summaryrefslogtreecommitdiff
path: root/lib/curl_sasl.c
Commit message (Collapse)AuthorAgeFilesLines
* cppcheck: fix warningsMarian Klymov2018-06-111-2/+1
| | | | | | | | | | | | | - Get rid of variable that was generating false positive warning (unitialized) - Fix issues in tests - Reduce scope of several variables all over etc Closes #2631
* ntlm_sspi: fix authentication using Credential Managertoughengineer2018-04-161-6/+8
| | | | | | | | | | | | | If you pass empty user/pass asking curl to use Windows Credential Storage (as stated in the docs) and it has valid credentials for the domain, e.g. curl -v -u : --ntlm example.com currently authentication fails. This change fixes it by providing proper SPN string to the SSPI API calls. Fixes https://github.com/curl/curl/issues/1622 Closes https://github.com/curl/curl/pull/1660
* sasl: prefer PLAIN mechanism over LOGINPatrick Monnerat2018-02-211-10/+10
| | | | | SASL PLAIN is a standard, LOGIN only a draft. The LOGIN draft says PLAIN should be used instead if available.
* Curl_base64_encode: always call with a real data handle.Patrick Monnerat2017-09-021-2/+4
| | | | | Some calls in different modules were setting the data handle to NULL, causing segmentation faults when using builds that enable character code conversions.
* curl_sasl: fix unused-variable warningMarcel Raad2017-06-031-1/+4
| | | | | | | | This fixes the following warning with CURL_DISABLE_CRYPTO_AUTH, as seen in the autobuilds: curl_sasl.c:417:9: warning: unused variable 'serverdata' [-Wunused-variable]
* curl_sasl: fix build error with CURL_DISABLE_CRYPTO_AUTH + USE_NTLMDaniel Stenberg2017-05-161-2/+2
| | | | | Reported-by: wyattoday at github Fixes #1487
* curl_sasl: declare mechtable staticMartin Kepplinger2017-04-041-1/+1
| | | | struct mechtable is only used locally here. It can be declared static.
* checksrc: code style: use 'char *name' styleDaniel Stenberg2016-11-241-3/+3
|
* HTTPS-proxy: fixed mbedtls and polishingOkhin Vasilij2016-11-241-4/+10
|
* strcasecompare: all case insensitive string compares ignore locale nowDaniel Stenberg2016-10-311-1/+0
| | | | | We had some confusions on when each function was used. We should not act differently on different locales anyway.
* strcasecompare: is the new name for strequal()Daniel Stenberg2016-10-311-2/+1
| | | | | | | ... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-").
* sasl: Don't use GSSAPI authentication when domain name not specifiedSteve Holme2016-08-211-1/+2
| | | | | | | Only choose the GSSAPI authentication mechanism when the user name contains a Windows domain name or the user is a valid UPN. Fixes #718
* sasl: Added calls to Curl_auth_is_<mechansism>_supported()Steve Holme2016-08-201-3/+4
| | | | | | | Hooked up the SASL authentication layer to query the new 'is mechanism supported' functions when deciding what mechanism to use. For now existing functionality is maintained.
* internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg2016-06-221-2/+2
|
* lib: include curl_printf.h as one of the last headersDaniel Stenberg2016-04-291-2/+1
| | | | | | | | | | | | | | | | | | | | curl_printf.h defines printf to curl_mprintf, etc. This can cause problems with external headers which may use __attribute__((format(printf, ...))) markers etc. To avoid that they cause problems with system includes, we include curl_printf.h after any system headers. That makes the three last headers to always be, and we keep them in this order: curl_printf.h curl_memory.h memdebug.h None of them include system headers, they all do funny #defines. Reported-by: David Benjamin Fixes #743
* sasl: Fixed compilation errors from commit 9d89a0387Steve Holme2016-04-091-1/+5
| | | | ...when GSS-API or Windows SSPI are not used.
* ftp/imap/pop3/smtp: Allow the service name to be overriddenSteve Holme2016-04-081-3/+9
| | | | | Allow the service name to be overridden for DIGIST-MD5 and Kerberos 5 authentication in FTP, IMAP, POP3 and SMTP.
* curl_sasl: Fixed potential null pointer utilisationSteve Holme2016-04-031-7/+5
| | | | | | | | | | | | Although this should never happen due to the relationship between the 'mech' and 'resp' variables, and the way they are allocated together, it does cause problems for code analysis tools: V595 The 'mech' pointer was utilized before it was verified against nullptr. Check lines: 376, 381. curl_sasl.c 376 Bug: https://github.com/curl/curl/issues/745 Reported-by: Alexis La Goutte
* krb5: Moved host from Curl_auth_create_gssapi_user_message() to be argumentSteve Holme2016-04-021-1/+5
| | | | | | | | For consistency with the spnego and oauth2 code moved the setting of the host name outside of the Curl_auth_create_gssapi_user_messag() function. This will allow us to more easily override it in the future.
* vauth: Refactored function names after move to new vauth directorySteve Holme2016-03-251-42/+44
| | | | | Renamed all the SASL functions that moved to the new vauth directory to include the correct module name.
