moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2024-12-21 23:58:49 -05:00
Code Issues Releases Wiki Activity

- Constantine Sapuntzakis filed bug report #2042430

Browse Source 
(http://curl.haxx.se/bug/view.cgi?id=2042430) with a patch. "NTLM Windows
  SSPI code is not thread safe". This was due to libcurl using static
  variables to tell wether to load the necessary SSPI DLL, but now the loading
  has been moved to the more suitable curl_global_init() call.
This commit is contained in:
Daniel Stenberg 2008-08-11 20:29:36 +00:00
parent 019bde82ce
commit f8a3aa91cd
5 changed files with 80 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
CHANGES
View File

@ -8,6 +8,12 @@
Daniel Stenberg (11 Aug 2008) Daniel Stenberg (11 Aug 2008)
- Constantine Sapuntzakis filed bug report #2042430
(http://curl.haxx.se/bug/view.cgi?id=2042430) with a patch. "NTLM Windows
SSPI code is not thread safe". This was due to libcurl using static
variables to tell wether to load the necessary SSPI DLL, but now the loading
has been moved to the more suitable curl_global_init() call.
- Constantine Sapuntzakis filed bug report #2042440 - Constantine Sapuntzakis filed bug report #2042440
(http://curl.haxx.se/bug/view.cgi?id=2042440) with a patch. He identified a (http://curl.haxx.se/bug/view.cgi?id=2042440) with a patch. He identified a
problem when using NTLM over a proxy but the end-point does Basic, and then problem when using NTLM over a proxy but the end-point does Basic, and then

1
RELEASE-NOTES
View File

@ -50,6 +50,7 @@ This release includes the following bugfixes:
o HTTP PUT or POST with redirect could lead to hang o HTTP PUT or POST with redirect could lead to hang
o re-use of connections with failed SSL connects in the multi interface o re-use of connections with failed SSL connects in the multi interface
o NTLM over proxy state was wrongly cleared when host connection was closed o NTLM over proxy state was wrongly cleared when host connection was closed
o Windows SSPI DLL loading is now done in curl_global_init()
This release includes the following known bugs: This release includes the following known bugs:

24
lib/easy.c
View File

@ -83,6 +83,7 @@
#include "easyif.h" #include "easyif.h"
#include "select.h" #include "select.h"
#include "sendf.h" /* for failf function prototype */ #include "sendf.h" /* for failf function prototype */
#include "http_ntlm.h"
#include "connect.h" /* for Curl_getconnectinfo */ #include "connect.h" /* for Curl_getconnectinfo */
#define _MPRINTF_REPLACE /* use our functions only */ #define _MPRINTF_REPLACE /* use our functions only */
@ -103,18 +104,23 @@
/* The last #include file should be: */ /* The last #include file should be: */
#include "memdebug.h" #include "memdebug.h"
#ifdef USE_WINSOCK
/* win32_cleanup() is for win32 socket cleanup functionality, the opposite /* win32_cleanup() is for win32 socket cleanup functionality, the opposite
of win32_init() */ of win32_init() */
static void win32_cleanup(void) static void win32_cleanup(void)
{ {
#ifdef USE_WINSOCK
WSACleanup(); WSACleanup();
#endif
#ifdef USE_WINDOWS_SSPI
Curl_ntlm_global_cleanup();
#endif
} }
/* win32_init() performs win32 socket initialization to properly setup the /* win32_init() performs win32 socket initialization to properly setup the
stack to allow networking */ stack to allow networking */
static CURLcode win32_init(void) static CURLcode win32_init(void)
{ {
#ifdef USE_WINSOCK
WORD wVersionRequested; WORD wVersionRequested;
WSADATA wsaData; WSADATA wsaData;
int err; int err;
@ -147,15 +153,19 @@ static CURLcode win32_init(void)
return CURLE_FAILED_INIT; return CURLE_FAILED_INIT;
} }
/* The Windows Sockets DLL is acceptable. Proceed. */ /* The Windows Sockets DLL is acceptable. Proceed. */
#endif
#ifdef USE_WINDOWS_SSPI
{
CURLcode err = Curl_ntlm_global_init();
if (err != CURLE_OK)
return err;
}
#endif
return CURLE_OK; return CURLE_OK;
} }
#else
/* These functions exist merely to prevent compiler warnings */
static CURLcode win32_init(void) { return CURLE_OK; }
static void win32_cleanup(void) { }
#endif
#ifdef USE_LIBIDN #ifdef USE_LIBIDN
/* /*
* Initialise use of IDNA library. * Initialise use of IDNA library.

