mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 15:48:49 -05:00
unicode NTLM SSPI: cleanup
Reduce the number of #ifdef UNICODE directives used in source files.
This commit is contained in:
parent
1b27bb446f
commit
e77d867068
@ -1,5 +1,5 @@
|
||||
#ifndef __LIB_CONFIG_WIN32CE_H
|
||||
#define __LIB_CONFIG_WIN32CE_H
|
||||
#ifndef HEADER_CURL_CONFIG_WIN32CE_H
|
||||
#define HEADER_CURL_CONFIG_WIN32CE_H
|
||||
/***************************************************************************
|
||||
* _ _ ____ _
|
||||
* Project ___| | | | _ \| |
|
||||
@ -427,6 +427,14 @@
|
||||
/* WinCE */
|
||||
/* ---------------------------------------------------------------- */
|
||||
|
||||
#ifndef UNICODE
|
||||
# define UNICODE
|
||||
#endif
|
||||
|
||||
#ifndef _UNICODE
|
||||
# define _UNICODE
|
||||
#endif
|
||||
|
||||
#define CURL_DISABLE_FILE 1
|
||||
#define CURL_DISABLE_TELNET 1
|
||||
#define CURL_DISABLE_LDAP 1
|
||||
@ -437,4 +445,4 @@
|
||||
|
||||
extern int stat(const char *path,struct stat *buffer );
|
||||
|
||||
#endif /* __LIB_CONFIG_WIN32CE_H */
|
||||
#endif /* HEADER_CURL_CONFIG_WIN32CE_H */
|
||||
|
@ -22,8 +22,7 @@
|
||||
|
||||
#include "setup.h"
|
||||
|
||||
#if defined(USE_WIN32_IDN) || \
|
||||
(defined(USE_WINDOWS_SSPI) && (defined(_WIN32_WCE) || defined(UNICODE)))
|
||||
#if defined(USE_WIN32_IDN) || (defined(USE_WINDOWS_SSPI) && defined(UNICODE))
|
||||
|
||||
/*
|
||||
* MultiByte conversions using Windows kernel32 library.
|
||||
@ -45,13 +44,12 @@ wchar_t *Curl_convert_UTF8_to_wchar(const char *str_utf8)
|
||||
if(str_utf8) {
|
||||
int str_w_len = MultiByteToWideChar(CP_UTF8, MB_ERR_INVALID_CHARS,
|
||||
str_utf8, -1, NULL, 0);
|
||||
if(str_w_len) {
|
||||
if(str_w_len > 0) {
|
||||
str_w = malloc(str_w_len * sizeof(wchar_t));
|
||||
if(str_w) {
|
||||
if(MultiByteToWideChar(CP_UTF8, 0, str_utf8, -1, str_w,
|
||||
str_w_len) == 0) {
|
||||
free(str_w);
|
||||
str_w = NULL;
|
||||
Curl_safefree(str_w);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -60,30 +58,25 @@ wchar_t *Curl_convert_UTF8_to_wchar(const char *str_utf8)
|
||||
return str_w;
|
||||
}
|
||||
|
||||
const char *Curl_convert_wchar_to_UTF8(const wchar_t *str_w)
|
||||
char *Curl_convert_wchar_to_UTF8(const wchar_t *str_w)
|
||||
{
|
||||
char *str_utf8 = NULL;
|
||||
|
||||
if(str_w) {
|
||||
size_t str_utf8_len = WideCharToMultiByte(CP_UTF8, 0, str_w, -1, NULL,
|
||||
0, NULL, NULL);
|
||||
if(str_utf8_len) {
|
||||
int str_utf8_len = WideCharToMultiByte(CP_UTF8, 0, str_w, -1, NULL,
