moparisthebest
/
curl
mirror of https://github.com/moparisthebest/curl
1
0
Fork 0
Code Issues Releases Wiki Activity

NTLM single-sign on adjustments (X) 

Functions renamed:

Curl_output_ntlm_sso -> Curl_output_ntlm_wb
sso_ntlm_close -> wb_ntlm_close
sso_ntlm_response -> wb_ntlm_response
sso_ntlm_initiate -> wb_ntlm_initiate

Preprocessor symbols renamed:

CURLAUTH_NTLM_SSO -> CURLAUTH_NTLM_WB
CURL_VERSION_NTLM_SSO -> CURL_VERSION_NTLM_WB
This commit is contained in:
Yang Tse 2011-08-26 18:57:50 +02:00
parent 186463e7fa
commit 407e08baad
8 changed files with 38 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/libcurl/symbols-in-versions
View File

@ -20,7 +20,7 @@ CURLAUTH_DIGEST_IE 7.19.3
CURLAUTH_GSSNEGOTIATE 7.10.6
CURLAUTH_NONE 7.10.6
CURLAUTH_NTLM 7.10.6
CURLAUTH_NTLM_SSO 7.22.0
CURLAUTH_NTLM_WB 7.22.0
CURLAUTH_ONLY 7.21.3
CURLCLOSEPOLICY_CALLBACK 7.7
CURLCLOSEPOLICY_LEAST_RECENTLY_USED 7.7
@ -680,7 +680,7 @@ CURL_VERSION_KERBEROS4 7.10
CURL_VERSION_LARGEFILE 7.11.1
CURL_VERSION_LIBZ 7.10
CURL_VERSION_NTLM 7.10.6
CURL_VERSION_NTLM_SSO 7.22.0
CURL_VERSION_NTLM_WB 7.22.0
CURL_VERSION_SPNEGO 7.10.8
CURL_VERSION_SSL 7.10
CURL_VERSION_SSPI 7.13.2

6
include/curl/curl.h
View File

@ -598,7 +598,7 @@ typedef enum {
#define CURLAUTH_GSSNEGOTIATE (1<<2) /* GSS-Negotiate */
#define CURLAUTH_NTLM (1<<3) /* NTLM */
#define CURLAUTH_DIGEST_IE (1<<4) /* Digest with IE flavour */
#define CURLAUTH_NTLM_SSO (1<<5) /* NTLM single-sign-on */
#define CURLAUTH_NTLM_WB (1<<5) /* NTLM delegating to winbind helper */
#define CURLAUTH_ONLY (1<<31) /* used together with a single other
type to force no auth or just that
single type */
@ -2095,8 +2095,8 @@ typedef struct {
#define CURL_VERSION_CONV (1<<12) /* character conversions supported */
#define CURL_VERSION_CURLDEBUG (1<<13) /* debug memory tracking supported */
#define CURL_VERSION_TLSAUTH_SRP (1<<14) /* TLS-SRP auth is supported */
#define CURL_VERSION_NTLM_SSO (1<<15) /* NTLM single-sign-on is supported
by using ntlm_auth */
#define CURL_VERSION_NTLM_WB (1<<15) /* NTLM delegating to winbind helper */
/*
* NAME curl_version_info()
*

