summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2016-03-13 20:09:15 +0000
committerSteve Holme <steve_holme@hotmail.com>2016-03-26 17:21:22 +0000
commit4adee1947c8016359fb7ae01dd3998166ea0101a (patch)
treedb4076c86291e00c46773f882a077b5ac06d0bbb /lib
parent6d6f9ca1d978817af2f2780dafcceba281256e11 (diff)
downloadcurl-4adee1947c8016359fb7ae01dd3998166ea0101a.tar.gz
http_negotiate: Combine GSS-API and SSPI source files
As the GSS-API and SSPI based source files are no longer library/API specific, following the extraction of that authentication code to the vauth directory, combine these files rather than maintain two separate versions.
Diffstat (limited to 'lib')
-rw-r--r--lib/Makefile.inc8
-rw-r--r--lib/Makefile.vc61
-rw-r--r--lib/http_negotiate.c34
-rw-r--r--lib/http_negotiate_sspi.c135
4 files changed, 33 insertions, 145 deletions
diff --git a/lib/Makefile.inc b/lib/Makefile.inc
index b9bb7149f..ce15cff05 100644
--- a/lib/Makefile.inc
+++ b/lib/Makefile.inc
@@ -50,10 +50,10 @@ LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \
curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c \
pingpong.c rtsp.c curl_threads.c warnless.c hmac.c curl_rtmp.c \
openldap.c curl_gethostname.c gopher.c idn_win32.c \
- http_negotiate_sspi.c http_proxy.c non-ascii.c asyn-ares.c \
- asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c \
- curl_ntlm_core.c curl_sasl.c curl_multibyte.c hostcheck.c conncache.c \
- pipeline.c dotdot.c x509asn1.c http2.c smb.c curl_endian.c curl_des.c
+ http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c \
+ curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_sasl.c \
+ curl_multibyte.c hostcheck.c conncache.c pipeline.c dotdot.c \
+ x509asn1.c http2.c smb.c curl_endian.c curl_des.c
LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \
formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h if2ip.h \
diff --git a/lib/Makefile.vc6 b/lib/Makefile.vc6
index b87350a7f..64b58392b 100644
--- a/lib/Makefile.vc6
+++ b/lib/Makefile.vc6
@@ -574,7 +574,6 @@ X_OBJS= \
$(DIROBJ)\http_chunks.obj \
$(DIROBJ)\http_digest.obj \
$(DIROBJ)\http_negotiate.obj \
- $(DIROBJ)\http_negotiate_sspi.obj \
$(DIROBJ)\http_proxy.obj \
$(DIROBJ)\idn_win32.obj \
$(DIROBJ)\if2ip.obj \
diff --git a/lib/http_negotiate.c b/lib/http_negotiate.c
index 587ea2a1c..99a4dbdad 100644
--- a/lib/http_negotiate.c
+++ b/lib/http_negotiate.c
@@ -22,7 +22,7 @@
#include "curl_setup.h"
-#if defined(HAVE_GSSAPI) && !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)
+#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)
#include "urldata.h"
#include "sendf.h"
@@ -39,8 +39,11 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
const char *header)
{
struct SessionHandle *data = conn->data;
+ size_t len;
- /* Point to the service and host */
+ /* Point to the username, password, service and host */
+ const char *userp;
+ const char *passwdp;
const char *service;
const char *host;
@@ -48,29 +51,50 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
struct negotiatedata *neg_ctx;
if(proxy) {
+ userp = conn->proxyuser;
+ passwdp = conn->proxypasswd;
service = data->set.str[STRING_PROXY_SERVICE_NAME];
host = conn->host.name;
neg_ctx = &data->state.proxyneg;
}
else {
+ userp = conn->user;
+ passwdp = conn->passwd;
service = data->set.str[STRING_SERVICE_NAME];
host = conn->proxy.name;
neg_ctx = &data->state.negotiate;
}
+ /* Not set means empty */
+ if(!userp)
+ userp = "";
+
+ if(!passwdp)
+ passwdp = "";
+
/* Obtain the input token, if any */
header += strlen("Negotiate");
while(*header && ISSPACE(*header))
header++;
+ len = strlen(header);
+ if(!len) {
+ /* Is this the first call in a new negotiation? */
+ if(neg_ctx->context) {
+ /* The server rejected our authentication and hasn't suppled any more
+ negotiation mechanisms */
+ return CURLE_LOGIN_DENIED;
+ }
+ }
+
/* Initilise the security context and decode our challenge */
- return Curl_auth_decode_spnego_message(data, NULL, NULL, service, host,
+ return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host,
header, neg_ctx);
}
CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
{
- struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
+ struct negotiatedata *neg_ctx = proxy ? &conn->data->state.proxyneg :
&conn->data->state.negotiate;
char *base64 = NULL;
size_t len = 0;
@@ -104,4 +128,4 @@ void Curl_cleanup_negotiate(struct SessionHandle *data)
Curl_auth_spnego_cleanup(&data->state.proxyneg);
}
-#endif /* HAVE_GSSAPI && !CURL_DISABLE_HTTP && USE_SPNEGO */
+#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */
diff --git a/lib/http_negotiate_sspi.c b/lib/http_negotiate_sspi.c
deleted file mode 100644
index c79b55102..000000000
--- a/lib/http_negotiate_sspi.c
+++ /dev/null
@@ -1,135 +0,0 @@
-/***************************************************************************
- * _ _ ____ _
- * Project ___| | | | _ \| |
- * / __| | | | |_) | |
- * | (__| |_| | _ <| |___
- * \___|\___/|_| \_\_____|
- *
- * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
- *
- * This software is licensed as described in the file COPYING, which
- * you should have received as part of this distribution. The terms
- * are also available at https://curl.haxx.se/docs/copyright.html.
- *
- * You may opt to use, copy, modify, merge, publish, distribute and/or sell
- * copies of the Software, and permit persons to whom the Software is
- * furnished to do so, under the terms of the COPYING file.
- *
- * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
- * KIND, either express or implied.
- *
- ***************************************************************************/
-
-#include "curl_setup.h"
-
-#ifdef USE_WINDOWS_SSPI
-
-#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)
-
-#include "urldata.h"
-#include "sendf.h"
-#include "rawstr.h"
-#include "vauth/vauth.h"
-#include "http_negotiate.h"
-#include "curl_printf.h"
-
-/* The last #include files should be: */
-#include "curl_memory.h"
-#include "memdebug.h"
-
-CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
- const char *header)
-{
- struct SessionHandle *data = conn->data;
- size_t len;
-
- /* Point to the username, password, service and host */
- const char *userp;
- const char *passwdp;
- const char *service;
- const char *host;
-
- /* Point to the correct struct with this */
- struct negotiatedata *neg_ctx;
-
- if(proxy) {
- userp = conn->proxyuser;
- passwdp = conn->proxypasswd;
- service = data->set.str[STRING_PROXY_SERVICE_NAME];
- host = conn->host.name;
- neg_ctx = &data->state.proxyneg;
- }
- else {
- userp = conn->user;
- passwdp = conn->passwd;
- service = data->set.str[STRING_SERVICE_NAME];
- host = conn->proxy.name;
- neg_ctx = &data->state.negotiate;
- }
-
- /* Not set means empty */
- if(!userp)
- userp = "";
-
- if(!passwdp)
- passwdp = "";
-
- /* Obtain the input token, if any */
- header += strlen("Negotiate");
- while(*header && ISSPACE(*header))
- header++;
-
- len = strlen(header);
- if(!len) {
- /* Is this the first call in a new negotiation? */
- if(neg_ctx->context) {
- /* The server rejected our authentication and hasn't suppled any more
- negotiation mechanisms */
- return CURLE_LOGIN_DENIED;
- }
- }
-
- /* Initilise the security context and decode our challenge */
- return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host,
- header, neg_ctx);
-}
-
-CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
-{
- struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
- &conn->data->state.negotiate;
- char *base64 = NULL;
- size_t len = 0;
- char *userp;
- CURLcode result;
-
- result = Curl_auth_create_spnego_message(conn->data, neg_ctx, &base64, &len);
- if(result)
- return result;
-
- userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "",
- base64);
-
- if(proxy) {
- Curl_safefree(conn->allocptr.proxyuserpwd);
- conn->allocptr.proxyuserpwd = userp;
- }
- else {
- Curl_safefree(conn->allocptr.userpwd);
- conn->allocptr.userpwd = userp;
- }
-
- free(base64);
-
- return (userp == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;
-}
-
-void Curl_cleanup_negotiate(struct SessionHandle *data)
-{
- Curl_auth_spnego_cleanup(&data->state.negotiate);
- Curl_auth_spnego_cleanup(&data->state.proxyneg);
-}
-
-#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */
-
-#endif /* USE_WINDOWS_SSPI */