* vauth: Moved the OAuth 2.0 authentication code to the new vauth directorySteve Holme2016-03-251-49/+0
|
* vauth: Moved the NTLM authentication code to the new vauth directorySteve Holme2016-03-251-21/+0
|
* vauth: Moved the DIGEST authentication code to the new vauth directorySteve Holme2016-03-251-837/+0
|
* vauth: Moved the CRAM-MD5 authentication code to the new vauth directorySteve Holme2016-03-251-100/+1
|
* vauth: Moved the ClearText authentication code to the new vauth directorySteve Holme2016-03-251-113/+0
|
* vauth: Moved Curl_sasl_build_spn() to create the initial vauth source filesSteve Holme2016-03-251-20/+1
|
* ftp/imap/pop3/smtp: Fixed compilation warning when /Wall enabledSteve Holme2016-03-191-6/+9
| | | | warning C4706: assignment within conditional expression
* curl_sasl.c: minor code indent fixesDaniel Stenberg2016-03-141-29/+29
|
* digest: Use boolean based success code for Curl_sasl_digest_get_pair()Steve Holme2016-03-121-11/+10
| | | | | Rather than use a 0 and 1 integer base result code use a TRUE / FALSE based success code.
* digest: Corrected some typos in commentsSteve Holme2016-03-121-9/+9
|
* ntlm: Corrected some typos in function descriptionsSteve Holme2016-03-121-4/+4
|
* curl_sasl: Fix memory leak in digest parserEmil Lerner2016-02-191-0/+6
| | | | | | | If any parameter in a HTTP DIGEST challenge message is present multiple times, memory allocated for all but the last entry should be freed. Bug: https://github.com/curl/curl/pull/667
* URLs: change all http:// URLs to https://Daniel Stenberg2016-02-031-1/+1
|
* sasl; fix checksrc warningsDaniel Stenberg2015-11-151-4/+6
|
* oauth2: Support OAUTHBEARER failures sent as continuation responsesSteve Holme2015-11-151-2/+30
| | | | | | | According to RFC7628 a failure message may be sent by the server in a base64 encoded JSON string as a continuation response. Currently only implemented for OAUTHBEARER and not XAUTH2.
* oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMPSteve Holme2015-11-141-13/+34
| | | | | | OAUTHBEARER is now the official "registered" SASL mechanism name for OAuth 2.0. However, we don't want to drop support for XOAUTH2 as some servers won't support the new mechanism yet.
* sasl: Re-introduced XOAUTH2 in the default enabled authentication mechanismSteve Holme2015-11-121-2/+1
| | | | | | | | | Following the fix in commit d6d58dd558 it is necessary to re-introduce XOAUTH2 in the default enabled authentication mechanism, which was removed in commit 7b2012f262, otherwise users will have to specify AUTH=XOAUTH2 in the URL. Note: OAuth 2.0 will only be used when the bearer is specified.
* oauth2: Re-factored OAuth 2.0 state variableSteve Holme2015-11-121-3/+3
|
* sasl: Don't choose OAuth 2.0 if mechanism not advertisedSteve Holme2015-11-121-1/+2
| | | | | | Regression from commit 9e8ced9890 which meant if --oauth2-bearer was specified but the SASL mechanism wasn't supported by the server then the mechanism would be chosen.
* oauth2: Introduced support for host and port detailsSteve Holme2015-11-111-5/+18
| | | | | | Added support to the OAuth 2.0 message function for host and port, in order to accommodate the official OAUTHBEARER SASL mechanism which is to be added shortly.
* oauth2: Don't use XAUTH2 in OAuth 2.0 function nameSteve Holme2015-11-091-10/+10
|
* oauth2: Don't use XOAUTH2 in OAuth 2.0 variablesSteve Holme2015-11-091-3/+4
|
* sasl: Updated SPN variables and comments for consistencySteve Holme2015-08-311-4/+4
| | | | | In places the "host name" and "realm" variable was referred to as "instance" whilst in others it was referred to as "host".
* sasl_sspi: Populate domain from the realm in the challengeGrant Pannell2015-04-261-6/+8
| | | | | | Without this, SSPI based digest auth was broken. Bug: https://github.com/bagder/curl/pull/141.patch
* curl_memory: make curl_memory.h the second-last header file loadedDan Fandrich2015-03-241-2/+2
| | | | | | | This header file must be included after all header files except memdebug.h, as it does similar memory function redefinitions and can be similarly affected by conflicting definitions in system or dependent library headers.
* free: instead of Curl_safefree()Daniel Stenberg2015-03-161-22/+22
| | | | | | | | | | | | Since we just started make use of free(NULL) in order to simplify code, this change takes it a step further and: - converts lots of Curl_safefree() calls to good old free() - makes Curl_safefree() not check the pointer before free() The (new) rule of thumb is: if you really want a function call that frees a pointer and then assigns it to NULL, then use Curl_safefree(). But we will prefer just using free() from now on.
* mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg2015-03-031-3/+1
| | | | | ... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
* curl_sasl.c: More code policingSteve Holme2015-02-021-9/+10
| | | | | Better use of 80 character line limit, comment corrections and line spacing preferences.
* curl_sasl.c: Fixed compilation warning when cryptography is disabledSteve Holme2015-01-291-1/+1
| | | | curl_sasl.c:1506: warning: unused variable 'chlg'
* curl_sasl.c: Fixed compilation warning when verbose debug output disabledSteve Holme2015-01-281-0/+2
| | | | curl_sasl.c:1317: warning: unused parameter 'conn'