|
||||
0, NULL, NULL);
|
||||
if(str_utf8_len > 0) {
|
||||
str_utf8 = malloc(str_utf8_len * sizeof(wchar_t));
|
||||
if(str_utf8) {
|
||||
if(WideCharToMultiByte(CP_UTF8, 0, str_w, -1, str_utf8, str_utf8_len,
|
||||
NULL, FALSE) == 0) {
|
||||
(void) GetLastError();
|
||||
free((void *)str_utf8);
|
||||
str_utf8 = NULL;
|
||||
Curl_safefree(str_utf8);
|
||||
}
|
||||
}
|
||||
}
|
||||
else {
|
||||
(void) GetLastError();
|
||||
}
|
||||
}
|
||||
|
||||
return str_utf8;
|
||||
}
|
||||
|
||||
#endif /* USE_WIN32_IDN || (USE_WINDOWS_SSPI && (_WIN32_WCE || UNICODE)) */
|
||||
#endif /* USE_WIN32_IDN || (USE_WINDOWS_SSPI && UNICODE) */
|
||||
|
@ -23,18 +23,68 @@
|
||||
***************************************************************************/
|
||||
#include "setup.h"
|
||||
|
||||
#if defined(USE_WIN32_IDN) || \
|
||||
(defined(USE_WINDOWS_SSPI) && (defined(_WIN32_WCE) || defined(UNICODE)))
|
||||
#if defined(USE_WIN32_IDN) || (defined(USE_WINDOWS_SSPI) && defined(UNICODE))
|
||||
|
||||
/*
|
||||
* MultiByte conversions using Windows kernel32 library.
|
||||
*/
|
||||
|
||||
#include <tchar.h>
|
||||
|
||||
wchar_t *Curl_convert_UTF8_to_wchar(const char *str_utf8);
|
||||
const char *Curl_convert_wchar_to_UTF8(const wchar_t *str_w);
|
||||
char *Curl_convert_wchar_to_UTF8(const wchar_t *str_w);
|
||||
|
||||
#endif /* USE_WIN32_IDN || (USE_WINDOWS_SSPI && (_WIN32_WCE || UNICODE)) */
|
||||
#endif /* USE_WIN32_IDN || (USE_WINDOWS_SSPI && UNICODE) */
|
||||
|
||||
|
||||
#if defined(USE_WIN32_IDN) || defined(USE_WINDOWS_SSPI)
|
||||
|
||||
/*
|
||||
* Macros Curl_convert_UTF8_to_tchar(), Curl_convert_tchar_to_UTF8()
|
||||
* and Curl_unicodefree() main purpose is to minimize the number of
|
||||
* preprocessor conditional directives needed by code using these
|
||||
* to differentiate UNICODE from non-UNICODE builds.
|
||||
*
|
||||
* When building with UNICODE defined, this two macros
|
||||
* Curl_convert_UTF8_to_tchar() and Curl_convert_tchar_to_UTF8()
|
||||
* return a pointer to a newly allocated memory area holding result.
|
||||
* When the result is no longer needed, allocated memory is intended
|
||||
* to be free'ed with Curl_unicodefree().
|
||||
*
|
||||
* When building without UNICODE defined, this macros
|
||||
* Curl_convert_UTF8_to_tchar() and Curl_convert_tchar_to_UTF8()
|
||||
* return the pointer received as argument. Curl_unicodefree() does
|
||||
* no actual free'ing of this pointer it is simply set to NULL.