84
lib/http_ntlm.c
View File

@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 1998 - 2007, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
* *
* This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms
@ -358,7 +358,7 @@ static void lm_resp(unsigned char *keys,
* Set up lanmanager hashed password * Set up lanmanager hashed password
*/ */
static void mk_lm_hash(struct SessionHandle *data, static void mk_lm_hash(struct SessionHandle *data,
char *password, char *password,
unsigned char *lmbuffer /* 21 bytes */) unsigned char *lmbuffer /* 21 bytes */)
{ {
unsigned char pw[14]; unsigned char pw[14];
@ -545,32 +545,12 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
passwdp=(char *)""; passwdp=(char *)"";
#ifdef USE_WINDOWS_SSPI #ifdef USE_WINDOWS_SSPI
/* If security interface is not yet initialized try to do this */ if (s_hSecDll == NULL) {
if(s_hSecDll == NULL) { /* not thread safe and leaks - use curl_global_init() to avoid */
/* Determine Windows version. Security functions are located in CURLcode err = Curl_ntlm_global_init();
* security.dll on WinNT 4.0 and in secur32.dll on Win9x. Win2K and XP if (s_hSecDll == NULL)
* contain both these DLLs (security.dll just forwards calls to return err;
* secur32.dll)
*/
OSVERSIONINFO osver;
osver.dwOSVersionInfoSize = sizeof(osver);
GetVersionEx(&osver);
if(osver.dwPlatformId == VER_PLATFORM_WIN32_NT
&& osver.dwMajorVersion == 4)
s_hSecDll = LoadLibrary("security.dll");
else
s_hSecDll = LoadLibrary("secur32.dll");
if(s_hSecDll != NULL) {
INIT_SECURITY_INTERFACE pInitSecurityInterface;
pInitSecurityInterface =
(INIT_SECURITY_INTERFACE)GetProcAddress(s_hSecDll,
"InitSecurityInterfaceA");
if(pInitSecurityInterface != NULL)
s_pSecFn = pInitSecurityInterface();
}
} }
if(s_pSecFn == NULL)
return CURLE_RECV_ERROR;
#endif #endif
switch(ntlm->state) { switch(ntlm->state) {
@ -1064,7 +1044,7 @@ CURLcode Curl_output_ntlm(struct connectdata *conn,
#ifdef CURL_DOES_CONVERSIONS #ifdef CURL_DOES_CONVERSIONS
/* convert domain, user, and host to ASCII but leave the rest as-is */ /* convert domain, user, and host to ASCII but leave the rest as-is */
if(CURLE_OK != Curl_convert_to_network(conn->data, if(CURLE_OK != Curl_convert_to_network(conn->data,
(char *)&ntlmbuf[domoff], (char *)&ntlmbuf[domoff],
size-domoff)) { size-domoff)) {
return CURLE_CONV_FAILED; return CURLE_CONV_FAILED;
@ -1113,15 +1093,53 @@ Curl_ntlm_cleanup(struct connectdata *conn)
#ifdef USE_WINDOWS_SSPI #ifdef USE_WINDOWS_SSPI
ntlm_sspi_cleanup(&conn->ntlm); ntlm_sspi_cleanup(&conn->ntlm);
ntlm_sspi_cleanup(&conn->proxyntlm); ntlm_sspi_cleanup(&conn->proxyntlm);
if(s_hSecDll != NULL) {
FreeLibrary(s_hSecDll);
s_hSecDll = NULL;
s_pSecFn = NULL;
}
#else #else
(void)conn; (void)conn;
#endif #endif
} }
#ifdef USE_WINDOWS_SSPI
CURLcode Curl_ntlm_global_init()
{
/* If security interface is not yet initialized try to do this */
if(s_hSecDll == NULL) {
/* Determine Windows version. Security functions are located in
* security.dll on WinNT 4.0 and in secur32.dll on Win9x. Win2K and XP
* contain both these DLLs (security.dll just forwards calls to
* secur32.dll)
*/
OSVERSIONINFO osver;
osver.dwOSVersionInfoSize = sizeof(osver);
GetVersionEx(&osver);
if(osver.dwPlatformId == VER_PLATFORM_WIN32_NT
&& osver.dwMajorVersion == 4)
s_hSecDll = LoadLibrary("security.dll");
else
s_hSecDll = LoadLibrary("secur32.dll");
if(s_hSecDll != NULL) {
INIT_SECURITY_INTERFACE pInitSecurityInterface;
pInitSecurityInterface =
(INIT_SECURITY_INTERFACE)GetProcAddress(s_hSecDll,
"InitSecurityInterfaceA");
if(pInitSecurityInterface != NULL)
s_pSecFn = pInitSecurityInterface();
}
}
if(s_pSecFn == NULL)
return CURLE_RECV_ERROR;
return CURLE_OK;
}
void Curl_ntlm_global_cleanup()
{
if(s_hSecDll != NULL) {
FreeLibrary(s_hSecDll);
s_hSecDll = NULL;
s_pSecFn = NULL;
}
}
#endif
#endif /* USE_NTLM */ #endif /* USE_NTLM */
#endif /* !CURL_DISABLE_HTTP */ #endif /* !CURL_DISABLE_HTTP */

6
lib/http_ntlm.h
View File

@ -7,7 +7,7 @@
* | (__| |_| | _ <| |___ * | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____| * \___|\___/|_| \_\_____|
* *
* Copyright (C) 1998 - 2005, Daniel Stenberg, <daniel@haxx.se>, et al. * Copyright (C) 1998 - 2008, Daniel Stenberg, <daniel@haxx.se>, et al.
* *
* This software is licensed as described in the file COPYING, which * This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms * you should have received as part of this distribution. The terms
@ -44,6 +44,10 @@ void Curl_ntlm_cleanup(struct connectdata *conn);
#define Curl_ntlm_cleanup(x) #define Curl_ntlm_cleanup(x)
#endif #endif
#ifdef USE_WINDOWS_SSPI
CURLcode Curl_ntlm_global_init();
void Curl_ntlm_global_cleanup();
#endif
/* Flag bits definitions based on http://davenport.sourceforge.net/ntlm.html */ /* Flag bits definitions based on http://davenport.sourceforge.net/ntlm.html */