summaryrefslogtreecommitdiff
path: root/lib/socks_gssapi.c
Commit message (Collapse)AuthorAgeFilesLines
* infof: remove newline from format strings, always append itDaniel Stenberg2021-07-071-3/+3
| | | | | | | | | | | | | | | | - the data needs to be "line-based" anyway since it's also passed to the debug callback/application - it makes infof() work like failf() and consistency is good - there's an assert that triggers on newlines in the format string - Also removes a few instances of "..." - Removes the code that would append "..." to the end of the data *iff* it was truncated in infof() Closes #7357
* tidy-up: make conditional checks more consistentDaniel Stenberg2021-04-221-1/+1
| | | | | | ... remove '== NULL' and '!= 0' Closes #6912
* lib: more conn->data cleanupsDaniel Stenberg2021-01-191-6/+6
| | | | Closes #6479
* lib: pass in 'struct Curl_easy *' to most functionsDaniel Stenberg2021-01-171-6/+6
| | | | | | | | | | | | | | | | | | | | | ... in most cases instead of 'struct connectdata *' but in some cases in addition to. - We mostly operate on transfers and not connections. - We need the transfer handle to log, store data and more. Everything in libcurl is driven by a transfer (the CURL * in the public API). - This work clarifies and separates the transfers from the connections better. - We should avoid "conn->data". Since individual connections can be used by many transfers when multiplexing, making sure that conn->data points to the current and correct transfer at all times is difficult and has been notoriously error-prone over the years. The goal is to ultimately remove the conn->data pointer for this reason. Closes #6425
* failf: remove newline from formatting stringsDaniel Stenberg2020-12-251-1/+1
| | | | | | | | | ... as failf adds one itself. Also: add an assert() to failf() that triggers on a newline in the format string! Closes #6365
* infof/failf calls: fix format specifiersRikard Falkeborn2020-11-241-2/+2
| | | | | | Update a few format specifiers to match what is being printed. Closes #6241
* curl.se: new homeDaniel Stenberg2020-11-041-1/+1
| | | | Closes #6172
* all: fix codespell errorsViktor Szakats2020-05-251-1/+1
| | | | | | Reviewed-by: Jay Satiro Reviewed-by: Daniel Stenberg Closes https://github.com/curl/curl/pull/5452
* checksrc: enhance the ASTERISKSPACE and update code accordinglyDaniel Stenberg2020-05-141-1/+1
| | | | | | | | Fine: "struct hello *world" Not fine: "struct hello* world" (and variations) Closes #5386
* cleanup: insert newline after if() conditionsDaniel Stenberg2020-03-301-1/+2
| | | | | Our code style mandates we put the conditional block on a separate line. These mistakes are now detected by the updated checksrc.
* socks: make the connect phase non-blockingDaniel Stenberg2020-02-171-1/+5
| | | | | | Removes two entries from KNOWN_BUGS. Closes #4907
* snprintf: renamed and we now only use msnprintf()Daniel Stenberg2018-11-231-3/+3
| | | | | | | | | | | The function does not return the same value as snprintf() normally does, so readers may be mislead into thinking the code works differently than it actually does. A different function name makes this easier to detect. Reported-by: Tomas Hoger Assisted-by: Daniel Gustafsson Fixes #3296 Closes #3297
* code style: use spaces around plusesDaniel Stenberg2017-09-111-12/+13
|
* code style: use spaces around equals signsDaniel Stenberg2017-09-111-18/+18
|
* checksrc: stricter no-space-before-paren enforcementDaniel Stenberg2016-12-131-3/+3
| | | | In order to make the code style more uniform everywhere
* checksrc: white space edits to comply to stricter checksrcDaniel Stenberg2016-11-241-2/+2
|
* checksrc: code style: use 'char *name' styleDaniel Stenberg2016-11-241-1/+1
|
* proxy: Support HTTPS proxy and SOCKS+HTTP(s)Alex Rousskov2016-11-241-5/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * HTTPS proxies: An HTTPS proxy receives all transactions over an SSL/TLS connection. Once a secure connection with the proxy is established, the user agent uses the proxy as usual, including sending CONNECT requests to instruct the proxy to establish a [usually secure] TCP tunnel with an origin server. HTTPS proxies protect nearly all aspects of user-proxy communications as opposed to HTTP proxies that receive all requests (including CONNECT requests) in vulnerable clear text. With HTTPS proxies, it is possible to have two concurrent _nested_ SSL/TLS sessions: the "outer" one between the user agent and the proxy and the "inner" one between the user agent