aboutsummaryrefslogtreecommitdiff
path: root/lib/vauth/krb5_sspi.c
AgeCommit message (Collapse)Author
2017-03-26spelling fixesklemens
Closes #1356
2016-08-21vauth: Added check for supported SSPI based authentication mechanismsSteve Holme
Completing commit 00417fd66c and 2708d4259b.
2016-08-18vauth: Introduced Curl_auth_is_<mechansism>_supported() functionsSteve Holme
As Windows SSPI authentication calls fail when a particular mechanism isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5 and Negotiate to allow both HTTP and SASL authentication the opportunity to query support for a supported mechanism before selecting it. For now each function returns TRUE to maintain compatability with the existing code when called.
2016-06-22internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg
2016-04-06URLs: change http to https in many placesViktor Szakats
Closes #754
2016-04-06vauth: Corrected a number of typos in commentsSteve Holme
Reported-by: Michael Osipov
2016-04-03vauth: Removed the need for a separate GSS-API based SPN functionSteve Holme
2016-04-03krb5: Small code tidy upSteve Holme
* Prefer dereference of string pointer rather than strlen() * Free challenge pointer in one place * Additional comments
2016-04-03krb5: Fixed missing client response when mutual authentication enabledSteve Holme
Although mutual authentication is currently turned off and can only be enabled by changing libcurl source code, authentication using Kerberos 5 has been broken since commit 79543caf90 in this use case.
2016-04-03krb5_sspi: Only process challenge when presentSteve Holme
This wouldn't cause a problem because of the way the function is called, but prior to this change, we were processing the challenge message when the credentials were NULL rather than when the challenge message was populated. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
2016-04-03krb5_sspi: Only generate the output token when its not allocatedSteve Holme
Prior to this change, we were generating the output token when the credentials were NULL rather than when the output token was NULL. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
2016-04-03krb5: Only generate a SPN when its not knownSteve Holme
Prior to this change, we were generating the SPN in the SSPI code when the credentials were NULL and in the GSS-API code when the context was empty. It is better to decouple the SPN generation from these checks and only generate it when the SPN itself is NULL. This also brings this part of the Kerberos 5 code in line with the Negotiate code.
2016-04-02krb5: Moved host from Curl_auth_create_gssapi_user_message() to be argumentSteve Holme
For consistency with the spnego and oauth2 code moved the setting of the host name outside of the Curl_auth_create_gssapi_user_messag() function. This will allow us to more easily override it in the future.
2016-03-25vauth: Refactored function names after move to new vauth directorySteve Holme
Renamed all the SASL functions that moved to the new vauth directory to include the correct module name.
2016-03-25vauth: Moved the Kerberos V5 authentication code to the new vauth directorySteve Holme