summaryrefslogtreecommitdiff
path: root/lib/curl_sasl.h
Commit message (Collapse)AuthorAgeFilesLines
* misc: reduce struct and struct field sizesDaniel Stenberg2023-01-041-3/+3
| | | | | | | | | | | | - by using BIT() instead of bool - imap: shrink struct - ftp: make state 'unsigned char' - ftp: sort ftp_conn struct entries on size - urldata: use smaller fields for SSL version info storage - pop3: reduce the pop3_conn struct size - smtp: reduce the size of the smtp structs Closes #10186
* copyright: update all copyright lines and remove year rangesDaniel Stenberg2023-01-031-1/+1
| | | | | | | | | | | | - they are mostly pointless in all major jurisdictions - many big corporations and projects already don't use them - saves us from pointless churn - git keeps history for us - the year range is kept in COPYING checksrc is updated to allow non-year using copyright statements Closes #10205
* copyright: make repository REUSE compliantmax.mehl2022-06-131-0/+2
| | | | | | | | | | | Add licensing and copyright information for all files in this repository. This either happens in the file itself as a comment header or in the file `.reuse/dep5`. This commit also adds a Github workflow to check pull requests and adapts copyright.pl to the changes. Closes #8869
* urldata: remove conn->bits.user_passwdDaniel Stenberg2022-02-161-2/+2
| | | | | | | | | The authentication status should be told by the transfer and not the connection. Reported-by: John H. Ayad Fixes #8449 Closes #8451
* sasl: binary messagesPatrick Monnerat2021-10-021-28/+39
| | | | | | | | | | Capabilities of sasl module are extended to exchange messages in binary as an alternative to base64. If http authentication flags have been set, those are used as sasl default preferred mechanisms. Closes #6930
* sasl: use 'unsigned short' to store mechanismDaniel Stenberg2021-05-121-6/+6
| | | | | | | ... saves a few bytes of struct size in memory and it only uses 10 bits anyway. Closes #7045
* sasl: support SCRAM-SHA-1 and SCRAM-SHA-256 via libgsaslSimon Josefsson2021-02-091-0/+5
| | | | Closes #6372
* lib: remove conn->data usesPatrick Monnerat2021-01-241-2/+4
| | | | Closes #6499
* lib: pass in 'struct Curl_easy *' to most functionsDaniel Stenberg2021-01-171-3/+5
| | | | | | | | | | | | | | | | | | | | | ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
* copyright: fix year rangesDaniel Stenberg2020-11-051-1/+1
| | | | Follow-up from 4d2f8006777
* curl.se: new homeDaniel Stenberg2020-11-041-1/+1
| | | | Closes #6172
* internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg2016-06-221-1/+1
|
* vauth: Moved the NTLM authentication code to the new vauth directorySteve Holme2016-03-251-29/+0
|
* vauth: Moved the Kerberos V5 authentication code to the new vauth directorySteve Holme2016-03-251-28/+0
|
* vauth: Moved the DIGEST authentication code to the new vauth directorySteve Holme2016-03-251-44/+0
|
* vauth: Moved Curl_sasl_build_spn() to create the initial vauth source filesSteve Holme2016-03-251-11/+0
|
* digest: Use boolean based success code for Curl_sasl_digest_get_pair()Steve Holme2016-03-121-3/+3
| | | | | Rather than use a 0 and 1 integer base result code use a TRUE / FALSE based success code.
* URLs: change all http:// URLs to https://Daniel Stenberg2016-02-031-1/+1
|
* oauth2: Support OAUTHBEARER failures sent as continuation responsesSteve Holme2015-11-151-0/+1
| | | | | | | According to RFC7628 a failure message may be sent by the server in a base64 encoded JSON string as a continuation response. Currently only implemented for OAUTHBEARER and not XAUTH2.
* oauth2: Added support for OAUTHBEARER SASL mechanism to IMAP, POP3 and SNMPSteve Holme2015-11-141-8/+10
| | | | | | OAUTHBEARER is now the official "registered" SASL mechanism name for OAuth 2.0. However, we don't want to drop support for XOAUTH2 as some servers won't support the new mechanism yet.
* sasl: Re-introduced XOAUTH2 in the default enabled authentication mechanismSteve Holme2015-11-121-2/+1
| | | | | | | | | Following the fix in commit d6d58dd558 it is necessary to re-introduce XOAUTH2 in the default enabled authentication mechanism, which was removed in commit 7b2012f262, otherwise users will have to specify AUTH=XOAUTH2 in the URL. Note: OAuth 2.0 will only be used when the bearer is specified.
* oauth2: Re-factored OAuth 2.0 state variableSteve Holme2015-11-121-1/+1
|
* sasl: Only define Curl_sasl_digest_get_pair() when CRYPTO_AUTH enabledSteve Holme2015-08-311-4/+3
| | | | | | Introduced in commit 59f3f92ba6 this function is only implemented when CURL_DISABLE_CRYPTO_AUTH is not defined. As such we shouldn't define the function in the header file either.
