delta/curl.git/lib/vauth, branch bagder/test493-https github.com: bagder/curl.git ntlm: fix negotiated flags usage 2021-04-09T07:40:56+00:00 Patrick Monnerat patrick@monnerat.net 2021-04-06T17:32:21+00:00 9c1e1a6105f34ffe3b5a16e874a92c9558ddbd96 According to Microsoft document MS-NLMP, current flags usage is not accurate: flag NTLMFLAG_NEGOTIATE_NTLM2_KEY controls the use of extended security in an NTLM authentication message and NTLM version 2 cannot be negotiated within the protocol. The solution implemented here is: if the extended security flag is set, prefer using NTLM version 2 (as a server featuring extended security should also support version 2). If version 2 has been disabled at compile time, use extended security. Tests involving NTLM are adjusted to this new behavior. Fixes #6813 Closes #6849 
According to Microsoft document MS-NLMP, current flags usage is not
accurate: flag NTLMFLAG_NEGOTIATE_NTLM2_KEY controls the use of
extended security in an NTLM authentication message and NTLM version 2
cannot be negotiated within the protocol.

The solution implemented here is: if the extended security flag is set,
prefer using NTLM version 2 (as a server featuring extended security
should also support version 2). If version 2 has been disabled at
compile time, use extended security.

Tests involving NTLM are adjusted to this new behavior.

Fixes #6813
Closes #6849
ntlm: support version 2 on 32-bit platforms 2021-04-09T07:40:49+00:00 Patrick Monnerat patrick@monnerat.net 2021-04-06T17:31:03+00:00 cca455a36b7c3472fa64b148ded9a11deef93017 Closes #6849 
Closes #6849
copyright: update copyright year ranges to 2021 2021-03-27T22:00:14+00:00 Daniel Stenberg daniel@haxx.se 2021-03-27T11:52:25+00:00 85e6975643fe52d6c4152969e2353f3ab8ea4554 Reviewed-by: Emil Engler Closes #6802 
Reviewed-by: Emil Engler
Closes #6802
gsasl: fix errors/warnings building against libgsasl 2021-02-10T18:55:58+00:00 Viktor Szakats commit@vsz.me 2021-02-10T18:50:36+00:00 62c4f2f10fd49eb6f3933d94c8e154e08b755eec - also fix an indentation - make Curl_auth_gsasl_token() use CURLcode (by Daniel Stenberg) Ref: https://github.com/curl/curl/pull/6372#issuecomment-776118711 Ref: https://github.com/curl/curl/pull/6588 Reviewed-by: Jay Satiro Assisted-by: Daniel Stenberg Reviewed-by: Simon Josefsson Closes #6587 
- also fix an indentation
- make Curl_auth_gsasl_token() use CURLcode (by Daniel Stenberg)

Ref: https://github.com/curl/curl/pull/6372#issuecomment-776118711
Ref: https://github.com/curl/curl/pull/6588

Reviewed-by: Jay Satiro
Assisted-by: Daniel Stenberg
Reviewed-by: Simon Josefsson
Closes #6587
sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsasl 2021-02-09T09:53:25+00:00 Simon Josefsson simon@josefsson.org 2020-12-24T18:48:45+00:00 3eebbfe8f34d37c4d68d08277a44ec7aa6bd0889 Closes #6372 
Closes #6372
misc: fix "warning: empty expression statement has no effect" 2020-12-26T22:44:17+00:00 Daniel Stenberg daniel@haxx.se 2020-12-26T14:43:25+00:00 8ab78f720ae478d533e30b202baec4b451741579 Turned several macros into do-while(0) style to allow their use to work find with semicolon. Bug: https://github.com/curl/curl/commit/08e8455dddc5e48e58a12ade3815c01ae3da3b64#commitcomment-45433279 Follow-up to 08e8455dddc5e4 Reported-by: Gisle Vanem Closes #6376 
Turned several macros into do-while(0) style to allow their use to work
find with semicolon.

Bug: https://github.com/curl/curl/commit/08e8455dddc5e48e58a12ade3815c01ae3da3b64#commitcomment-45433279
Follow-up to 08e8455dddc5e4
Reported-by: Gisle Vanem
Closes #6376
failf: remove newline from formatting strings 2020-12-25T22:42:16+00:00 Daniel Stenberg daniel@haxx.se 2020-12-23T22:41:13+00:00 aba01da6390894c9e7ebb6691da544bc01b6324d ... as failf adds one itself. Also: add an assert() to failf() that triggers on a newline in the format string! Closes #6365 
... as failf adds one itself.

Also: add an assert() to failf() that triggers on a newline in the
format string!

Closes #6365
digest_sspi: Show InitializeSecurityContext errors in verbose mode 2020-12-14T05:25:10+00:00 Jay Satiro raysatiro@yahoo.com 2020-12-13T08:30:23+00:00 c54565915f4896a1f14130d839c108d93ebe8bd9 The error is shown with infof rather than failf so that the user will see the extended error message information only in verbose mode, and will still see the standard CURLE_AUTH_ERROR message. For example: --- * schannel: InitializeSecurityContext failed: SEC_E_QOP_NOT_SUPPORTED (0x8009030A) - The per-message Quality of Protection is not supported by the security package * multi_done * Connection #1 to host 127.0.0.1 left intact curl: (94) An authentication function returned an error --- Ref: https://github.com/curl/curl/issues/6302 Closes https://github.com/curl/curl/pull/6315 
The error is shown with infof rather than failf so that the user will
see the extended error message information only in verbose mode, and
will still see the standard CURLE_AUTH_ERROR message. For example:

---

* schannel: InitializeSecurityContext failed: SEC_E_QOP_NOT_SUPPORTED
(0x8009030A) - The per-message Quality of Protection is not supported by
the security package
* multi_done
* Connection #1 to host 127.0.0.1 left intact
curl: (94) An authentication function returned an error

---

Ref: https://github.com/curl/curl/issues/6302

Closes https://github.com/curl/curl/pull/6315
copyright: fix year ranges 2020-11-05T07:22:10+00:00 Daniel Stenberg daniel@haxx.se 2020-11-05T07:22:10+00:00 ac0a88fd2552524955233198de96cc66f6b15a07 Follow-up from 4d2f8006777 
Follow-up from 4d2f8006777
curl.se: new home 2020-11-04T22:59:47+00:00 Daniel Stenberg daniel@haxx.se 2020-11-04T13:02:01+00:00 4d2f8006777d6354d9b62eae38ebd0a0256d0f94 Closes #6172 
Closes #6172