mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 23:58:49 -05:00
http_negotiate: Combine GSS-API and SSPI source files
As the GSS-API and SSPI based source files are no longer library/API specific, following the extraction of that authentication code to the vauth directory, combine these files rather than maintain two separate versions.
This commit is contained in:
Steve Holme
parent
6d6f9ca1d9
commit
4adee1947c
@ -50,10 +50,10 @@ LIB_CFILES = file.c timeval.c base64.c hostip.c progress.c formdata.c \
|
||||
curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c \
|
||||
pingpong.c rtsp.c curl_threads.c warnless.c hmac.c curl_rtmp.c \
|
||||
openldap.c curl_gethostname.c gopher.c idn_win32.c \
|
||||
http_negotiate_sspi.c http_proxy.c non-ascii.c asyn-ares.c \
|
||||
asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c \
|
||||
curl_ntlm_core.c curl_sasl.c curl_multibyte.c hostcheck.c conncache.c \
|
||||
pipeline.c dotdot.c x509asn1.c http2.c smb.c curl_endian.c curl_des.c
|
||||
http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c \
|
||||
curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_sasl.c \
|
||||
curl_multibyte.c hostcheck.c conncache.c pipeline.c dotdot.c \
|
||||
x509asn1.c http2.c smb.c curl_endian.c curl_des.c
|
||||
|
||||
LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \
|
||||
formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h if2ip.h \
|
||||
|
||||
@ -574,7 +574,6 @@ X_OBJS= \
|
||||
$(DIROBJ)\http_chunks.obj \
|
||||
$(DIROBJ)\http_digest.obj \
|
||||
$(DIROBJ)\http_negotiate.obj \
|
||||
$(DIROBJ)\http_negotiate_sspi.obj \
|
||||
$(DIROBJ)\http_proxy.obj \
|
||||
$(DIROBJ)\idn_win32.obj \
|
||||
$(DIROBJ)\if2ip.obj \
|
||||
|
||||
@ -22,7 +22,7 @@
|
||||
|
||||
#include "curl_setup.h"
|
||||
|
||||
#if defined(HAVE_GSSAPI) && !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)
|
||||
#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)
|
||||
|
||||
#include "urldata.h"
|
||||
#include "sendf.h"
|
||||
@ -39,8 +39,11 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
|
||||
const char *header)
|
||||
{
|
||||
struct SessionHandle *data = conn->data;
|
||||
size_t len;
|
||||
|
||||
/* Point to the service and host */
|
||||
/* Point to the username, password, service and host */
|
||||
const char *userp;
|
||||
const char *passwdp;
|
||||
const char *service;
|
||||
const char *host;
|
||||
|
||||
@ -48,29 +51,50 @@ CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
|
||||
struct negotiatedata *neg_ctx;
|
||||
|
||||
if(proxy) {
|
||||
userp = conn->proxyuser;
|
||||
passwdp = conn->proxypasswd;
|
||||
service = data->set.str[STRING_PROXY_SERVICE_NAME];
|
||||
host = conn->host.name;
|
||||
neg_ctx = &data->state.proxyneg;
|
||||
}
|
||||
else {
|
||||
userp = conn->user;
|
||||
passwdp = conn->passwd;
|
||||
service = data->set.str[STRING_SERVICE_NAME];
|
||||
host = conn->proxy.name;
|
||||
neg_ctx = &data->state.negotiate;
|
||||
}
|
||||
|
||||
/* Not set means empty */
|
||||
if(!userp)
|
||||
userp = "";
|
||||
|
||||
if(!passwdp)
|
||||
passwdp = "";
|
||||
|
||||
/* Obtain the input token, if any */
|
||||
header += strlen("Negotiate");
|
||||
while(*header && ISSPACE(*header))
|
||||
header++;
|
||||
|
||||
len = strlen(header);
|
||||
if(!len) {
|
||||
/* Is this the first call in a new negotiation? */
|
||||
if(neg_ctx->context) {
|
||||
/* The server rejected our authentication and hasn't suppled any more
|
||||
negotiation mechanisms */
|
||||
return CURLE_LOGIN_DENIED;
|
||||
}
|
||||
}
|
||||
|
||||
/* Initilise the security context and decode our challenge */
|
||||
return Curl_auth_decode_spnego_message(data, NULL, NULL, service, host,
|
||||
return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host,
|
||||
header, neg_ctx);
|
||||
}
|
||||
|
||||
CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
|
||||
{
|
||||
struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
|
||||
struct negotiatedata *neg_ctx = proxy ? &conn->data->state.proxyneg :
|
||||
&conn->data->state.negotiate;
|
||||
char *base64 = NULL;
|
||||
size_t len = 0;
|
||||
@ -104,4 +128,4 @@ void Curl_cleanup_negotiate(struct SessionHandle *data)
|
||||
Curl_auth_spnego_cleanup(&data->state.proxyneg);
|
||||
}
|
||||
|
||||
#endif /* HAVE_GSSAPI && !CURL_DISABLE_HTTP && USE_SPNEGO */
|
||||
#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */
|
||||
|
||||
@ -1,135 +0,0 @@
|
||||
/***************************************************************************
|
||||
* _ _ ____ _
|
||||
* Project ___| | | | _ \| |
|
||||
* / __| | | | |_) | |
|
||||
* | (__| |_| | _ <| |___
|
||||
* \___|\___/|_| \_\_____|
|
||||
*
|
||||
* Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
*
|
||||
* This software is licensed as described in the file COPYING, which
|
||||
* you should have received as part of this distribution. The terms
|
||||
* are also available at https://curl.haxx.se/docs/copyright.html.