20
lib/http.c
View File

@ -292,8 +292,8 @@ static bool pickoneauth(struct auth *pick)
pick->picked = CURLAUTH_DIGEST;
else if(avail & CURLAUTH_NTLM)
pick->picked = CURLAUTH_NTLM;
else if(avail & CURLAUTH_NTLM_SSO)
pick->picked = CURLAUTH_NTLM_SSO;
else if(avail & CURLAUTH_NTLM_WB)
pick->picked = CURLAUTH_NTLM_WB;
else if(avail & CURLAUTH_BASIC)
pick->picked = CURLAUTH_BASIC;
else {
@ -381,8 +381,8 @@ static CURLcode http_perhapsrewind(struct connectdata *conn)
/* There is still data left to send */
if((data->state.authproxy.picked == CURLAUTH_NTLM) ||
(data->state.authhost.picked == CURLAUTH_NTLM) ||
(data->state.authproxy.picked == CURLAUTH_NTLM_SSO) ||
(data->state.authhost.picked == CURLAUTH_NTLM_SSO)) {
(data->state.authproxy.picked == CURLAUTH_NTLM_WB) ||
(data->state.authhost.picked == CURLAUTH_NTLM_WB)) {
if(((expectsend - bytessent) < 2000) ||
(conn->ntlm.state != NTLMSTATE_NONE)) {
/* The NTLM-negotiation has started *OR* there is just a little (<2K)
@ -546,10 +546,10 @@ output_auth_headers(struct connectdata *conn,
else
#endif
#ifdef USE_NTLM_SSO
if(authstatus->picked == CURLAUTH_NTLM_SSO) {
if(authstatus->picked == CURLAUTH_NTLM_WB) {
auth="NTLM_SSO";
#ifdef WINBIND_NTLM_AUTH_ENABLED
result = Curl_output_ntlm_sso(conn, proxy);
result = Curl_output_ntlm_wb(conn, proxy);
if(result)
return result;
#else
@ -771,18 +771,18 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
*availp |= CURLAUTH_NTLM;
authp->avail |= CURLAUTH_NTLM;
if(authp->picked == CURLAUTH_NTLM ||
authp->picked == CURLAUTH_NTLM_SSO) {
authp->picked == CURLAUTH_NTLM_WB) {
/* NTLM authentication is picked and activated */
CURLcode ntlm =
Curl_input_ntlm(conn, (bool)(httpcode == 407), start);
if(CURLE_OK == ntlm) {
data->state.authproblem = FALSE;
#ifdef WINBIND_NTLM_AUTH_ENABLED
if(authp->picked == CURLAUTH_NTLM_SSO) {
if(authp->picked == CURLAUTH_NTLM_WB) {
*availp &= ~CURLAUTH_NTLM;
authp->avail &= ~CURLAUTH_NTLM;
*availp |= CURLAUTH_NTLM_SSO;
authp->avail |= CURLAUTH_NTLM_SSO;
*availp |= CURLAUTH_NTLM_WB;
authp->avail |= CURLAUTH_NTLM_WB;
/* Get the challenge-message which will be passed to
* ntlm_auth for generating the type 3 message later */

26
lib/http_ntlm.c
View File

@ -125,7 +125,7 @@ CURLcode Curl_input_ntlm(struct connectdata *conn,
}
#ifdef WINBIND_NTLM_AUTH_ENABLED
static void sso_ntlm_close(struct connectdata *conn)
static void wb_ntlm_close(struct connectdata *conn)
{
if(conn->ntlm_auth_hlpr_socket != CURL_SOCKET_BAD) {
sclose(conn->ntlm_auth_hlpr_socket);
@ -163,8 +163,8 @@ static void sso_ntlm_close(struct connectdata *conn)
conn->response_header = NULL;
}
static CURLcode sso_ntlm_initiate(struct connectdata *conn,
const char *userp)
static CURLcode wb_ntlm_initiate(struct connectdata *conn,
const char *userp)
{
curl_socket_t sockfds[2];
pid_t child_pid;
@ -279,8 +279,8 @@ done:
return CURLE_REMOTE_ACCESS_DENIED;
}
static CURLcode sso_ntlm_response(struct connectdata *conn,
const char *input, curlntlm state)
static CURLcode wb_ntlm_response(struct connectdata *conn,
const char *input, curlntlm state)
{
ssize_t size;
char buf[200]; /* enough, type 1, 3 message length is less then 200 */
@ -342,9 +342,9 @@ done:
/*
* This is for creating ntlm header output by delegating challenge/response
* to a Samba's daemon helper ntlm_auth
* to Samba's winbind daemon helper ntlm_auth.
*/
CURLcode Curl_output_ntlm_sso(struct connectdata *conn,
CURLcode Curl_output_ntlm_wb(struct connectdata *conn,
bool proxy)
{
/* point to the address of the pointer that holds the string to sent to the
@ -396,10 +396,10 @@ CURLcode Curl_output_ntlm_sso(struct connectdata *conn,
* handling process.
*/
/* Create communication with ntlm_auth */
res = sso_ntlm_initiate(conn, userp);
res = wb_ntlm_initiate(conn, userp);
if(res)
return res;
res = sso_ntlm_response(conn, "YR\n", ntlm->state);
res = wb_ntlm_response(conn, "YR\n", ntlm->state);
if(res)
return res;
@ -415,9 +415,7 @@ CURLcode Curl_output_ntlm_sso(struct connectdata *conn,
input = aprintf("TT %s", conn->challenge_header);
if(!input)
return CURLE_OUT_OF_MEMORY;
res = sso_ntlm_response(conn,
input,
ntlm->state);
res = wb_ntlm_response(conn, input, ntlm->state);
free(input);
input = NULL;
if(res)
@ -430,7 +428,7 @@ CURLcode Curl_output_ntlm_sso(struct connectdata *conn,
DEBUG_OUT(fprintf(stderr, "**** %s\n ", *allocuserpwd));
ntlm->state = NTLMSTATE_TYPE3; /* we sent a type-3 */
authp->done = TRUE;
sso_ntlm_close(conn);
wb_ntlm_close(conn);
break;
case NTLMSTATE_TYPE3:
/* connection is already authenticated,
@ -566,7 +564,7 @@ void Curl_http_ntlm_cleanup(struct connectdata *conn)
Curl_ntlm_sspi_cleanup(&conn->ntlm);
Curl_ntlm_sspi_cleanup(&conn->proxyntlm);
#elif defined(WINBIND_NTLM_AUTH_ENABLED)
sso_ntlm_close(conn);
wb_ntlm_close(conn);
#else
(void)conn;
#endif

