Jay Satiro
af5fbb14bb
digest_sspi: Handle 'stale=TRUE' directive in HTTP digest
...
- If the server has provided another challenge use it as the replacement
input token if stale=TRUE. Otherwise previous credentials have failed
so return CURLE_LOGIN_DENIED.
Prior to this change the stale directive was ignored and if another
challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING.
Ref: https://tools.ietf.org/html/rfc2617#page-10
Bug: https://github.com/curl/curl/issues/928
Reported-by: tarek112@users.noreply.github.com
2017-02-21 01:04:59 -05:00
Max Khon
f77dabefd8
digest_sspi: Fix nonce-count generation in HTTP digest
...
- on the first invocation: keep security context returned by
InitializeSecurityContext()
- on subsequent invocations: use MakeSignature() instead of
InitializeSecurityContext() to generate HTTP digest response
Bug: https://github.com/curl/curl/issues/870
Reported-by: Andreas Roth
Closes https://github.com/curl/curl/pull/1251
2017-02-20 00:53:01 -05:00
Max Khon
89b7898846
digest_sspi: copy terminating NUL as well
...
Curl_auth_decode_digest_http_message(): copy terminating NUL as later
Curl_override_sspi_http_realm() expects a NUL-terminated string.
Fixes #1180
2016-12-29 00:21:14 +01:00
Daniel Stenberg
8657c268e1
checksrc: white space edits to comply to stricter checksrc
2016-11-24 23:58:22 +01:00
Marcel Raad
4f97d9832c
digest_sspi: fix include
...
Fix compile break from 811a693b80
2016-10-31 12:51:27 +01:00
Daniel Stenberg
811a693b80
strcasecompare: all case insensitive string compares ignore locale now
...
We had some confusions on when each function was used. We should not act
differently on different locales anyway.
2016-10-31 08:46:35 +01:00
Steve Holme
43dbd76616
vauth: Added check for supported SSPI based authentication mechanisms
...
Completing commit 00417fd66c
and 2708d4259b
.
2016-08-21 10:27:09 +01:00
Steve Holme
a0f212946b
vauth: Introduced Curl_auth_is_<mechansism>_supported() functions
...
As Windows SSPI authentication calls fail when a particular mechanism
isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5
and Negotiate to allow both HTTP and SASL authentication the opportunity
to query support for a supported mechanism before selecting it.
For now each function returns TRUE to maintain compatability with the
existing code when called.
2016-08-18 20:31:20 +01:00
Jay Satiro
c5cffce56e
vauth: Fix memleak by freeing credentials if out of memory
...
This is a follow up to the parent commit dcdd4be
which fixes one leak
but creates another by failing to free the credentials handle if out of
memory. Also there's a second location a few lines down where we fail to
do same. This commit fixes both of those issues.
2016-07-20 22:00:45 -04:00
Saurav Babu
dcdd4be352
vauth: Fixed memory leak due to function returning without free
...
This patch allocates memory to "output_token" only when it is required
so that memory is not leaked if function returns.
2016-07-20 23:21:49 +02:00
Daniel Stenberg
434f8d0389
internals: rename the SessionHandle struct to Curl_easy
2016-06-22 10:28:41 +02:00
Viktor Szakats
a24f71aac4
URLs: change http to https in many places
...
Closes #754
2016-04-06 11:58:34 +02:00
Steve Holme
cbc52ff341
vauth: Corrected a number of typos in comments
...
Reported-by: Michael Osipov
2016-04-06 00:21:07 +01:00
Steve Holme
9feb2676a4
vauth: Removed the need for a separate GSS-API based SPN function
2016-04-03 20:26:03 +01:00
Steve Holme
58a7bc96ec
vauth: Refactored function names after move to new vauth directory
...
Renamed all the SASL functions that moved to the new vauth directory to
include the correct module name.
2016-03-25 17:40:12 +00:00
Steve Holme
7d2a5a05f6
vauth: Updated the copyright year after recent changes
...
As most of this work was performed in 2015 but not pushed until 2016
updated the copyright year to reflect the public facing changes.
2016-03-25 17:40:12 +00:00
Steve Holme
51358a3f40
vauth: Moved the DIGEST authentication code to the new vauth directory
2016-03-25 12:05:23 +00:00