and the origin server (through the proxy). This change adds supports for such nested sessions as well. A secure connection with a proxy requires its own set of the usual SSL options (their actual descriptions differ and need polishing, see TODO): --proxy-cacert FILE CA certificate to verify peer against --proxy-capath DIR CA directory to verify peer against --proxy-cert CERT[:PASSWD] Client certificate file and password --proxy-cert-type TYPE Certificate file type (DER/PEM/ENG) --proxy-ciphers LIST SSL ciphers to use --proxy-crlfile FILE Get a CRL list in PEM format from the file --proxy-insecure Allow connections to proxies with bad certs --proxy-key KEY Private key file name --proxy-key-type TYPE Private key file type (DER/PEM/ENG) --proxy-pass PASS Pass phrase for the private key --proxy-ssl-allow-beast Allow security flaw to improve interop --proxy-sslv2 Use SSLv2 --proxy-sslv3 Use SSLv3 --proxy-tlsv1 Use TLSv1 --proxy-tlsuser USER TLS username --proxy-tlspassword STRING TLS password --proxy-tlsauthtype STRING TLS authentication type (default SRP) All --proxy-foo options are independent from their --foo counterparts, except --proxy-crlfile which defaults to --crlfile and --proxy-capath which defaults to --capath. Curl now also supports %{proxy_ssl_verify_result} --write-out variable, similar to the existing %{ssl_verify_result} variable. Supported backends: OpenSSL, GnuTLS, and NSS. * A SOCKS proxy + HTTP/HTTPS proxy combination: If both --socks* and --proxy options are given, Curl first connects to the SOCKS proxy and then connects (through SOCKS) to the HTTP or HTTPS proxy. TODO: Update documentation for the new APIs and --proxy-* options. Look for "Added in 7.XXX" marks.
* internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg2016-06-221-2/+2
|
* lib: include curl_printf.h as one of the last headersDaniel Stenberg2016-04-291-2/+3
| | | | | | | | | | | | | | | | | | | | curl_printf.h defines printf to curl_mprintf, etc. This can cause problems with external headers which may use __attribute__((format(printf, ...))) markers etc. To avoid that they cause problems with system includes, we include curl_printf.h after any system headers. That makes the three last headers to always be, and we keep them in this order: curl_printf.h curl_memory.h memdebug.h None of them include system headers, they all do funny #defines. Reported-by: David Benjamin Fixes #743
* CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAMESteve Holme2016-04-091-1/+2
| | | | | | | | | As these two options provide identical functionality, the former for SOCK5 proxies and the latter for HTTP proxies, merged the two options together. As such CURLOPT_SOCKS5_GSSAPI_SERVICE is marked as deprecated as of 7.49.0.
* URLs: change all http:// URLs to https://Daniel Stenberg2016-02-031-1/+1
|
* checksrc: use space after commaDaniel Stenberg2015-03-171-17/+17
|
* checksrc: use space before paren in "return (expr);"Daniel Stenberg2015-03-171-2/+2
|
* mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg2015-03-031-4/+1
| | | | | ... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
* gssapi: Remove need for duplicated GSS_C_NT_HOSTBASED_SERVICE definitionsSteve Holme2015-01-091-14/+4
| | | | Better code reuse and consistency in calls to gss_import_name().
* sasl_gssapi: Fixed honouring of no mutual authenticationSteve Holme2014-12-041-0/+1
|
* code cleanup: we prefer 'CURLcode result'Daniel Stenberg2014-10-241-10/+10
| | | | | | | | | | | | | | ... for the local variable name in functions holding the return code. Using the same name universally makes code easier to read and follow. Also, unify code for checking for CURLcode errors with: if(result) or if(!result) instead of if(result == CURLE_OK), if(CURLE_OK == result) or if(result != CURLE_OK)
* GSSAPI: remove useless *_MECHANISM defines.Patrick Monnerat2014-07-231-1/+1
|
* docs: Improve inline GSS-API naming in code documentationMichael Osipov2014-07-231-28/+28
|
* curl_gssapi: Add macros for common mechs and pass them appropriatelyMichael Osipov2014-07-231-1/+1
| | | | | Macros defined: KRB5_MECHANISM and SPNEGO_MECHANISM called from HTTP, FTP and SOCKS on Unix
* Use SPNEGO for HTTP NegotiateDavid Woodhouse2014-07-161-0/+1
| | | | | | | | This is the correct way to do SPNEGO. Just ask for it Now I correctly see it trying NTLMSSP authentication when a Kerberos ticket isn't available. Of course, we bail out when the server responds with the challenge packet, since we don't expect that. But I'll fix that bug next...
