sspi: Define authentication package name constants

These were previously hard coded, and whilst defined in security.h, they may or may not be present in old header files given that these defines were never used in the original code. Not only that, but there appears to be some ambiguity between the ANSI and UNICODE NTLM definition name in security.h.
2024-12-21 23:58:49 -05:00 · 2014-11-05 11:43:22 +00:00 · 2014-11-05 11:43:22 +00:00 · d62cb0f5d0
commit d62cb0f5d0
parent 1c05b9359d
4 changed files with 14 additions and 9 deletions
--- a/lib/curl_ntlm_msgs.c
+++ b/lib/curl_ntlm_msgs.c
@ -433,7 +433,7 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
  Curl_ntlm_sspi_cleanup(ntlm);

  /* Query the security package for NTLM */
-  status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT("NTLM"),
+  status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM),
                                              &SecurityPackage);
  if(status != SEC_E_OK)
    return CURLE_NOT_BUILT_IN;
@ -472,7 +472,7 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,

  /* Acquire our credentials handle */
  status = s_pSecFn->AcquireCredentialsHandle(NULL,
-                                              (TCHAR *) TEXT("NTLM"),
+                                              (TCHAR *) TEXT(SP_NAME_NTLM),
                                              SECPKG_CRED_OUTBOUND, NULL,
                                              ntlm->p_identity, NULL, NULL,
                                              ntlm->credentials, &expiry);
--- a/lib/curl_sasl_sspi.c
+++ b/lib/curl_sasl_sspi.c
@ -151,7 +151,7 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,
    return CURLE_BAD_CONTENT_ENCODING;

  /* Query the security package for DigestSSP */
-  status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT("WDigest"),
+  status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST),
                                              &SecurityPackage);
  if(status != SEC_E_OK) {
    Curl_safefree(chlg);
@ -201,7 +201,7 @@ CURLcode Curl_sasl_create_digest_md5_message(struct SessionHandle *data,

  /* Acquire our credentials handle */
  status = s_pSecFn->AcquireCredentialsHandle(NULL,
-                                              (TCHAR *) TEXT("WDigest"),
+                                              (TCHAR *) TEXT(SP_NAME_DIGEST),
                                              SECPKG_CRED_OUTBOUND, NULL,
                                              p_identity, NULL, NULL,
                                              &handle, &expiry);
@ -321,7 +321,8 @@ CURLcode Curl_sasl_create_gssapi_user_message(struct SessionHandle *data,

  if(!krb5->credentials) {
    /* Query the security package for Kerberos */
-    status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT("Kerberos"),
+    status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *)
+                                                TEXT(SP_NAME_KERBEROS),
                                                &SecurityPackage);
    if(status != SEC_E_OK) {
      return CURLE_NOT_BUILT_IN;
@ -364,7 +365,8 @@ CURLcode Curl_sasl_create_gssapi_user_message(struct SessionHandle *data,

    /* Acquire our credentials handle */
    status = s_pSecFn->AcquireCredentialsHandle(NULL,
-                                                (TCHAR *) TEXT("Kerberos"),
+                                                (TCHAR *)
+                                                TEXT(SP_NAME_KERBEROS),
                                                SECPKG_CRED_OUTBOUND, NULL,
                                                krb5->p_identity, NULL, NULL,
                                                krb5->credentials, &expiry);
--- a/lib/curl_sspi.h
+++ b/lib/curl_sspi.h
@ -51,11 +51,14 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
 void Curl_sspi_free_identity(SEC_WINNT_AUTH_IDENTITY *identity);

 /* Forward-declaration of global variables defined in curl_sspi.c */
-
 extern HMODULE s_hSecDll;
 extern PSecurityFunctionTable s_pSecFn;

 /* Provide some definitions missing in old headers */
+#define SP_NAME_DIGEST              "WDigest"
+#define SP_NAME_NTLM                "NTLM"
+#define SP_NAME_NEGOTIATE           "Negotiate"
+#define SP_NAME_KERBEROS            "Kerberos"

 #ifndef SEC_E_INSUFFICIENT_MEMORY
 # define SEC_E_INSUFFICIENT_MEMORY             ((HRESULT)0x80090300L)
--- a/lib/http_negotiate_sspi.c
+++ b/lib/http_negotiate_sspi.c
@ -106,7 +106,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,

  if(!neg_ctx->output_token) {
    PSecPkgInfo SecurityPackage;
-    ret = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT("Negotiate"),
+    ret = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NEGOTIATE),
                                             &SecurityPackage);
    if(ret != SEC_E_OK)
      return -1;
@ -155,7 +155,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
    /* Acquire our credientials handle */
    neg_ctx->status =
      s_pSecFn->AcquireCredentialsHandle(NULL,
-                                         (TCHAR *) TEXT("Negotiate"),
+                                         (TCHAR *) TEXT(SP_NAME_NEGOTIATE),
                                         SECPKG_CRED_OUTBOUND, NULL,
                                         neg_ctx->p_identity, NULL, NULL,
                                         neg_ctx->credentials, &expiry);