* sasl: Updated SPN variables and comments for consistencySteve Holme2015-08-311-1/+1
| | | | | In places the "host name" and "realm" variable was referred to as "instance" whilst in others it was referred to as "host".
* sasl_sspi: Populate domain from the realm in the challengeGrant Pannell2015-04-261-0/+9
| | | | | | Without this, SSPI based digest auth was broken. Bug: https://github.com/bagder/curl/pull/141.patch
* sasl: remove XOAUTH2 from default enabled authentication mechanism.Patrick Monnerat2015-01-271-1/+2
|
* sasl: implement EXTERNAL authentication mechanism.Patrick Monnerat2015-01-271-4/+9
| | | | | Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and by not setting the password.
* curl_sasl: Minor code policing following recent commitsSteve Holme2015-01-221-1/+1
|
* SASL: make some procedures local-scopedPatrick Monnerat2015-01-201-29/+0
|
* SASL: common state engine for imap/pop3/smtpPatrick Monnerat2015-01-201-1/+53
|
* SASL: common URL option and auth capabilities decoders for all protocolsPatrick Monnerat2015-01-201-0/+12
|
* IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.Patrick Monnerat2015-01-201-0/+8
|
* sasl_gssapi: Make Curl_sasl_build_gssapi_spn() publicSteve Holme2015-01-181-1/+5
|
* kerberos: Use symbol qualified with _KERBEROS5Michael Osipov2014-11-161-3/+3
| | | | For consistency renamed USE_KRB5 to USE_KERBEROS5.
* sasl: Moved Curl_sasl_gssapi_cleanup() definition into header fileSteve Holme2014-11-141-0/+3
| | | | | | | | Rather than define the function as extern in the source files that use it, moved the function declaration into the SASL header file just like the Digest and NTLM clean-up functions. Additionally, added a function description comment block.
* ntlm: Moved the native Target Info clean-up from HTTP specific functionSteve Holme2014-11-091-2/+0
|
* ntlm: Moved SSPI clean-up code into SASL moduleSteve Holme2014-11-091-0/+5
|
* sasl: Fixed compilation warning from commit 25264131e2Steve Holme2014-11-051-0/+7
| | | | | | | | | | Added forward declaration of digestdata to overcome the following compilation warning: warning: 'struct digestdata' declared inside parameter list Additionally made the ntlmdata forward declaration dependent on USE_NTLM similar to how digestdata and kerberosdata are.
* http_digest: Moved response generation into SASL moduleSteve Holme2014-11-051-0/+9
|
* http_digest: Moved challenge decoding into SASL moduleSteve Holme2014-11-051-0/+4
|
* http_digest: Moved clean-up function into SASL moduleSteve Holme2014-11-051-0/+3
|
* http_digest: Moved algorithm definitions to SASL moduleSteve Holme2014-11-051-0/+5
|
* sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is usedSteve Holme2014-11-021-3/+3
| | | | | | | | | | | Typically the USE_WINDOWS_SSPI definition would not be used when the CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication data structures and functions would incorrectly be used when they shouldn't be. Introduced a new USE_KRB5 definition that takes into account the use of CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
* curl_sasl.h: Fixed compilation error from commit 4b491c675fSteve Holme2014-08-141-0/+4
| | | | | | warning: 'struct kerberos5data' declared inside parameter list Due to missing forward declaration.
* sasl_sspi: Added GSSAPI message functionsSteve Holme2014-08-141-0/+21
|
* sasl: Introduced Curl_sasl_build_spn() for building a SPNSteve Holme2014-08-091-0/+7
| | | | | | | | | | | | Various parts of the libcurl source code build a SPN for inclusion in authentication data. This information is either used by our own native generation routines or passed to authentication functions in third-party libraries such as SSPI. However, some of these instances use fixed buffers rather than dynamically allocated ones and not all of those that should, convert to wide character strings in Unicode builds. Implemented a common function that generates a SPN and performs the wide character conversion where necessary.
* sasl: Added forward declaration of structures following recent changesSteve Holme2014-04-061-1/+5
| | | | | | To avoid urldata.h being included from the header file or that the source file has the correct include order as highlighted by one of the auto builds recently.
* sasl: Corrected add of Curl_sasl_decode_digest_md5_message() from 2c49e96092Steve Holme2014-04-061-6/+0
|
* sasl: Corrected pre-processor inclusion of SSPI based DIGEST-MD5 codeSteve Holme2014-04-061-2/+0
| | | | | | | When CURL_DISABLE_CRYPTO_AUTH is defined the DIGEST-MD5 code should not be included, regardless of whether USE__WINDOWS_SSPI is defined or not. This is indicated by the definition of USE_HTTP_NEGOTIATE and USE_NTLM in curl_setup.h.
* sasl: Added initial stub functions for SSPI DIGEST-MD supportSteve Holme2014-04-051-0/+8
|
View Lorry Controller Status