summaryrefslogtreecommitdiff
path: root/lib/urldata.h
diff options
context:
space:
mode:
authorgeorgeok <giorgos.n.oikonomou@gmail.com>2019-01-29 18:26:31 +0100
committerMarcel Raad <Marcel.Raad@teamviewer.com>2019-02-01 09:56:27 +0100
commita730432e59754df97c8985eb3094ca1cdd3e4955 (patch)
tree3e19c162afb855193a7ef4db1419a3f80b0d9392 /lib/urldata.h
parent463f16d188f9e7fae2e71a6b3160d391fbe8ff18 (diff)
downloadcurl-a730432e59754df97c8985eb3094ca1cdd3e4955.tar.gz
spnego_sspi: add support for channel binding
Attempt to add support for Secure Channel binding when negotiate authentication is used. The problem to solve is that by default IIS accepts channel binding and curl doesn't utilise them. The result was a 401 response. Scope affects only the Schannel(winssl)-SSPI combination. Fixes https://github.com/curl/curl/issues/3503 Closes https://github.com/curl/curl/pull/3509
Diffstat (limited to 'lib/urldata.h')
-rw-r--r--lib/urldata.h6
1 files changed, 6 insertions, 0 deletions
diff --git a/lib/urldata.h b/lib/urldata.h
index b71a843b4..ff3cc9a65 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -364,6 +364,9 @@ struct negotiatedata {
gss_buffer_desc output_token;
#else
#ifdef USE_WINDOWS_SSPI
+#ifdef SECPKG_ATTR_ENDPOINT_BINDINGS
+ CtxtHandle *sslContext;
+#endif
DWORD status;
CredHandle *credentials;
CtxtHandle *context;
@@ -980,6 +983,9 @@ struct connectdata {
void *seek_client; /* pointer to pass to the seek() above */
/*************** Request - specific items ************/
+#if defined(USE_WINDOWS_SSPI) && defined(SECPKG_ATTR_ENDPOINT_BINDINGS)
+ CtxtHandle *sslContext;
+#endif
#if defined(USE_NTLM)
struct ntlmdata ntlm; /* NTLM differs from other authentication schemes