mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 23:58:49 -05:00
While inspecting the Negotiate code, I noticed how the proxy auth was using
the same state struct as the host auth, so both could never be used at the same time! I fixed it (without being able to check) to use two separate structs to allow authentication using Negotiate on host and proxy simultanouesly.
This commit is contained in:
parent
e2b2a84497
commit
b6575ce0b0
11
CHANGES
11
CHANGES
@ -7,7 +7,18 @@
|
||||
Changelog
|
||||
|
||||
|
||||
Daniel S (21 Nov 2007)
|
||||
- While inspecting the Negotiate code, I noticed how the proxy auth was using
|
||||
the same state struct as the host auth, so both could never be used at the
|
||||
same time! I fixed it (without being able to check) to use two separate
|
||||
structs to allow authentication using Negotiate on host and proxy
|
||||
simultanouesly.
|
||||
|
||||
Daniel S (20 Nov 2007)
|
||||
- Emil Romanus pointed out a bug that made an easy handle get the cookie
|
||||
engine activated when set to use a share (even if the share doesn't share
|
||||
cookies). I fixed it.
|
||||
|
||||
- Fixed a very long-lasting mprintf() bug that occured when we did "%.*s%s",
|
||||
since the second %s would then wrongly used the numerical precision argument
|
||||
instead and crash.
|
||||
|
@ -24,6 +24,8 @@ This release includes the following bugfixes:
|
||||
o variable wrapping when using debug callback and the HTTP request wasn't sent
|
||||
in one go
|
||||
o SSL connections with NSS done with the multi-interface
|
||||
o setting a share no longer activates cookies
|
||||
o Negotiate now works on auth and proxy simultanouesly
|
||||
|
||||
This release includes the following known bugs:
|
||||
|
||||
@ -42,6 +44,7 @@ This release would not have looked like this without help, code, reports and
|
||||
advice from friends like these:
|
||||
|
||||
Dan Fandrich, Gisle Vanem, Toby Peterson, Yang Tse, Daniel Black,
|
||||
Robin Johnson, Michal Marek, Ates Goral, Andres Garcia, Rob Crittenden
|
||||
Robin Johnson, Michal Marek, Ates Goral, Andres Garcia, Rob Crittenden,
|
||||
Emil Romanus
|
||||
|
||||
Thanks! (and sorry if I forgot to mention someone)
|
||||
|
@ -1,9 +1,6 @@
|
||||
To be addressed before 7.17.2 (planned release: December 2007)
|
||||
=============================
|
||||
|
||||
106 - Share interface force-enable the cookie parser
|
||||
http://curl.haxx.se/mail/lib-2007-11/0234.html
|
||||
|
||||
107 - resolve the type= thing for FTP URLs over HTTP proxies
|
||||
|
||||
108 -
|
||||
|
@ -51,7 +51,8 @@
|
||||
static int
|
||||
get_gss_name(struct connectdata *conn, bool proxy, gss_name_t *server)
|
||||
{
|
||||
struct negotiatedata *neg_ctx = &conn->data->state.negotiate;
|
||||
struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
|
||||
&conn->data->state.negotiate;
|
||||
OM_uint32 major_status, minor_status;
|
||||
gss_buffer_desc token = GSS_C_EMPTY_BUFFER;
|
||||
char name[2048];
|
||||
@ -98,12 +99,12 @@ log_gss_error(struct connectdata *conn, OM_uint32 error_status, char *prefix)
|
||||
snprintf(buf, sizeof(buf), "%s", prefix);
|
||||
len = strlen(buf);
|
||||
do {
|
||||
maj_stat = gss_display_status (&min_stat,
|
||||
error_status,
|
||||
GSS_C_MECH_CODE,
|
||||
GSS_C_NO_OID,
|
||||
&msg_ctx,
|
||||
&status_string);
|
||||
maj_stat = gss_display_status(&min_stat,
|
||||
error_status,
|
||||
GSS_C_MECH_CODE,
|
||||
GSS_C_NO_OID,
|
||||
&msg_ctx,
|
||||
&status_string);
|
||||
if(sizeof(buf) > len + status_string.length + 1) {
|
||||
snprintf(buf + len, sizeof(buf) - len,
|
||||
": %s", (char*) status_string.value);
|
||||
@ -118,7 +119,8 @@ log_gss_error(struct connectdata *conn, OM_uint32 error_status, char *prefix)
|
||||
int Curl_input_negotiate(struct connectdata *conn, bool proxy,
|
||||
const char *header)
|
||||
{
|
||||
struct negotiatedata *neg_ctx = &conn->data->state.negotiate;
|
||||
struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
|
||||
&conn->data->state.negotiate;
|
||||
OM_uint32 major_status, minor_status, minor_status2;
|
||||
gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;
|
||||
gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;
|
||||
@ -251,13 +253,14 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
|
||||
|
||||
CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
|
||||
{
|
||||
struct negotiatedata *neg_ctx = &conn->data->state.negotiate;
|
||||
struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:
|
||||
&conn->data->state.negotiate;
|
||||
OM_uint32 minor_status;
|
||||
char *encoded = NULL;
|
||||
int len;
|
||||
|
||||
#ifdef HAVE_SPNEGO /* Handle SPNEGO */
|
||||
if(checkprefix("Negotiate",neg_ctx->protocol)) {
|
||||
if(checkprefix("Negotiate", neg_ctx->protocol)) {
|
||||
ASN1_OBJECT * object = NULL;
|
||||
int rc = 1;
|
||||
unsigned char * spnegoToken = NULL;
|
||||
@ -310,11 +313,9 @@ CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)
|
||||
return (conn->allocptr.userpwd == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;
|
||||
}
|
||||
|
||||
void Curl_cleanup_negotiate(struct SessionHandle *data)
|
||||
static void cleanup(struct negotiatedata *neg_ctx)
|
||||
{
|
||||
OM_uint32 minor_status;
|
||||
struct negotiatedata *neg_ctx = &data->state.negotiate;
|
||||
|
||||
if(neg_ctx->context != GSS_C_NO_CONTEXT)
|
||||
gss_delete_sec_context(&minor_status, &neg_ctx->context, GSS_C_NO_BUFFER);
|
||||
|
||||
@ -327,6 +328,12 @@ void Curl_cleanup_negotiate(struct SessionHandle *data)
|
||||
memset(neg_ctx, 0, sizeof(*neg_ctx));
|
||||
}
|
||||
|
||||
void Curl_cleanup_negotiate(struct SessionHandle *data)
|
||||
{
|
||||
cleanup(&data->state.negotiate);
|
||||
cleanup(&data->state.proxyneg);
|
||||
}
|
||||
|
||||
|
||||
#endif
|
||||
#endif
|
||||
|
@ -1199,7 +1199,8 @@ struct UrlState {
|
||||
struct digestdata proxydigest; /* state data for proxy Digest auth */
|
||||
|
||||
#ifdef HAVE_GSSAPI
|
||||
struct negotiatedata negotiate; /* state data for Negotiate auth */
|
||||
struct negotiatedata negotiate; /* state data for host Negotiate auth */
|
||||
struct negotiatedata proxyneg; /* state data for proxy Negotiate auth */
|
||||
#endif
|
||||
|
||||
struct auth authhost; /* auth details for host */
|
||||
|
Loading…
Reference in New Issue
Block a user