|
||||
*/
|
||||
|
||||
#ifdef UNICODE
|
||||
|
||||
#define Curl_convert_UTF8_to_tchar(ptr) Curl_convert_UTF8_to_wchar((ptr))
|
||||
#define Curl_convert_tchar_to_UTF8(ptr) Curl_convert_wchar_to_UTF8((ptr))
|
||||
#define Curl_unicodefree(ptr) \
|
||||
do {if((ptr)) {free((ptr)); (ptr) = NULL;}} WHILE_FALSE
|
||||
|
||||
typedef union {
|
||||
unsigned short *tchar_ptr;
|
||||
const unsigned short *const_tchar_ptr;
|
||||
unsigned short *tbyte_ptr;
|
||||
const unsigned short *const_tbyte_ptr;
|
||||
} xcharp_u;
|
||||
|
||||
#else
|
||||
|
||||
#define Curl_convert_UTF8_to_tchar(ptr) (ptr)
|
||||
#define Curl_convert_tchar_to_UTF8(ptr) (ptr)
|
||||
#define Curl_unicodefree(ptr) \
|
||||
do {(ptr) = NULL;} WHILE_FALSE
|
||||
|
||||
typedef union {
|
||||
char *tchar_ptr;
|
||||
const char *const_tchar_ptr;
|
||||
unsigned char *tbyte_ptr;
|
||||
const unsigned char *const_tbyte_ptr;
|
||||
} xcharp_u;
|
||||
|
||||
#endif /* UNICODE */
|
||||
|
||||
#endif /* USE_WIN32_IDN || USE_WINDOWS_SSPI */
|
||||
|
||||
#endif /* HEADER_CURL_MULTIBYTE_H */
|
||||
|
@ -33,10 +33,6 @@
|
||||
|
||||
#define DEBUG_ME 0
|
||||
|
||||
#ifdef USE_WINDOWS_SSPI
|
||||
# include <tchar.h>
|
||||
#endif
|
||||
|
||||
#include "urldata.h"
|
||||
#include "non-ascii.h"
|
||||
#include "sendf.h"
|
||||
@ -44,6 +40,7 @@
|
||||
#include "curl_ntlm_core.h"
|
||||
#include "curl_gethostname.h"
|
||||
#include "curl_multibyte.h"
|
||||
#include "warnless.h"
|
||||
#include "curl_memory.h"
|
||||
|
||||
#ifdef USE_WINDOWS_SSPI
|
||||
@ -242,7 +239,7 @@ CURLcode Curl_ntlm_decode_type2_message(struct SessionHandle *data,
|
||||
free(buffer);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
ntlm->n_type_2 = (unsigned long)size;
|
||||
ntlm->n_type_2 = curlx_uztoul(size);
|
||||
memcpy(ntlm->type_2, buffer, size);
|
||||
#else
|
||||
ntlm->flags = 0;
|
||||
@ -276,19 +273,16 @@ CURLcode Curl_ntlm_decode_type2_message(struct SessionHandle *data,
|
||||
#ifdef USE_WINDOWS_SSPI
|
||||
void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm)
|
||||
{
|
||||
if(ntlm->type_2) {
|
||||
free(ntlm->type_2);
|
||||
ntlm->type_2 = NULL;
|
||||
}
|
||||
Curl_safefree(ntlm->type_2);
|
||||
if(ntlm->has_handles) {
|
||||
s_pSecFn->DeleteSecurityContext(&ntlm->c_handle);
|
||||
s_pSecFn->FreeCredentialsHandle(&ntlm->handle);
|
||||
ntlm->has_handles = 0;
|
||||
}
|
||||
if(ntlm->p_identity) {
|
||||
if(ntlm->identity.User) free(ntlm->identity.User);
|
||||
if(ntlm->identity.Password) free(ntlm->identity.Password);
|
||||
if(ntlm->identity.Domain) free(ntlm->identity.Domain);
|
||||
Curl_safefree(ntlm->identity.User);
|
||||
Curl_safefree(ntlm->identity.Password);
|
||||
Curl_safefree(ntlm->identity.Domain);
|
||||
ntlm->p_identity = NULL;
|
||||
}
|
||||
}
|
||||
@ -355,87 +349,83 @@ CURLcode Curl_ntlm_create_type1_message(const char *userp,
|
||||
SecBufferDesc desc;
|
||||
SECURITY_STATUS status;
|
||||
unsigned long attrs;
|
||||
const TCHAR *useranddomain;
|
||||
const TCHAR *user;
|
||||
const TCHAR *domain = TEXT("");
|
||||
xcharp_u useranddomain;
|
||||
xcharp_u user, dup_user;
|
||||
xcharp_u domain, dup_domain;
|
||||
xcharp_u passwd, dup_passwd;
|
||||
size_t domlen = 0;
|
||||
TimeStamp tsDummy; /* For Windows 9x compatibility of SSPI calls */
|
||||
|
||||
domain.const_tchar_ptr = TEXT("");
|
||||
|
||||
Curl_ntlm_sspi_cleanup(ntlm);
|
||||
|
||||
if(userp && *userp) {
|
||||
#ifdef UNICODE
|
||||
useranddomain = Curl_convert_UTF8_to_wchar(userp);
|
||||
if(useranddomain == NULL)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
#else
|
||||
useranddomain = userp;
|
||||
#endif
|
||||
|
||||
user = _tcschr(useranddomain, TEXT('\\'));
|
||||
if(!user)
|
||||
user = _tcschr(useranddomain, TEXT('/'));
|
||||
|
||||
if(user) {
|
||||
domain = useranddomain;
|
||||
domlen = user - useranddomain;
|
||||
user++;
|
||||
}
|
||||
else {
|
||||
user = useranddomain;
|
||||
domain = TEXT("");
|
||||
domlen = 0;
|
||||
}
|
||||
|
||||
/* note: initialize all of this before doing the mallocs so that
|
||||
* it can be cleaned up later without leaking memory.