|
||||
*
|
||||
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
|
||||
* copies of the Software, and permit persons to whom the Software is
|
||||
* furnished to do so, under the terms of the COPYING file.
|
||||
*
|
||||
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
|
||||
* KIND, either express or implied.
|
||||
*
|
||||
***************************************************************************/
|
||||
|
||||
#include "curl_setup.h"
|
||||
|
||||
#ifdef USE_WINDOWS_SSPI
|
||||
|
||||
#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)
|
||||
|
||||
#include "urldata.h"
|
||||
#include "sendf.h"
|
||||
#include "rawstr.h"
|
||||
#include "vauth/vauth.h"
|
||||
#include "http_negotiate.h"
|
||||
#include "curl_printf.h"
|
||||
|
||||
/* The last #include files should be: */
|
||||
#include "curl_memory.h"
|
||||
#include "memdebug.h"
|
||||
|
||||
CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,
|
||||
const char *header)
|
||||
{
|
||||
struct SessionHandle *data = conn->data;
|
||||
size_t len;
|
||||
|
||||
/* Point to the username, password, service and host */
|
||||
const char *userp;
|
||||
const char *passwdp;
|
||||
const char *service;
|
||||
const char *host;
|
||||
|
||||
/* Point to the correct struct with this */
|
||||
struct negotiatedata *neg_ctx;
|
||||
|
||||
if(proxy) {
|
||||
userp = conn->proxyuser;
|
||||
passwdp = conn->proxypasswd;
|
||||
service = data->set.str[STRING_PROXY_SERVICE_NAME];
|
||||
host = conn->host.name;
|
||||
neg_ctx = &data->state.proxyneg;
|
||||
}
|
||||
else {
|
||||
userp = conn->user;
|
||||
passwdp = conn->passwd;
|
||||
service = data->set.str[STRING_SERVICE_NAME];
|
||||
host = conn->proxy.name;
|
||||
neg_ctx = &data->state.negotiate;
|
||||
}
|
||||
|
||||
/* Not set means empty */
|
||||
if(!userp)
|
||||
userp = "";
|
||||
|
||||
if(!passwdp)
|
||||
passwdp = "";
|
||||
|
||||
/* Obtain the input token, if any */
|
||||
header += strlen("Negotiate");
|
||||
while(*header && ISSPACE(*header))
|
||||
header++;
|
||||
|
||||
len = strlen(header);
|
||||
if(!len) {
|
||||
/* Is this the first call in a new negotiation? */
|
||||
if(neg_ctx->context) {
|
||||
/* The server rejected our authentication and hasn't suppled any more
|
||||
negotiation mechanisms */
|
||||
return CURLE_LOGIN_DENIED;
|
||||
}
|
||||
}
|
||||
|
||||
/* Initilise the security context and decode our challenge */
|
||||
return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host,
|
||||
header, neg_ctx);
|
||||
}
|
||||
|
||||
CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
|
||||
{
|
||||
struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
|
||||
&conn->data->state.negotiate;
|
||||
char *base64 = NULL;
|
||||
size_t len = 0;
|
||||
char *userp;
|
||||
CURLcode result;
|
||||
|
||||
result = Curl_auth_create_spnego_message(conn->data, neg_ctx, &base64, &len);
|
||||
if(result)
|
||||
return result;
|
||||
|
||||
userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "",
|
||||
base64);
|
||||
|
||||
if(proxy) {
|
||||
Curl_safefree(conn->allocptr.proxyuserpwd);
|
||||
conn->allocptr.proxyuserpwd = userp;
|
||||
}
|
||||
else {
|
||||
Curl_safefree(conn->allocptr.userpwd);
|
||||
conn->allocptr.userpwd = userp;
|
||||
}
|
||||
|
||||
free(base64);
|
||||
|
||||
return (userp == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;
|
||||
}
|
||||
|
||||
void Curl_cleanup_negotiate(struct SessionHandle *data)
|
||||
{
|
||||
Curl_auth_spnego_cleanup(&data->state.negotiate);
|
||||
Curl_auth_spnego_cleanup(&data->state.proxyneg);
|
||||
}
|
||||
|
||||
#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */
|
||||
|
||||
#endif /* USE_WINDOWS_SSPI */
|
||||
@ -35,11 +35,11 @@ SOURCE \
|
||||
socks_sspi.c curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c \
|
||||
pop3.c smtp.c pingpong.c rtsp.c curl_threads.c warnless.c hmac.c \
|
||||
vtls/polarssl.c curl_rtmp.c openldap.c curl_gethostname.c gopher.c \
|
||||
vtls/axtls.c idn_win32.c http_negotiate_sspi.c vtls/cyassl.c \
|
||||
http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c \
|
||||
curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_sasl.c \
|
||||
vtls/schannel.c curl_multibyte.c vtls/darwinssl.c conncache.c \
|
||||
curl_sasl_sspi.c smb.c curl_endian.c curl_des.c \
|
||||
vtls/axtls.c idn_win32.c vtls/cyassl.c http_proxy.c non-ascii.c \
|
||||
asyn-ares.c asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c \
|
||||
curl_ntlm_core.c curl_sasl.c vtls/schannel.c curl_multibyte.c \
|
||||
vtls/darwinssl.c conncache.c curl_sasl_sspi.c smb.c curl_endian.c \
|
||||
curl_des.c \
|
||||
vauth/vauth.c vauth/cleartext.c vauth/cram.c vauth/digest.c \
|
||||
vauth/digest_sspi.c vauth/krb5_gssapi.c vauth/krb5_sspi.c \
|
||||
vauth/ntlm.c vauth/ntlm_sspi.c vauth/oauth2.c vauth/spnego_gssapi.c \
|
||||
|
||||
Loading…
Reference in New Issue
Block a user