moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2025-01-09 13:08:00 -05:00
Code Issues Releases Wiki Activity

config: fix SSPI enabling NTLM if crypto auth is disabled

Browse Source 
Avoid enabling NTLM feature based upon Windows SSPI
being enabled in case that crypto auth is disabled.

Reported-by: Marcel Raad

Follow-up to #6277
Fixes #6803
Closes #6808
This commit is contained in:
Marc Hoersken 2021-03-28 20:46:54 +02:00 committed by Daniel Stenberg
parent ce2d5fb7fa
commit d6fba0ca06
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
2 changed files with 19 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CMakeLists.txt
View File

@ -1377,9 +1377,11 @@ _add_if("Kerberos" NOT CURL_DISABLE_CRYPTO_AUTH AND
(HAVE_GSSAPI OR USE_WINDOWS_SSPI))
# NTLM support requires crypto function adaptions from various SSL libs
# TODO alternative SSL libs tests for SSP1, GNUTLS, NSS
_add_if("NTLM" (use_curl_ntlm_core OR USE_WINDOWS_SSPI))
_add_if("NTLM" NOT CURL_DISABLE_CRYPTO_AUTH AND
(use_curl_ntlm_core OR USE_WINDOWS_SSPI))
# TODO missing option (autoconf: --enable-ntlm-wb)
_add_if("NTLM_WB" (use_curl_ntlm_core OR USE_WINDOWS_SSPI) AND
_add_if("NTLM_WB" NOT CURL_DISABLE_CRYPTO_AUTH AND
(use_curl_ntlm_core OR USE_WINDOWS_SSPI) AND
NOT CURL_DISABLE_HTTP AND NTLM_WB_ENABLED)
# TODO missing option (--enable-tls-srp), depends on GNUTLS_SRP/OPENSSL_SRP
_add_if("TLS-SRP" USE_TLS_SRP)

28
configure.ac
View File

@ -5225,23 +5225,25 @@ if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" -a \
SUPPORT_FEATURES="$SUPPORT_FEATURES Kerberos"
fi
if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1" -a \
\( "x$OPENSSL_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \
use_curl_ntlm_core=no
if test "x$CURL_DISABLE_CRYPTO_AUTH" != "x1"; then
if test "x$OPENSSL_ENABLED" = "x1" -o "x$MBEDTLS_ENABLED" = "x1" \
-o "x$GNUTLS_ENABLED" = "x1" -o "x$NSS_ENABLED" = "x1" \
-o "x$SECURETRANSPORT_ENABLED" = "x1" \
-o "x$USE_WIN32_CRYPTO" = "x1" \
-o "x$WOLFSSL_NTLM" = "x1" \); then
use_curl_ntlm_core=yes
else
use_curl_ntlm_core=no
fi
if test "x$use_curl_ntlm_core" = "xyes" \
-o "x$USE_WINDOWS_SSPI" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
-o "x$WOLFSSL_NTLM" = "x1"; then
use_curl_ntlm_core=yes
fi
if test "x$CURL_DISABLE_HTTP" != "x1" -a \
"x$NTLM_WB_ENABLED" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM_WB"
if test "x$use_curl_ntlm_core" = "xyes" \
-o "x$USE_WINDOWS_SSPI" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM"
if test "x$CURL_DISABLE_HTTP" != "x1" -a \
"x$NTLM_WB_ENABLED" = "x1"; then
SUPPORT_FEATURES="$SUPPORT_FEATURES NTLM_WB"
fi
fi
fi