|
||||
*/
|
||||
/* null initialize ntlm identity's data to allow proper cleanup */
|
||||
ntlm->p_identity = &ntlm->identity;
|
||||
memset(ntlm->p_identity, 0, sizeof(*ntlm->p_identity));
|
||||
|
||||
#ifdef UNICODE
|
||||
if((ntlm->identity.User = (unsigned short *)_wcsdup(user)) == NULL) {
|
||||
free((void *)useranddomain);
|
||||
useranddomain.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)userp);
|
||||
if(!useranddomain.tchar_ptr)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('\\'));
|
||||
if(!user.const_tchar_ptr)
|
||||
user.const_tchar_ptr = _tcschr(useranddomain.const_tchar_ptr, TEXT('/'));
|
||||
|
||||
if(user.tchar_ptr) {
|
||||
domain.tchar_ptr = useranddomain.tchar_ptr;
|
||||
domlen = user.tchar_ptr - useranddomain.tchar_ptr;
|
||||
user.tchar_ptr++;
|
||||
}
|
||||
else {
|
||||
user.tchar_ptr = useranddomain.tchar_ptr;
|
||||
domain.const_tchar_ptr = TEXT("");
|
||||
domlen = 0;
|
||||
}
|
||||
|
||||
/* setup ntlm identity's user and length */
|
||||
dup_user.tchar_ptr = _tcsdup(user.tchar_ptr);
|
||||
if(!dup_user.tchar_ptr) {
|
||||
Curl_unicodefree(useranddomain.tchar_ptr);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
#else
|
||||
if((ntlm->identity.User = (unsigned char *)strdup(user)) == NULL)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
#endif
|
||||
ntlm->identity.UserLength = (unsigned long)_tcslen(user);
|
||||
ntlm->identity.User = dup_user.tbyte_ptr;
|
||||
ntlm->identity.UserLength = curlx_uztoul(_tcslen(dup_user.tchar_ptr));
|
||||
dup_user.tchar_ptr = NULL;
|
||||
|
||||
ntlm->identity.Domain = malloc(sizeof(TCHAR) * (domlen + 1));
|
||||
if(ntlm->identity.Domain == NULL) {
|
||||
#ifdef UNICODE
|
||||
free((void *)useranddomain);
|
||||
#endif
|
||||
/* setup ntlm identity's domain and length */
|
||||
dup_domain.tchar_ptr = malloc(sizeof(TCHAR) * (domlen + 1));
|
||||
if(!dup_domain.tchar_ptr) {
|
||||
Curl_unicodefree(useranddomain.tchar_ptr);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
_tcsncpy((TCHAR *)ntlm->identity.Domain, domain, domlen);
|
||||
ntlm->identity.Domain[domlen] = TEXT('\0');
|
||||
ntlm->identity.DomainLength = (unsigned long)domlen;
|
||||
_tcsncpy(dup_domain.tchar_ptr, domain.tchar_ptr, domlen);
|
||||
*(dup_domain.tchar_ptr + domlen) = TEXT('\0');
|
||||
ntlm->identity.Domain = dup_domain.tbyte_ptr;
|
||||
ntlm->identity.DomainLength = curlx_uztoul(domlen);
|
||||
dup_domain.tchar_ptr = NULL;
|
||||
|
||||
#ifdef UNICODE
|
||||
free((void *)useranddomain);
|
||||
#endif
|
||||
Curl_unicodefree(useranddomain.tchar_ptr);
|
||||
|
||||
#ifdef UNICODE
|
||||
ntlm->identity.Password = (unsigned short *)
|
||||
Curl_convert_UTF8_to_wchar(passwdp);
|
||||
if(ntlm->identity.Password == NULL)
|
||||
/* setup ntlm identity's password and length */
|
||||
passwd.tchar_ptr = Curl_convert_UTF8_to_tchar((char *)passwdp);
|
||||
if(!passwd.tchar_ptr)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
#else
|
||||
if((ntlm->identity.Password = (unsigned char *)strdup(passwdp)) == NULL)
|
||||
dup_passwd.tchar_ptr = _tcsdup(passwd.tchar_ptr);
|
||||
if(!dup_passwd.tchar_ptr) {
|
||||
Curl_unicodefree(passwd.tchar_ptr);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
#endif
|
||||
ntlm->identity.PasswordLength =
|
||||
(unsigned long)_tcslen((TCHAR *)ntlm->identity.Password);
|
||||
}
|
||||
ntlm->identity.Password = dup_passwd.tbyte_ptr;
|
||||
ntlm->identity.PasswordLength = curlx_uztoul(_tcslen(dup_passwd.tchar_ptr));
|
||||
dup_passwd.tchar_ptr = NULL;
|
||||
|
||||
#ifdef UNICODE
|
||||
ntlm->identity.Flags = SEC_WINNT_AUTH_IDENTITY_UNICODE;
|
||||
#else
|
||||
ntlm->identity.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;
|
||||
#endif
|
||||
Curl_unicodefree(passwd.tchar_ptr);
|
||||
|
||||
/* setup ntlm identity's flags */
|
||||
ntlm->identity.Flags = SECFLAG_WINNT_AUTH_IDENTITY;
|
||||
}
|
||||
else
|
||||
ntlm->p_identity = NULL;
|
||||
|
@ -7,7 +7,7 @@
|
||||
* | (__| |_| | _ <| |___
|
||||
* \___|\___/|_| \_\_____|
|
||||
*
|
||||
* Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
* Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
|
||||
*
|
||||
* This software is licensed as described in the file COPYING, which
|
||||
* you should have received as part of this distribution. The terms
|
||||
@ -163,6 +163,14 @@ void Curl_ntlm_sspi_cleanup(struct ntlmdata *ntlm);
|
||||
#define NTLMFLAG_NEGOTIATE_56 (1<<31)
|
||||
/* Indicates that 56-bit encryption is supported. */
|
||||
|
||||
#ifdef UNICODE
|
||||
# define SECFLAG_WINNT_AUTH_IDENTITY \
|
||||
(unsigned long)SEC_WINNT_AUTH_IDENTITY_UNICODE
|
||||
#else
|
||||
# define SECFLAG_WINNT_AUTH_IDENTITY \
|
||||
(unsigned long)SEC_WINNT_AUTH_IDENTITY_ANSI
|
||||
#endif
|
||||
|
||||
#endif /* BUILDING_CURL_NTLM_MSGS_C */
|
||||
|
||||
#endif /* USE_NTLM */
|
||||
|
@ -189,7 +189,7 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
|
||||
memset(connssl->cred, 0, sizeof(struct curl_schannel_cred));
|
||||
|
||||
/* http://msdn.microsoft.com/en-us/library/windows/desktop/aa374716.aspx */
|
||||
sspi_status = s_pSecFn->AcquireCredentialsHandle(NULL, (void *)UNISP_NAME,
|
||||
sspi_status = s_pSecFn->AcquireCredentialsHandle(NULL, (TCHAR *)UNISP_NAME,
|
||||
SECPKG_CRED_OUTBOUND, NULL, &schannel_cred, NULL, NULL,
|
||||
&connssl->cred->cred_handle, &connssl->cred->time_stamp);
|
||||
|
||||
@ -222,13 +222,9 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
|
||||
}
|
||||
memset(connssl->ctxt, 0, sizeof(struct curl_schannel_ctxt));
|
||||
|
||||
#ifdef UNICODE
|
||||
host_name = Curl_convert_UTF8_to_wchar(conn->host.name);
