status variablesSteve Holme
For consistency with the spnego code.
2016-04-02krb5: Moved host from Curl_auth_create_gssapi_user_message() to be argumentSteve Holme
For consistency with the spnego and oauth2 code moved the setting of the host name outside of the Curl_auth_create_gssapi_user_messag() function. This will allow us to more easily override it in the future.
2016-03-29GSS: make Curl_gss_log_error more verboseIsaac Boukris
Also display the GSS_C_GSS_CODE (major code) when specified instead of only GSS_C_MECH_CODE (minor code). In addition, the old code was printing a colon twice after the prefix and also miscalculated the length of the buffer in between calls to gss_display_status (the length of ": " was missing). Also, gss_buffer is not guaranteed to be NULL terminated and thus need to restrict reading by its length. Closes #738
2016-03-25vauth: Refactored function names after move to new vauth directorySteve Holme
Renamed all the SASL functions that moved to the new vauth directory to include the correct module name.
2016-03-25vauth: Moved the Kerberos V5 authentication code to the new vauth directorySteve Holme