2
lib/http_ntlm.h
View File

@ -32,7 +32,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn, bool proxy);
#ifdef WINBIND_NTLM_AUTH_ENABLED
/* this is for creating ntlm header output by delegating challenge/response
to Samba's winbind daemon helper ntlm_auth */
CURLcode Curl_output_ntlm_sso(struct connectdata *conn, bool proxy);
CURLcode Curl_output_ntlm_wb(struct connectdata *conn, bool proxy);
#endif
#ifdef USE_NTLM

10
lib/url.c
View File

@ -1389,8 +1389,8 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
auth &= ~CURLAUTH_NTLM; /* no NTLM without SSL */
#endif
#ifndef USE_NTLM_SSO
auth &= ~CURLAUTH_NTLM_SSO; /* no NTLM single-sign-on without SSL
and ntlm_auth */
auth &= ~CURLAUTH_NTLM_WB; /* no NTLM single-sign-on without SSL
and ntlm_auth */
#endif
#ifndef USE_HTTP_NEGOTIATE
auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
@ -1454,8 +1454,8 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
auth &= ~CURLAUTH_NTLM; /* no NTLM without SSL */
#endif
#ifndef USE_NTLM_SSO
auth &= ~CURLAUTH_NTLM_SSO; /* no NTLM single-sign-on without SSL
and ntlm_auth */
auth &= ~CURLAUTH_NTLM_WB; /* no NTLM single-sign-on without SSL
and ntlm_auth */
#endif
#ifndef USE_HTTP_NEGOTIATE
auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
@ -2999,7 +2999,7 @@ ConnectionExists(struct SessionHandle *data,
if((needle->handler->protocol & CURLPROTO_FTP) ||
((needle->handler->protocol & CURLPROTO_HTTP) &&
((data->state.authhost.want==CURLAUTH_NTLM) ||
(data->state.authhost.want==CURLAUTH_NTLM_SSO)))) {
(data->state.authhost.want==CURLAUTH_NTLM_WB)))) {
/* This is FTP or HTTP+NTLM, verify that we're using the same name
and password as well */
if(!strequal(needle->user, check->user) ||

2
lib/version.c
View File

@ -241,7 +241,7 @@ static curl_version_info_data version_info = {
| CURL_VERSION_NTLM
#endif
#ifdef USE_NTLM_SSO
| CURL_VERSION_NTLM_SSO
| CURL_VERSION_NTLM_WB
#endif
#ifdef USE_WINDOWS_SSPI
| CURL_VERSION_SSPI

8
src/main.c
View File

@ -2237,13 +2237,13 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
case 'M': /* --ntlm-sso */
if(toggle) {
if(curlinfo->features & CURL_VERSION_NTLM_SSO)
config->authtype |= CURLAUTH_NTLM_SSO;
if(curlinfo->features & CURL_VERSION_NTLM_WB)
config->authtype |= CURLAUTH_NTLM_WB;
else
return PARAM_LIBCURL_DOESNT_SUPPORT;
}
else
config->authtype &= ~CURLAUTH_NTLM_SSO;
config->authtype &= ~CURLAUTH_NTLM_WB;
break;
case 'n': /* --basic for completeness */
@ -3229,7 +3229,7 @@ static ParameterError getparameter(char *flag, /* f or -long-flag */
{"IPv6", CURL_VERSION_IPV6},
{"Largefile", CURL_VERSION_LARGEFILE},
{"NTLM", CURL_VERSION_NTLM},
{"NTLM_SSO", CURL_VERSION_NTLM_SSO},
{"NTLM_SSO", CURL_VERSION_NTLM_WB},
{"SPNEGO", CURL_VERSION_SPNEGO},
{"SSL", CURL_VERSION_SSL},
{"SSPI", CURL_VERSION_SSPI},