|
||||
host_name = Curl_convert_UTF8_to_tchar(conn->host.name);
|
||||
if(!host_name)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
#else
|
||||
host_name = conn->host.name;
|
||||
#endif
|
||||
|
||||
/* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx */
|
||||
|
||||
@ -237,9 +233,7 @@ schannel_connect_step1(struct connectdata *conn, int sockindex)
|
||||
connssl->req_flags, 0, 0, NULL, 0, &connssl->ctxt->ctxt_handle,
|
||||
&outbuf_desc, &connssl->ret_flags, &connssl->ctxt->time_stamp);
|
||||
|
||||
#ifdef UNICODE
|
||||
Curl_safefree(host_name);
|
||||
#endif
|
||||
Curl_unicodefree(host_name);
|
||||
|
||||
if(sspi_status != SEC_I_CONTINUE_NEEDED) {
|
||||
if(sspi_status == SEC_E_WRONG_PRINCIPAL)
|
||||
@ -372,13 +366,9 @@ schannel_connect_step2(struct connectdata *conn, int sockindex)
|
||||
memcpy(inbuf[0].pvBuffer, connssl->encdata_buffer,
|
||||
connssl->encdata_offset);
|
||||
|
||||
#ifdef UNICODE
|
||||
host_name = Curl_convert_UTF8_to_wchar(conn->host.name);
|
||||
host_name = Curl_convert_UTF8_to_tchar(conn->host.name);
|
||||
if(!host_name)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
#else
|
||||
host_name = conn->host.name;
|
||||
#endif
|
||||
|
||||
/* http://msdn.microsoft.com/en-us/library/windows/desktop/aa375924.aspx */
|
||||
|
||||
@ -387,9 +377,7 @@ schannel_connect_step2(struct connectdata *conn, int sockindex)
|
||||
host_name, connssl->req_flags, 0, 0, &inbuf_desc, 0, NULL,
|
||||
&outbuf_desc, &connssl->ret_flags, &connssl->ctxt->time_stamp);
|
||||
|
||||
#ifdef UNICODE
|
||||
Curl_safefree(host_name);
|
||||
#endif
|
||||
Curl_unicodefree(host_name);
|
||||
|
||||
/* free buffer for received handshake data */
|
||||
Curl_safefree(inbuf[0].pvBuffer);
|
||||
@ -1095,13 +1083,9 @@ int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
|
||||
failf(data, "schannel: ApplyControlToken failure: %s",
|
||||
Curl_sspi_strerror(conn, sspi_status));
|
||||
|
||||
#ifdef UNICODE
|
||||
host_name = Curl_convert_UTF8_to_wchar(conn->host.name);
|
||||
host_name = Curl_convert_UTF8_to_tchar(conn->host.name);
|
||||
if(!host_name)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
#else
|
||||
host_name = conn->host.name;
|
||||
#endif
|
||||
|
||||
/* setup output buffer */
|
||||
InitSecBuffer(&outbuf, SECBUFFER_EMPTY, NULL, 0);
|
||||
@ -1121,9 +1105,7 @@ int Curl_schannel_shutdown(struct connectdata *conn, int sockindex)
|
||||
&connssl->ret_flags,
|
||||
&connssl->ctxt->time_stamp);
|
||||
|
||||
#ifdef UNICODE
|
||||
Curl_safefree(host_name);
|
||||
#endif
|
||||
Curl_unicodefree(host_name);
|
||||
|
||||
if((sspi_status == SEC_E_OK) || (sspi_status == SEC_I_CONTEXT_EXPIRED)) {
|
||||
/* send close message which is in output buffer */
|
||||
@ -1230,7 +1212,7 @@ static CURLcode verify_certificate(struct connectdata *conn, int sockindex)
