sasl: Introduced Curl_sasl_build_spn() for building a SPN

Various parts of the libcurl source code build a SPN for inclusion in
authentication data. This information is either used by our own native
generation routines or passed to authentication functions in third-party
libraries such as SSPI. However, some of these instances use fixed
buffers rather than dynamically allocated ones and not all of those that
should, convert to wide character strings in Unicode builds.

Implemented a common function that generates a SPN and performs the
wide character conversion where necessary.

lib/curl_sasl.c

@@ -120,6 +120,26 @@ static CURLcode sasl_digest_get_qop_values(const char *options, int *value)
 }
 #endif
 
+#if !defined(USE_WINDOWS_SSPI)
+/*
+ * Curl_sasl_build_spn()
+ *
+ * This is used to build a SPN string in the format service/host.
+ *
+ * Parameters:
+ *
+ * serivce  [in] - The service type such as www, smtp, pop or imap.
+ * instance [in] - The instance name such as the host nme or realm.
+ *
+ * Returns a pointer to the newly allocated SPN.
+ */
+char *Curl_sasl_build_spn(const char *service, const char *host)
+{
+  /* Generate and return our SPN */
+  return aprintf("%s/%s", service, host);
+}
+#endif
+
 /*
  * Curl_sasl_create_plain_message()
  *

lib/curl_sasl.h

@@ -57,6 +57,13 @@ struct ntlmdata;
   (wordlen == (sizeof(mech) - 1) / sizeof(char) && \
    !memcmp(line, mech, wordlen))
 
+/* This is used to build a SPN string */
+#if !defined(USE_WINDOWS_SSPI)
+char *Curl_sasl_build_spn(const char *service, const char *instance);
+#else
+TCHAR *Curl_sasl_build_spn(const char *service, const char *instance);
+#endif
+
 /* This is used to generate a base64 encoded PLAIN authentication message */
 CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
                                         const char *userp,

lib/curl_sasl_sspi.c

@@ -25,7 +25,7 @@
 
 #include "curl_setup.h"
 
-#if defined(USE_WINDOWS_SSPI) && !defined(CURL_DISABLE_CRYPTO_AUTH)
+#if defined(USE_WINDOWS_SSPI)
 
 #include <curl/curl.h>
 
@@ -34,6 +34,7 @@
 #include "curl_base64.h"
 #include "warnless.h"
 #include "curl_memory.h"
+#include "curl_multibyte.h"
 
 #define _MPRINTF_REPLACE /* use our functions only */
 #include <curl/mprintf.h>
@@ -41,6 +42,53 @@
 /* The last #include file should be: */
 #include "memdebug.h"
 
+/*
+ * Curl_sasl_build_spn()
+ *
+ * This is used to build a SPN string in the format service/host.
+ *
+ * Parameters:
+ *
+ * serivce  [in] - The service type such as www, smtp, pop or imap.
+ * instance [in] - The instance name such as the host nme or realm.
+ *
+ * Returns a pointer to the newly allocated SPN.
+ */
+TCHAR *Curl_sasl_build_spn(const char *service, const char *host)
+{
+  char *utf8_spn = NULL;
+  TCHAR *tchar_spn = NULL;
+
+  /* Note: We could use DsMakeSPN() or DsClientMakeSpnForTargetServer() rather
+     than doing this ourselves but the first is only available in Windows XP
+     and Windows Server 2003 and the latter is only available in Windows 2000
+     but not Windows95/98/ME or Windows NT4.0 unless the Active Directory
+     Client Extensions are installed. As such it is far simpler for us to
+     formulate the SPN instead. */
+
+  /* Allocate our UTF8 based SPN */
+  utf8_spn = aprintf("%s/%s", service, host);
+  if(!utf8_spn) {
+    return NULL;
+  }
+
+  /* Allocate our TCHAR based SPN */
+  tchar_spn = Curl_convert_UTF8_to_tchar(utf8_spn);
+  if(!tchar_spn) {
+    Curl_safefree(utf8_spn);
+
+    return NULL;
+  }
+
+  /* Release the UTF8 variant when operating with Unicode */
+  if(utf8_spn != tchar_spn)
+    Curl_safefree(utf8_spn);
+
+  /* Return our newly allocated SPN */
+  return tchar_spn;
+}
+
+#if !defined(CURL_DISABLE_CRYPTO_AUTH)
 /*
  * Curl_sasl_create_digest_md5_message()
  *
@@ -200,4 +248,6 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
   return result;
 }
 
-#endif /* USE_WINDOWS_SSPI && !CURL_DISABLE_CRYPTO_AUTH */
+#endif /* !CURL_DISABLE_CRYPTO_AUTH */
+
+#endif /* USE_WINDOWS_SSPI */