From 94043b11508b9a4bf1fbee9ea17ef658c6413d9d Mon Sep 17 00:00:00 2001
From: Daniel Stenberg <daniel@haxx.se>
Date: Fri, 12 Nov 2004 09:18:14 +0000
Subject: [PATCH] Dan Fandrich added the --disable-crypto-auth option to
 configure to allow libcurl to build without Digest support. (I figure it
 should also explicitly disable Negotiate and NTLM.)

---
 configure.ac      | 19 +++++++++++++++++++
 lib/http.c        | 14 ++++++++++----
 lib/http_digest.c |  2 +-
 lib/md5.c         |  4 ++++
 lib/url.c         |  2 ++
 5 files changed, 36 insertions(+), 5 deletions(-)

diff --git a/configure.ac b/configure.ac
index 611d0c162..1021ceeff 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1473,6 +1473,25 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]),
        AC_MSG_RESULT(no)
 )
 
+dnl ************************************************************
+dnl disable cryptographic authentication
+dnl
+AC_MSG_CHECKING([whether to enable cryptographic authentication methods])
+AC_ARG_ENABLE(crypto-auth,
+AC_HELP_STRING([--enable-crypto-auth],[Enable cryptographic authentication])
+AC_HELP_STRING([--disable-crypto-auth],[Disable cryptographic authentication]),
+[ case "$enableval" in
+  no)
+       AC_MSG_RESULT(no)
+       AC_DEFINE(CURL_DISABLE_CRYPTO_AUTH, 1, [to disable cryptographic authentication])
+       AC_SUBST(CURL_DISABLE_CRYPTO_AUTH)
+       ;;
+  *)   AC_MSG_RESULT(yes)
+       ;;
+  esac ],
+       AC_MSG_RESULT(yes)
+)
+
 AM_CONDITIONAL(CROSSCOMPILING, test x$cross_compiling = xyes)
 
 AC_CONFIG_FILES([Makefile \
diff --git a/lib/http.c b/lib/http.c
index cdc3e1d8c..20cd1c15f 100644
--- a/lib/http.c
+++ b/lib/http.c
@@ -330,6 +330,7 @@ Curl_http_output_auth(struct connectdata *conn,
         }
         data->state.authproxy.done = TRUE;
       }
+#ifndef CURL_DISABLE_CRYPTO_AUTH
       else if(data->state.authproxy.want == CURLAUTH_DIGEST) {
         auth=(char *)"Digest";
         result = Curl_output_digest(conn,
@@ -339,7 +340,7 @@ Curl_http_output_auth(struct connectdata *conn,
         if(result)
           return result;
       }
-
+#endif
       infof(data, "Proxy auth using %s with user '%s'\n",
             auth, conn->proxyuser?conn->proxyuser:"");
     }
@@ -373,6 +374,7 @@ Curl_http_output_auth(struct connectdata *conn,
       else
 #endif
       {
+#ifndef CURL_DISABLE_CRYPTO_AUTH
         if(data->state.authhost.picked == CURLAUTH_DIGEST) {
           auth=(char *)"Digest";
           result = Curl_output_digest(conn,
@@ -381,8 +383,9 @@ Curl_http_output_auth(struct connectdata *conn,
                                       (unsigned char *)path);
           if(result)
             return result;
-        }
-        else if(data->state.authhost.picked == CURLAUTH_BASIC) {
+        } else
+#endif
+        if(data->state.authhost.picked == CURLAUTH_BASIC) {
           if(conn->bits.user_passwd &&
              !checkheaders(data, "Authorization:")) {
             auth=(char *)"Basic";
@@ -489,6 +492,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
     }
     else
 #endif
+#ifndef CURL_DISABLE_CRYPTO_AUTH
       if(checkprefix("Digest", start)) {
         CURLdigest dig;
         *availp |= CURLAUTH_DIGEST;
@@ -504,7 +508,9 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
           data->state.authproblem = TRUE;
         }
       }
-      else if(checkprefix("Basic", start)) {
+      else
+#endif
+      if(checkprefix("Basic", start)) {
         *availp |= CURLAUTH_BASIC;
         authp->avail |= CURLAUTH_BASIC;
         if(authp->picked == CURLAUTH_BASIC) {
diff --git a/lib/http_digest.c b/lib/http_digest.c
index 20f5dc47b..5baccfe58 100644
--- a/lib/http_digest.c
+++ b/lib/http_digest.c
@@ -22,7 +22,7 @@
  ***************************************************************************/
 #include "setup.h"
 
-#ifndef CURL_DISABLE_HTTP
+#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_CRYPTO_AUTH)
 /* -- WIN32 approved -- */
 #include <stdio.h>
 #include <string.h>
diff --git a/lib/md5.c b/lib/md5.c
index 269726b96..1847c3cd1 100644
--- a/lib/md5.c
+++ b/lib/md5.c
@@ -23,6 +23,8 @@
 
 #include "setup.h"
 
+#ifndef CURL_DISABLE_CRYPTO_AUTH
+
 #ifndef USE_SSLEAY
 /* This code segment is only used if OpenSSL is not provided, as if it is
    we use the MD5-function provided there instead. No good duplicating
@@ -346,3 +348,5 @@ void Curl_md5it(unsigned char *outbuffer, /* 16 bytes */
   MD5_Update(&ctx, input, strlen((char *)input));
   MD5_Final(outbuffer, &ctx);
 }
+
+#endif
diff --git a/lib/url.c b/lib/url.c
index 5d0e801b5..78224df0e 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -250,7 +250,9 @@ CURLcode Curl_close(struct SessionHandle *data)
   }
   Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);
 
+#ifndef CURL_DISABLE_CRYPTO_AUTH
   Curl_digest_cleanup(data);
+#endif
 #endif
 
   /* free the connection cache */