|
||||
|
||||
if(result == CURLE_OK) {
|
||||
CERT_SIMPLE_CHAIN *pSimpleChain = pChainContext->rgpChain[0];
|
||||
DWORD dwTrustErrorMask = ~(CERT_TRUST_IS_NOT_TIME_NESTED|
|
||||
DWORD dwTrustErrorMask = ~(DWORD)(CERT_TRUST_IS_NOT_TIME_NESTED|
|
||||
CERT_TRUST_REVOCATION_STATUS_UNKNOWN);
|
||||
dwTrustErrorMask &= pSimpleChain->TrustStatus.dwErrorStatus;
|
||||
if(dwTrustErrorMask) {
|
||||
@ -1255,34 +1237,41 @@ static CURLcode verify_certificate(struct connectdata *conn, int sockindex)
|
||||
infof(data, "warning: ignoring unsupported value (1) ssl.verifyhost\n");
|
||||
}
|
||||
else if(data->set.ssl.verifyhost == 2) {
|
||||
WCHAR cert_hostname[128];
|
||||
WCHAR *hostname = Curl_convert_UTF8_to_wchar(conn->host.name);
|
||||
TCHAR cert_hostname_buff[128];
|
||||
xcharp_u hostname;
|
||||
xcharp_u cert_hostname;
|
||||
DWORD len;
|
||||
|
||||
len = CertGetNameStringW(pCertContextServer,
|
||||
CERT_NAME_DNS_TYPE,
|
||||
0,
|
||||
NULL,
|
||||
cert_hostname,
|
||||
128);
|
||||
if(len > 0 && cert_hostname[0] == '*') {
|
||||
cert_hostname.const_tchar_ptr = cert_hostname_buff;
|
||||
hostname.tchar_ptr = Curl_convert_UTF8_to_tchar(conn->host.name);
|
||||
|
||||
len = CertGetNameString(pCertContextServer,
|
||||
CERT_NAME_DNS_TYPE,
|
||||
0,
|
||||
NULL,
|
||||
cert_hostname.tchar_ptr,
|
||||
128);
|
||||
if(len > 0 && *cert_hostname.tchar_ptr == '*') {
|
||||
/* this is a wildcard cert. try matching the last len - 1 chars */
|
||||
int hostname_len = strlen(conn->host.name);
|
||||
if(wcsicmp(cert_hostname + 1, hostname + hostname_len - len + 2) != 0)
|
||||
cert_hostname.tchar_ptr++;
|
||||
if(_tcsicmp(cert_hostname.const_tchar_ptr,
|
||||
hostname.const_tchar_ptr + hostname_len - len + 2) != 0)
|
||||
result = CURLE_PEER_FAILED_VERIFICATION;
|
||||
}
|
||||
else if(len == 0 || wcsicmp(hostname, cert_hostname) != 0) {
|
||||
else if(len == 0 || _tcsicmp(hostname.const_tchar_ptr,
|
||||
cert_hostname.const_tchar_ptr) != 0) {
|
||||
result = CURLE_PEER_FAILED_VERIFICATION;
|
||||
}
|
||||
if(result == CURLE_PEER_FAILED_VERIFICATION) {
|
||||
const char *_cert_hostname;
|
||||
_cert_hostname = Curl_convert_wchar_to_UTF8(cert_hostname);
|
||||
char *_cert_hostname;
|
||||
_cert_hostname = Curl_convert_tchar_to_UTF8(cert_hostname.tchar_ptr);
|
||||
failf(data, "schannel: CertGetNameString() certificate hostname "
|
||||
"(%s) did not match connection (%s)",
|
||||
_cert_hostname, conn->host.name);
|
||||
Curl_safefree((void *)_cert_hostname);
|
||||
Curl_safefree(_cert_hostname);
|
||||
}
|
||||
Curl_safefree(hostname);
|
||||
Curl_unicodefree(hostname.tchar_ptr);
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -207,13 +207,9 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
|
||||
