summaryrefslogtreecommitdiff
path: root/lib/http_negotiate.c
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2016-03-13 20:09:15 +0000
committerSteve Holme <steve_holme@hotmail.com>2016-03-26 17:21:22 +0000
commit4adee1947c8016359fb7ae01dd3998166ea0101a (patch)
treedb4076c86291e00c46773f882a077b5ac06d0bbb /lib/http_negotiate.c
parent6d6f9ca1d978817af2f2780dafcceba281256e11 (diff)
downloadcurl-4adee1947c8016359fb7ae01dd3998166ea0101a.tar.gz
http_negotiate: Combine GSS-API and SSPI source files
As the GSS-API and SSPI based source files are no longer library/API specific, following the extraction of that authentication code to the vauth directory, combine these files rather than maintain two separate versions.
Diffstat (limited to 'lib/http_negotiate.c')
-rw-r--r--lib/http_negotiate.c34
1 files changed, 29 insertions, 5 deletions
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index 587ea2a1c..99a4dbdad 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#if defined(HAVE_GSSAPI) && !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)
+#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)
#include "urldata.h"
#include "sendf.h"
@@ -39,8 +39,11 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
const char *header)
{
struct SessionHandle *data = conn->data;
+ size_t len;
- /* Point to the service and host */
+ /* Point to the username, password, service and host */
+ const char *userp;
+ const char *passwdp;
const char *service;
const char *host;
@@ -48,29 +51,50 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
struct negotiatedata *neg_ctx;
if(proxy) {
+ userp = conn->proxyuser;
+ passwdp = conn->proxypasswd;
service = data->set.str[STRING_PROXY_SERVICE_NAME];
host = conn->host.name;
neg_ctx = &data->state.proxyneg;
}
else {
+ userp = conn->user;
+ passwdp = conn->passwd;
service = data->set.str[STRING_SERVICE_NAME];
host = conn->proxy.name;
neg_ctx = &data->state.negotiate;
}
+ /* Not set means empty */
+ if(!userp)
+ userp = "";
+
+ if(!passwdp)
+ passwdp = "";
+
/* Obtain the input token, if any */
header += strlen("Negotiate");
while(*header && ISSPACE(*header))
header++;
+ len = strlen(header);
+ if(!len) {
+ /* Is this the first call in a new negotiation? */
+ if(neg_ctx->context) {
+ /* The server rejected our authentication and hasn't suppled any more
+ negotiation mechanisms */
+ return CURLE_LOGIN_DENIED;
+ }
+ }
+
/* Initilise the security context and decode our challenge */
- return Curl_auth_decode_spnego_message(data, NULL, NULL, service, host,
+ return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host,
header, neg_ctx);
}
CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
{
- struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
+ struct negotiatedata *neg_ctx = proxy ? &conn->data->state.proxyneg :
&conn->data->state.negotiate;
char *base64 = NULL;
size_t len = 0;
@@ -104,4 +128,4 @@ void Curl_cleanup_negotiate(struct SessionHandle *data)
Curl_auth_spnego_cleanup(&data->state.proxyneg);
}
-#endif /* HAVE_GSSAPI && !CURL_DISABLE_HTTP && USE_SPNEGO */
+#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */