curl.h/features: Deprecate GSS-Negotiate macros due to bad naming

- Replace CURLAUTH_GSSNEGOTIATE with CURLAUTH_NEGOTIATE - CURL_VERSION_GSSNEGOTIATE is deprecated which is served by CURL_VERSION_SSPI, CURL_VERSION_GSSAPI and CURUL_VERSION_SPNEGO now. - Remove display of feature 'GSS-Negotiate'
2024-12-21 23:58:49 -05:00 · 2014-07-21 09:53:46 +02:00 · 2014-07-21 09:53:46 +02:00 · e38ba43014
commit e38ba43014
parent 46750c39bd
10 changed files with 40 additions and 39 deletions
--- a/include/curl/curl.h
+++ b/include/curl/curl.h
@ -619,7 +619,8 @@ typedef enum {
 * CURLAUTH_NONE         - No HTTP authentication
 * CURLAUTH_BASIC        - HTTP Basic authentication (default)
 * CURLAUTH_DIGEST       - HTTP Digest authentication
- * CURLAUTH_GSSNEGOTIATE - HTTP GSS-Negotiate authentication
+ * CURLAUTH_NEGOTIATE    - HTTP Negotiate (SPNEGO) authentication
+ * CURLAUTH_GSSNEGOTIATE - Alias for CURLAUTH_NEGOTIATE (deprecated)
 * CURLAUTH_NTLM         - HTTP NTLM authentication
 * CURLAUTH_DIGEST_IE    - HTTP Digest authentication with IE flavour
 * CURLAUTH_NTLM_WB      - HTTP NTLM authentication delegated to winbind helper
@ -632,7 +633,9 @@ typedef enum {
 #define CURLAUTH_NONE         ((unsigned long)0)
 #define CURLAUTH_BASIC        (((unsigned long)1)<<0)
 #define CURLAUTH_DIGEST       (((unsigned long)1)<<1)
-#define CURLAUTH_GSSNEGOTIATE (((unsigned long)1)<<2)
+#define CURLAUTH_NEGOTIATE    (((unsigned long)1)<<2)
+/* Deprecated since the advent of CURLAUTH_NEGOTIATE */
+#define CURLAUTH_GSSNEGOTIATE CURLAUTH_NEGOTIATE
 #define CURLAUTH_NTLM         (((unsigned long)1)<<3)
 #define CURLAUTH_DIGEST_IE    (((unsigned long)1)<<4)
 #define CURLAUTH_NTLM_WB      (((unsigned long)1)<<5)
@ -2231,7 +2234,8 @@ typedef struct {
 #define CURL_VERSION_SSL       (1<<2)  /* SSL options are present */
 #define CURL_VERSION_LIBZ      (1<<3)  /* libz features are present */
 #define CURL_VERSION_NTLM      (1<<4)  /* NTLM auth is supported */
-#define CURL_VERSION_GSSNEGOTIATE (1<<5) /* Negotiate auth support */
+#define CURL_VERSION_GSSNEGOTIATE (1<<5) /* Negotiate auth support
+                                            (deprecated) */
 #define CURL_VERSION_DEBUG     (1<<6)  /* built with debug capabilities */
 #define CURL_VERSION_ASYNCHDNS (1<<7)  /* asynchronous dns resolves */
 #define CURL_VERSION_SPNEGO    (1<<8)  /* SPNEGO auth is supported */
--- a/lib/curl_setup.h
+++ b/lib/curl_setup.h
@ -610,7 +610,7 @@ int netware_init(void);

 #if !defined(CURL_DISABLE_CRYPTO_AUTH) && \
    (defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI))
-#define USE_HTTP_NEGOTIATE
+#define USE_SPNEGO
 #endif

 /* Single point where USE_NTLM definition might be done */
--- a/lib/http.c
+++ b/lib/http.c
@ -328,8 +328,8 @@ static bool pickoneauth(struct auth *pick)

  /* The order of these checks is highly relevant, as this will be the order
     of preference in case of the existence of multiple accepted types. */
-  if(avail & CURLAUTH_GSSNEGOTIATE)
-    pick->picked = CURLAUTH_GSSNEGOTIATE;
+  if(avail & CURLAUTH_NEGOTIATE)
+    pick->picked = CURLAUTH_NEGOTIATE;
  else if(avail & CURLAUTH_DIGEST)
    pick->picked = CURLAUTH_DIGEST;
  else if(avail & CURLAUTH_NTLM)
@ -557,7 +557,7 @@ output_auth_headers(struct connectdata *conn,
  struct SessionHandle *data = conn->data;
  const char *auth=NULL;
  CURLcode result = CURLE_OK;
-#ifdef USE_HTTP_NEGOTIATE
+#ifdef USE_SPNEGO
  struct negotiatedata *negdata = proxy?
    &data->state.proxyneg:&data->state.negotiate;
 #endif
@ -567,9 +567,9 @@ output_auth_headers(struct connectdata *conn,
  (void)path;
 #endif

-#ifdef USE_HTTP_NEGOTIATE
+#ifdef USE_SPNEGO
  negdata->state = GSS_AUTHNONE;
-  if((authstatus->picked == CURLAUTH_GSSNEGOTIATE) &&
+  if((authstatus->picked == CURLAUTH_NEGOTIATE) &&
     negdata->context && !GSS_ERROR(negdata->status)) {
    auth="Negotiate";
    result = Curl_output_negotiate(conn, proxy);
@ -737,7 +737,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
   */
  struct SessionHandle *data = conn->data;

-#ifdef USE_HTTP_NEGOTIATE
+#ifdef USE_SPNEGO
  struct negotiatedata *negdata = proxy?
    &data->state.proxyneg:&data->state.negotiate;
 #endif
@ -771,13 +771,13 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
   */

  while(*auth) {
-#ifdef USE_HTTP_NEGOTIATE
+#ifdef USE_SPNEGO
    if(checkprefix("Negotiate", auth)) {
      int neg;
-      *availp |= CURLAUTH_GSSNEGOTIATE;
-      authp->avail |= CURLAUTH_GSSNEGOTIATE;
+      *availp |= CURLAUTH_NEGOTIATE;
+      authp->avail |= CURLAUTH_NEGOTIATE;

-      if(authp->picked == CURLAUTH_GSSNEGOTIATE) {
+      if(authp->picked == CURLAUTH_NEGOTIATE) {
        if(negdata->state == GSS_AUTHSENT || negdata->state == GSS_AUTHNONE) {
          neg = Curl_input_negotiate(conn, proxy, auth);
          if(neg == 0) {
@ -1440,7 +1440,7 @@ CURLcode Curl_http_done(struct connectdata *conn,

  Curl_unencode_cleanup(conn);

-#ifdef USE_HTTP_NEGOTIATE
+#ifdef USE_SPNEGO
  if(data->state.proxyneg.state == GSS_AUTHSENT ||
      data->state.negotiate.state == GSS_AUTHSENT)
    Curl_cleanup_negotiate(data);
--- a/lib/http_negotiate.h
+++ b/lib/http_negotiate.h
@ -22,7 +22,7 @@
 *
 ***************************************************************************/

-#ifdef USE_HTTP_NEGOTIATE
+#ifdef USE_SPNEGO

 /* this is for Negotiate header input */
 int Curl_input_negotiate(struct connectdata *conn, bool proxy,
@ -37,6 +37,6 @@ void Curl_cleanup_negotiate(struct SessionHandle *data);
 #define GSS_ERROR(status) (status & 0x80000000)
 #endif

-#endif /* USE_HTTP_NEGOTIATE */
+#endif /* USE_SPNEGO */

 #endif /* HEADER_CURL_HTTP_NEGOTIATE_H */
--- a/lib/http_negotiate_sspi.c
+++ b/lib/http_negotiate_sspi.c
@ -24,7 +24,7 @@

 #ifdef USE_WINDOWS_SSPI

-#if !defined(CURL_DISABLE_HTTP) && defined(USE_HTTP_NEGOTIATE)
+#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)

 #include "urldata.h"
 #include "sendf.h"
@ -262,6 +262,6 @@ void Curl_cleanup_negotiate(struct SessionHandle *data)
  cleanup(&data->state.proxyneg);
 }

-#endif /* !CURL_DISABLE_HTTP && USE_HTTP_NEGOTIATE */
+#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */

 #endif /* USE_WINDOWS_SSPI */
--- a/lib/url.c
+++ b/lib/url.c
@ -1267,9 +1267,9 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
 #elif !defined(NTLM_WB_ENABLED)
    auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */
 #endif
-#ifndef USE_HTTP_NEGOTIATE
-    auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
-                                       WINDOWS_SSPI */
+#ifndef USE_SPNEGO
+    auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without
+                                    GSS-API or SSPI */
 #endif

    /* check if any auth bit lower than CURLAUTH_ONLY is still set */
@ -1355,9 +1355,9 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
 #elif !defined(NTLM_WB_ENABLED)
    auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */
 #endif
-#ifndef USE_HTTP_NEGOTIATE
-    auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or
-                                       WINDOWS_SSPI */
+#ifndef USE_SPNEGO
+    auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without
+                                    GSS-API or SSPI */
 #endif

    /* check if any auth bit lower than CURLAUTH_ONLY is still set */
--- a/lib/urldata.h
+++ b/lib/urldata.h
@ -444,7 +444,7 @@ struct ntlmdata {
 #endif
 };

-#ifdef USE_HTTP_NEGOTIATE
+#ifdef USE_SPNEGO
 struct negotiatedata {
  /* When doing Negotiate (SPNEGO) auth, we first need to send a token
     and then validate the received one. */
@ -1245,7 +1245,7 @@ struct UrlState {
  struct digestdata digest;      /* state data for host Digest auth */
  struct digestdata proxydigest; /* state data for proxy Digest auth */

-#ifdef USE_HTTP_NEGOTIATE
+#ifdef USE_SPNEGO
  struct negotiatedata negotiate; /* state data for host Negotiate auth */
  struct negotiatedata proxyneg; /* state data for proxy Negotiate auth */
 #endif
--- a/lib/version.c
+++ b/lib/version.c
@ -262,9 +262,6 @@ static curl_version_info_data version_info = {
 #ifdef HAVE_LIBZ
  | CURL_VERSION_LIBZ
 #endif
-#ifdef USE_HTTP_NEGOTIATE
-  | CURL_VERSION_GSSNEGOTIATE
-#endif
 #ifdef DEBUGBUILD
  | CURL_VERSION_DEBUG
 #endif
--- a/src/tool_getparam.c
+++ b/src/tool_getparam.c
@ -597,13 +597,13 @@ ParameterError getparameter(char *flag,    /* f or -long-flag */

      case 'l': /* --negotiate */
        if(toggle) {
-          if(curlinfo->features & CURL_VERSION_GSSNEGOTIATE)
-            config->authtype |= CURLAUTH_GSSNEGOTIATE;
+          if(curlinfo->features & CURL_VERSION_SPNEGO)
+            config->authtype |= CURLAUTH_NEGOTIATE;
          else
            return PARAM_LIBCURL_DOESNT_SUPPORT;
        }
        else
-          config->authtype &= ~CURLAUTH_GSSNEGOTIATE;
+          config->authtype &= ~CURLAUTH_NEGOTIATE;
        break;

      case 'm': /* --ntlm */
@ -697,8 +697,7 @@ ParameterError getparameter(char *flag,    /* f or -long-flag */
        break;
      case 'x': /* --krb */
        /* kerberos level string */
-        if(curlinfo->features & (CURL_VERSION_KERBEROS4 |
-                                 CURL_VERSION_GSSNEGOTIATE))
+        if(curlinfo->features & CURL_VERSION_KERBEROS4)
          GetStr(&config->krblevel, nextarg);
        else
          return PARAM_LIBCURL_DOESNT_SUPPORT;
@ -798,11 +797,12 @@ ParameterError getparameter(char *flag,    /* f or -long-flag */
        break;

      case 'k': /* --proxy-negotiate */
-        if(curlinfo->features & CURL_VERSION_GSSNEGOTIATE)
+        if(curlinfo->features & CURL_VERSION_SPNEGO)
          config->proxynegotiate = toggle;
        else
          return PARAM_LIBCURL_DOESNT_SUPPORT;
        break;
+
      case 'm': /* --ftp-account */
        GetStr(&config->ftp_account, nextarg);
        break;
--- a/src/tool_help.c
+++ b/src/tool_help.c
@ -135,7 +135,7 @@ static const char *const helptext[] = {
  "     --max-redirs NUM  Maximum number of redirects allowed (H)",
  " -m, --max-time SECONDS  Maximum time allowed for the transfer",
  "     --metalink      Process given URLs as metalink XML file",
-  "     --negotiate     Use HTTP Negotiate Authentication (H)",
+  "     --negotiate     Use HTTP Negotiate (SPNEGO) authentication (H)",
  " -n, --netrc         Must read .netrc for user name and password",
  "     --netrc-optional Use either .netrc or URL; overrides -n",
  "     --netrc-file FILE  Set up the netrc filename to use",
@ -165,7 +165,8 @@ static const char *const helptext[] = {
  "     --proxy-anyauth Pick \"any\" proxy authentication method (H)",
  "     --proxy-basic   Use Basic authentication on the proxy (H)",
  "     --proxy-digest  Use Digest authentication on the proxy (H)",
-  "     --proxy-negotiate Use Negotiate authentication on the proxy (H)",
+  "     --proxy-negotiate "
+  "Use HTTP Negotiate (SPNEGO) authentication on the proxy (H)",
  "     --proxy-ntlm    Use NTLM authentication on the proxy (H)",
  " -U, --proxy-user USER[:PASSWORD]  Proxy user and password",
  "     --proxy1.0 HOST[:PORT]  Use HTTP/1.0 proxy on given port",
@ -258,7 +259,6 @@ static const struct feat feats[] = {
  {"AsynchDNS",      CURL_VERSION_ASYNCHDNS},
  {"Debug",          CURL_VERSION_DEBUG},
  {"TrackMemory",    CURL_VERSION_CURLDEBUG},
-  {"GSS-Negotiate",  CURL_VERSION_GSSNEGOTIATE},
  {"IDN",            CURL_VERSION_IDN},
  {"IPv6",           CURL_VERSION_IPV6},
  {"Largefile",      CURL_VERSION_LARGEFILE},