in_sec_buff.pvBuffer = input_token;
|
||||
}
|
||||
|
||||
#ifdef UNICODE
|
||||
sname = Curl_convert_UTF8_to_wchar(neg_ctx->server_name);
|
||||
sname = Curl_convert_UTF8_to_tchar(neg_ctx->server_name);
|
||||
if(!sname)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
#else
|
||||
sname = neg_ctx->server_name;
|
||||
#endif
|
||||
|
||||
neg_ctx->status = s_pSecFn->InitializeSecurityContext(
|
||||
neg_ctx->credentials,
|
||||
@ -229,9 +225,7 @@ int Curl_input_negotiate(struct connectdata *conn, bool proxy,
|
||||
&context_attributes,
|
||||
&lifetime);
|
||||
|
||||
#ifdef UNICODE
|
||||
free(sname);
|
||||
#endif
|
||||
Curl_unicodefree(sname);
|
||||
|
||||
if(GSS_ERROR(neg_ctx->status))
|
||||
return -1;
|
||||
|
@ -49,10 +49,9 @@ int curl_win32_idn_to_ascii(const char *in, char **out)
|
||||
}
|
||||
free(in_w);
|
||||
|
||||
*out = (char *)Curl_convert_wchar_to_UTF8(punycode);
|
||||
if(!(*out)) {
|
||||
*out = Curl_convert_wchar_to_UTF8(punycode);
|
||||
if(!*out)
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
@ -67,10 +66,9 @@ int curl_win32_ascii_to_idn(const char *in, size_t in_len, char **out_utf8)
|
||||
return 0;
|
||||
}
|
||||
else {
|
||||
const char *out_utf8 = Curl_convert_wchar_to_UTF8(unicode);
|
||||
if(!out_utf8) {
|
||||
*out_utf8 = Curl_convert_wchar_to_UTF8(unicode);
|
||||
if(!*out_utf8)
|
||||
return 0;
|
||||
}
|
||||
}
|
||||
}
|
||||
return 1;
|
||||
|
@ -223,6 +223,12 @@
|
||||
*/
|
||||
|
||||
#ifdef HAVE_WINDOWS_H
|
||||
# if defined(UNICODE) && !defined(_UNICODE)
|
||||
# define _UNICODE
|
||||
# endif
|
||||
# if defined(_UNICODE) && !defined(UNICODE)
|
||||
# define UNICODE
|
||||
# endif
|
||||
# ifndef WIN32_LEAN_AND_MEAN
|
||||
# define WIN32_LEAN_AND_MEAN
|
||||
# endif
|
||||
@ -237,6 +243,7 @@
|
||||
# include <winsock.h>
|
||||
# endif
|
||||
# endif
|
||||
# include <tchar.h>
|
||||
#endif
|
||||
|
||||
/*
|
||||
|
@ -161,13 +161,11 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
|
||||
/* errors, keep sending it... */
|
||||
for(;;) {
|
||||
TCHAR *sname;
|
||||
#ifdef UNICODE
|
||||
sname = Curl_convert_UTF8_to_wchar(service_name);
|
||||
|
||||
sname = Curl_convert_UTF8_to_tchar(service_name);
|
||||
if(!sname)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
#else
|
||||
sname = service_name;
|
||||
#endif
|
||||
|
||||
status = s_pSecFn->InitializeSecurityContext(&cred_handle,
|
||||
context_handle,
|
||||
sname,
|
||||
@ -184,9 +182,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
|
||||
&sspi_ret_flags,
|
||||
&expiry);
|
||||
|
||||
#ifdef UNICODE
|
||||
Curl_safefree(sname);
|
||||
#endif
|
||||
Curl_unicodefree(sname);
|
||||
|
||||
if(sspi_recv_token.pvBuffer) {
|
||||
s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
|
Loading…
Reference in New Issue
Block a user