diff options
| author | Steve Holme <steve_holme@hotmail.com> | 2016-03-13 20:09:15 +0000 |
|---|---|---|
| committer | Steve Holme <steve_holme@hotmail.com> | 2016-03-26 17:21:22 +0000 |
| commit | 4adee1947c8016359fb7ae01dd3998166ea0101a (patch) | |
| tree | db4076c86291e00c46773f882a077b5ac06d0bbb /lib/http_negotiate.c | |
| parent | 6d6f9ca1d978817af2f2780dafcceba281256e11 (diff) | |
| download | curl-4adee1947c8016359fb7ae01dd3998166ea0101a.tar.gz | |
http_negotiate: Combine GSS-API and SSPI source files
As the GSS-API and SSPI based source files are no longer library/API
specific, following the extraction of that authentication code to the
vauth directory, combine these files rather than maintain two separate
versions.
Diffstat (limited to 'lib/http_negotiate.c')
| -rw-r--r-- | lib/http_negotiate.c | 34 |
1 files changed, 29 insertions, 5 deletions
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c index 587ea2a1c..99a4dbdad 100644 --- a/lib/http_negotiate.c +++ b/lib/http_negotiate.c @@ -22,7 +22,7 @@ #include "curl_setup.h" -#if defined(HAVE_GSSAPI) && !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO) +#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO) #include "urldata.h" #include "sendf.h" @@ -39,8 +39,11 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, const char *header) { struct SessionHandle *data = conn->data; + size_t len; - /* Point to the service and host */ + /* Point to the username, password, service and host */ + const char *userp; + const char *passwdp; const char *service; const char *host; @@ -48,29 +51,50 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy, struct negotiatedata *neg_ctx; if(proxy) { + userp = conn->proxyuser; + passwdp = conn->proxypasswd; service = data->set.str[STRING_PROXY_SERVICE_NAME]; host = conn->host.name; neg_ctx = &data->state.proxyneg; } else { + userp = conn->user; + passwdp = conn->passwd; service = data->set.str[STRING_SERVICE_NAME]; host = conn->proxy.name; neg_ctx = &data->state.negotiate; } + /* Not set means empty */ + if(!userp) + userp = ""; + + if(!passwdp) + passwdp = ""; + /* Obtain the input token, if any */ header += strlen("Negotiate"); while(*header && ISSPACE(*header)) header++; + len = strlen(header); + if(!len) { + /* Is this the first call in a new negotiation? */ + if(neg_ctx->context) { + /* The server rejected our authentication and hasn't suppled any more + negotiation mechanisms */ + return CURLE_LOGIN_DENIED; + } + } + /* Initilise the security context and decode our challenge */ - return Curl_auth_decode_spnego_message(data, NULL, NULL, service, host, + return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host, header, neg_ctx); } CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy) { - struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg: + struct negotiatedata *neg_ctx = proxy ? &conn->data->state.proxyneg : &conn->data->state.negotiate; char *base64 = NULL; size_t len = 0; @@ -104,4 +128,4 @@ void Curl_cleanup_negotiate(struct SessionHandle *data) Curl_auth_spnego_cleanup(&data->state.proxyneg); } -#endif /* HAVE_GSSAPI && !CURL_DISABLE_HTTP && USE_SPNEGO */ +#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */ |