summaryrefslogtreecommitdiff
path: root/lib/vauth/ntlm.c
Commit message (Collapse)AuthorAgeFilesLines
* ntlm: Removed the dependency on the TLS libaries when using MD5Steve Holme2020-02-231-6/+7
| | | | | | | As we have our own MD5 implementation use the MD5 wrapper to remove the TLS dependency. Closes #4967
* auth: Rename the various authentication clean up functionsSteve Holme2019-05-121-4/+4
| | | | | | For consistency and to a avoid confusion. Closes #3869
* ntlm: Fix misaligned function comments for Curl_auth_ntlm_cleanup()Steve Holme2019-05-101-9/+9
| | | | | | From 6012fa5a. Closes #3858
* ntlm: fix *_type3_message size check to avoid buffer overflowDaniel Stenberg2019-02-041-4/+7
| | | | | | Bug: https://curl.haxx.se/docs/CVE-2019-3822.html Reported-by: Wenxiang Qian CVE-2019-3822
* NTLM: fix size check condition for type2 received dataDaniel Stenberg2019-02-041-3/+4
| | | | | | Bug: https://curl.haxx.se/docs/CVE-2018-16890.html Reported-by: Wenxiang Qian CVE-2018-16890
* ntlm: update selection of type 3 responseMarkus Moeller2019-01-011-3/+5
| | | | | | | | | | | NTLM2 did not work i.e. no NTLMv2 response was created. Changing the check seems to work. Ref: https://winprotocoldoc.blob.core.windows.net/productionwindowsarchives/MS-NLMP/[MS-NLMP].pdf Fixes https://github.com/curl/curl/issues/3286 Closes https://github.com/curl/curl/pull/3287 Closes https://github.com/curl/curl/pull/3415
* snprintf: renamed and we now only use msnprintf()Daniel Stenberg2018-11-231-111/+111
| | | | | | | | | | | The function does not return the same value as snprintf() normally does, so readers may be mislead into thinking the code works differently than it actually does. A different function name makes this easier to detect. Reported-by: Tomas Hoger Assisted-by: Daniel Gustafsson Fixes #3296 Closes #3297
* comment: Fix multiple typos in function parametersDaniel Gustafsson2018-10-031-2/+2
| | | | | | | | Ensure that the parameters in the comment match the actual names in the prototype. Closes #3079 Reviewed-by: Daniel Stenberg <daniel@haxx.se>
* ntlm: Fix format specifiersRikard Falkeborn2018-05-141-3/+3
|
* ntlm_sspi: fix authentication using Credential Managertoughengineer2018-04-161-0/+6
| | | | | | | | | | | | | If you pass empty user/pass asking curl to use Windows Credential Storage (as stated in the docs) and it has valid credentials for the domain, e.g. curl -v -u : --ntlm example.com currently authentication fails. This change fixes it by providing proper SPN string to the SSPI API calls. Fixes https://github.com/curl/curl/issues/1622 Closes https://github.com/curl/curl/pull/1660
* ntlm: remove unnecessary NULL-check to please scan-buildDaniel Stenberg2017-11-211-2/+1
|
* ntlm: use strict order for SSL backend #if branchesViktor Szakats2017-09-221-2/+4
| | | | | | | | | | | | | | | | | | | With the recently introduced MultiSSL support multiple SSL backends can be compiled into cURL That means that now the order of the SSL One option would be to use the same SSL backend as was configured via `curl_global_sslset()`, however, NTLMv2 support would appear to be available only with some SSL backends. For example, when eb88d778e (ntlm: Use Windows Crypt API, 2014-12-02) introduced support for NTLMv1 using Windows' Crypt API, it specifically did *not* introduce NTLMv2 support using Crypt API at the same time. So let's select one specific SSL backend for NTLM support when compiled with multiple SSL backends, using a priority order such that we support NTLMv2 even if only one compiled-in SSL backend can be used for that. Ref: https://github.com/curl/curl/pull/1848
* Curl_base64_encode: always call with a real data handle.Patrick Monnerat2017-09-021-4/+6
| | | | | Some calls in different modules were setting the data handle to NULL, causing segmentation faults when using builds that enable character code conversions.
* rand: treat fake entropy the same regardless of endiannessJay Satiro2017-05-081-8/+6
| | | | | | | | | | | | | | | | | When the random seed is purposely made predictable for testing purposes by using the CURL_ENTROPY environment variable, process that data in an endian agnostic way so the the initial random seed is the same regardless of endianness. - Change Curl_rand to write to a char array instead of int array. - Add Curl_rand_hex to write random hex characters to a buffer. Fixes #1315 Closes #1468 Co-authored-by: Daniel Stenberg Reported-by: Michael Kaufmann
* NTLM: check for features with #ifdef instead of #ifMarcel Raad2017-03-291-9/+9
| | | | | | | | | Feature defines are normally checked with #ifdef instead of #if in the rest of the codebase. Additionally, some compilers warn when a macro is implicitly evaluated to 0 because it is not defined, which was the case here. Ref: https://github.com/curl/curl/pull/1362#discussion_r108605101 Closes https://github.com/curl/curl/pull/1367
* use *.sourceforge.io and misc URL updatesViktor Szakats2017-02-061-2/+2
| | | | | Ref: https://sourceforge.net/blog/introducing-https-for-project-websites/ Closes: https://github.com/curl/curl/pull/1247
* Curl_rand: fixed and moved to rand.cDaniel Stenberg2016-11-141-5/+7
| | | | | | | | | | | | | Now Curl_rand() is made to fail if it cannot get the necessary random level. Changed the proto of Curl_rand() slightly to provide a number of ints at once. Moved out from vtls, since it isn't a TLS function and vtls provides Curl_ssl_random() for this to use. Discussion: https://curl.haxx.se/mail/lib-2016-11/0119.html
* vauth: Introduced Curl_auth_is_<mechansism>_supported() functionsSteve Holme2016-08-181-0/+14
| | | | | | | | | | As Windows SSPI authentication calls fail when a particular mechanism isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5 and Negotiate to allow both HTTP and SASL authentication the opportunity to query support for a supported mechanism before selecting it. For now each function returns TRUE to maintain compatability with the existing code when called.
* internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg2016-06-221-3/+3
|
* URLs: change http to https in many placesViktor Szakats2016-04-061-1/+1
| | | | Closes #754
* vauth: Refactored function names after move to new vauth directorySteve Holme2016-03-251-10/+10
| | | | | Renamed all the SASL functions that moved to the new vauth directory to include the correct module name.
* vauth: Moved the NTLM authentication code to the new vauth directorySteve Holme2016-03-251-0/+842
View Lorry Controller Status