* build: fix circular header inclusion with other packagesYang Tse2013-01-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit renames lib/setup.h to lib/curl_setup.h and renames lib/setup_once.h to lib/curl_setup_once.h. Removes the need and usage of a header inclusion guard foreign to libcurl. [1] Removes the need and presence of an alarming notice we carried in old setup_once.h [2] ---------------------------------------- 1 - lib/setup_once.h used __SETUP_ONCE_H macro as header inclusion guard up to commit ec691ca3 which changed this to HEADER_CURL_SETUP_ONCE_H, this single inclusion guard is enough to ensure that inclusion of lib/setup_once.h done from lib/setup.h is only done once. Additionally lib/setup.h has always used __SETUP_ONCE_H macro to protect inclusion of setup_once.h even after commit ec691ca3, this was to avoid a circular header inclusion triggered when building a c-ares enabled version with c-ares sources available which also has a setup_once.h header. Commit ec691ca3 exposes the real nature of __SETUP_ONCE_H usage in lib/setup.h, it is a header inclusion guard foreign to libcurl belonging to c-ares's setup_once.h The renaming this commit does, fixes the circular header inclusion, and as such removes the need and usage of a header inclusion guard foreign to libcurl. Macro __SETUP_ONCE_H no longer used in libcurl. 2 - Due to the circular interdependency of old lib/setup_once.h and the c-ares setup_once.h header, old file lib/setup_once.h has carried back from 2006 up to now days an alarming and prominent notice about the need of keeping libcurl's and c-ares's setup_once.h in sync. Given that this commit fixes the circular interdependency, the need and presence of mentioned notice is removed. All mentioned interdependencies come back from now old days when the c-ares project lived inside a curl subdirectory. This commit removes last traces of such fact.
* Revert changes relative to lib/*.[ch] recent renamingYang Tse2013-01-061-0/+533
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This reverts renaming and usage of lib/*.h header files done 28-12-2012, reverting 2 commits: f871de0... build: make use of 76 lib/*.h renamed files ffd8e12... build: rename 76 lib/*.h files This also reverts removal of redundant include guard (redundant thanks to changes in above commits) done 2-12-2013, reverting 1 commit: c087374... curl_setup.h: remove redundant include guard This also reverts renaming and usage of lib/*.c source files done 3-12-2013, reverting 3 commits: 13606bb... build: make use of 93 lib/*.c renamed files 5b6e792... build: rename 93 lib/*.c files 7d83dff... build: commit 13606bbfde follow-up 1 Start of related discussion thread: http://curl.haxx.se/mail/lib-2013-01/0012.html Asking for confirmation on pushing this revertion commit: http://curl.haxx.se/mail/lib-2013-01/0048.html Confirmation summary: http://curl.haxx.se/mail/lib-2013-01/0079.html NOTICE: The list of 2 files that have been modified by other intermixed commits, while renamed, and also by at least one of the 6 commits this one reverts follows below. These 2 files will exhibit a hole in history unless git's '--follow' option is used when viewing logs. lib/curl_imap.h lib/curl_smtp.h
* build: rename 93 lib/*.c filesYang Tse2013-01-031-533/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 93 lib/*.c source files renamed to use our standard naming scheme. This commit only does the file renaming. ---------------------------------------- renamed: lib/amigaos.c -> lib/curl_amigaos.c renamed: lib/asyn-ares.c -> lib/curl_asyn_ares.c renamed: lib/asyn-thread.c -> lib/curl_asyn_thread.c renamed: lib/axtls.c -> lib/curl_axtls.c renamed: lib/base64.c -> lib/curl_base64.c renamed: lib/bundles.c -> lib/curl_bundles.c renamed: lib/conncache.c -> lib/curl_conncache.c renamed: lib/connect.c -> lib/curl_connect.c renamed: lib/content_encoding.c -> lib/curl_content_encoding.c renamed: lib/cookie.c -> lib/curl_cookie.c renamed: lib/cyassl.c -> lib/curl_cyassl.c renamed: lib/dict.c -> lib/curl_dict.c renamed: lib/easy.c -> lib/curl_easy.c renamed: lib/escape.c -> lib/curl_escape.c renamed: lib/file.c -> lib/curl_file.c renamed: lib/fileinfo.c -> lib/curl_fileinfo.c renamed: lib/formdata.c -> lib/curl_formdata.c renamed: lib/ftp.c -> lib/curl_ftp.c renamed: lib/ftplistparser.c -> lib/curl_ftplistparser.c renamed: lib/getenv.c -> lib/curl_getenv.c renamed: lib/getinfo.c -> lib/curl_getinfo.c renamed: lib/gopher.c -> lib/curl_gopher.c renamed: lib/gtls.c -> lib/curl_gtls.c renamed: lib/hash.c -> lib/curl_hash.c renamed: lib/hmac.c -> lib/curl_hmac.c renamed: lib/hostasyn.c -> lib/curl_hostasyn.c renamed: lib/hostcheck.c -> lib/curl_hostcheck.c renamed: lib/hostip.c -> lib/curl_hostip.c renamed: lib/hostip4.c -> lib/curl_hostip4.c renamed: lib/hostip6.c -> lib/curl_hostip6.c renamed: lib/hostsyn.c -> lib/curl_hostsyn.c renamed: lib/http.c -> lib/curl_http.c renamed: lib/http_chunks.c -> lib/curl_http_chunks.c renamed: lib/http_digest.c -> lib/curl_http_digest.c renamed: lib/http_negotiate.c -> lib/curl_http_negotiate.c renamed: lib/http_negotiate_sspi.c -> lib/curl_http_negotiate_sspi.c renamed: lib/http_proxy.c -> lib/curl_http_proxy.c renamed: lib/idn_win32.c -> lib/curl_idn_win32.c renamed: lib/if2ip.c -> lib/curl_if2ip.c renamed: lib/imap.c -> lib/curl_imap.c renamed: lib/inet_ntop.c -> lib/curl_inet_ntop.c renamed: lib/inet_pton.c -> lib/curl_inet_pton.c renamed: lib/krb4.c -> lib/curl_krb4.c renamed: lib/krb5.c -> lib/curl_krb5.c renamed: lib/ldap.c -> lib/curl_ldap.c renamed: lib/llist.c -> lib/curl_llist.c renamed: lib/md4.c -> lib/curl_md4.c renamed: lib/md5.c -> lib/curl_md5.c renamed: lib/memdebug.c -> lib/curl_memdebug.c renamed: lib/mprintf.c -> lib/curl_mprintf.c renamed: lib/multi.c -> lib/curl_multi.c renamed: lib/netrc.c -> lib/curl_netrc.c renamed: lib/non-ascii.c -> lib/curl_non_ascii.c renamed: lib/curl_non-ascii.h -> lib/curl_non_ascii.h renamed: lib/nonblock.c -> lib/curl_nonblock.c renamed: lib/nss.c -> lib/curl_nss.c renamed: lib/nwlib.c -> lib/curl_nwlib.c renamed: lib/nwos.c -> lib/curl_nwos.c renamed: lib/openldap.c -> lib/curl_openldap.c renamed: lib/parsedate.c -> lib/curl_parsedate.c renamed: lib/pingpong.c -> lib/curl_pingpong.c renamed: lib/polarssl.c -> lib/curl_polarssl.c renamed: lib/pop3.c -> lib/curl_pop3.c renamed: lib/progress.c -> lib/curl_progress.c renamed: lib/qssl.c -> lib/curl_qssl.c renamed: lib/rawstr.c -> lib/curl_rawstr.c renamed: lib/rtsp.c -> lib/curl_rtsp.c renamed: lib/security.c -> lib/curl_security.c renamed: lib/select.c -> lib/curl_select.c renamed: lib/sendf.c -> lib/curl_sendf.c renamed: lib/share.c -> lib/curl_share.c renamed: lib/slist.c -> lib/curl_slist.c renamed: lib/smtp.c -> lib/curl_smtp.c renamed: lib/socks.c -> lib/curl_socks.c renamed: lib/socks_gssapi.c -> lib/curl_socks_gssapi.c renamed: lib/socks_sspi.c -> lib/curl_socks_sspi.c renamed: lib/speedcheck.c -> lib/curl_speedcheck.c renamed: lib/splay.c -> lib/curl_splay.c renamed: lib/ssh.c -> lib/curl_ssh.c renamed: lib/sslgen.c -> lib/curl_sslgen.c renamed: lib/ssluse.c -> lib/curl_ssluse.c renamed: lib/strdup.c -> lib/curl_strdup.c renamed: lib/strequal.c -> lib/curl_strequal.c renamed: lib/strerror.c -> lib/curl_strerror.c renamed: lib/strtok.c -> lib/curl_strtok.c renamed: lib/strtoofft.c -> lib/curl_strtoofft.c renamed: lib/telnet.c -> lib/curl_telnet.c renamed: lib/tftp.c -> lib/curl_tftp.c renamed: lib/timeval.c -> lib/curl_timeval.c renamed: lib/transfer.c -> lib/curl_transfer.c renamed: lib/url.c -> lib/curl_url.c renamed: lib/version.c -> lib/curl_version.c renamed: lib/warnless.c -> lib/curl_warnless.c renamed: lib/wildcard.c -> lib/curl_wildcard.c ----------------------------------------
* build: make use of 76 lib/*.h renamed filesYang Tse2012-12-281-8/+8
| | | | | | 76 private header files renamed to use our standard naming scheme. This change affects 322 files in libcurl's source tree.
* Fix bad failf() and info() usageYang Tse2012-06-141-1/+2
| | | | | | | Calls to failf() are not supposed to provide trailing newline. Calls to infof() must provide trailing newline. Fixed 30 or so strings.
* SOCKS: fix the connect timeoutDaniel Stenberg2011-08-081-12/+4
| | | | | | | The connect timeout logic when using SOCKS was done wrong Bug: http://curl.haxx.se/mail/lib-2011-07/0177.html Reported by: "Spoon Man"
* Add new CURLOPT_GSSAPI_DELEGATION option.Adam Tkac2011-08-031-1/+2
| | | | | | Curl_gss_init_sec_context got new parameter - SessionHandle. Signed-off-by: Adam Tkac <atkac@redhat.com>
* Avoid a "shadows global declaration" warning on old MIT KerberosDan Fandrich2011-07-281-0/+1
| | | | | | Defining NCOMPAT eliminates the backwards-compatibility macros that are the source of the problem and which we don't need, anyway.
* stdio.h, stdlib.h, string.h, stdarg.h and ctype.h inclusion done in setup_once.hYang Tse2011-07-261-5/+0
|
* gssapi: rename our files to avoid conflictsDaniel Stenberg2011-07-131-1/+1
| | | | | | | | | gssapi.h is used as a header name by Heimdal-style GSSAPI so it would conflict with a private header using that name, and while renaming the header I figured we should name the .c file accordingly as well. Bug: http://curl.haxx.se/mail/lib-2011-07/0071.html Reported by: Ben Greear
* gssapi.c: Simplified the function.Julien Chaffraix2011-07-121-9/+3
| | | | Removed the parameters that were common to all our invocation.
* Added Curl_gss_init_sec_context.Julien Chaffraix2011-07-121-13/+14
| | | | | This function wraps our calls to gss_init_sec_context so that we have a unified way to talk to GSSAPI.
* compiler warning: fixYang Tse2011-05-261-2/+3
| | | | Fix compiler warning: conversion may lose significant bits
* source cleanup: unify look, style and indent levelsDaniel Stenberg2011-04-271-2/+3
| | | | | By the use of a the new lib/checksrc.pl script that checks that our basic source style rules are followed.
* Changed some nonportable typesDan Fandrich2011-04-051-1/+1
|
* scan-build warningDaniel Stenberg2011-03-161-3/+1
| | | | Value stored to 'len' is never read
* Curl_timeleft: s/conn/data in first argumentDaniel Stenberg2011-01-041-2/+2
| | | | | As the function doesn't really use the connectdata struct but only the SessionHanadle struct I modified what argument it wants.
* remove the CVSish $Id$ linesDaniel Stenberg2010-03-241-1/+0
|
View Lorry Controller Status