Marcel Raad
a55c835e6b
curl_multibyte: add to curlx
...
This will also be needed in the tool and tests.
Ref: https://github.com/curl/curl/pull/3758#issuecomment-482197512
Closes https://github.com/curl/curl/pull/3784
2020-05-14 18:13:27 +02:00
Peter Wang
1c341e2270
*_sspi: fix bad uses of CURLE_NOT_BUILT_IN
...
Return CURLE_AUTH_ERROR instead of CURLE_NOT_BUILT_IN for other
instances of QuerySecurityPackageInfo failing, as in
commit 2a81439553
.
Closes #5355
2020-05-08 08:37:56 +02:00
migueljcrum
67b30b3418
sspi: fix memory leaks
...
Closes #4299
2019-09-10 08:06:05 +02:00
Jay Satiro
dca6f73613
vauth: Use CURLE_AUTH_ERROR for auth function errors
...
- Add new error code CURLE_AUTH_ERROR.
Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was
technically correct.
Ref: https://github.com/curl/curl/pull/3848
Co-authored-by: Dominik Hölzl
Closes https://github.com/curl/curl/pull/3864
2019-08-14 03:14:01 -04:00
Daniel Stenberg
ba243235ec
urldata: rename easy_conn to just conn
...
We use "conn" everywhere to be a pointer to the connection.
Introduces two functions that "attaches" and "detaches" the connection
to and from the transfer.
Going forward, we should favour using "data->conn" (since a transfer
always only has a single connection or none at all) to "conn->data"
(since a connection can have none, one or many transfers associated with
it and updating conn->data to be correct is error prone and a frequent
reason for internal issues).
Closes #3442
2019-01-11 15:35:13 +01:00
Daniel Gustafsson
e182fc1613
comment: Fix multiple typos in function parameters
...
Ensure that the parameters in the comment match the actual names in the
prototype.
Closes #3079
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
2018-10-03 10:27:27 +02:00
Gisle Vanem
61825be02b
vtls: select ssl backend case-insensitive (follow-up)
...
- Do a case-insensitive comparison of CURL_SSL_BACKEND env as well.
- Change Curl_strcasecompare calls to strcasecompare
(maps to the former but shorter).
Follow-up to c290b8f
.
Bug: https://github.com/curl/curl/commit/c290b8f#commitcomment-24094313
Co-authored-by: Jay Satiro
2017-09-06 02:27:33 -04:00
Jay Satiro
0b5665c98a
digest_sspi: Don't reuse context if the user/passwd has changed
...
Bug: https://github.com/curl/curl/issues/1685
Reported-by: paulharris@users.noreply.github.com
Assisted-by: Isaac Boukris
Closes https://github.com/curl/curl/pull/1742
2017-08-10 01:40:05 -04:00
klemens
f7df67cff0
spelling fixes
...
Closes #1356
2017-03-26 23:56:23 +02:00
Marcel Raad
727917555d
digest_sspi: fix compilation warning
...
MSVC complains:
warning C4701: potentially uninitialized local variable 'output_token_len' used
2017-02-27 13:05:22 +01:00
Jay Satiro
af5fbb14bb
digest_sspi: Handle 'stale=TRUE' directive in HTTP digest
...
- If the server has provided another challenge use it as the replacement
input token if stale=TRUE. Otherwise previous credentials have failed
so return CURLE_LOGIN_DENIED.
Prior to this change the stale directive was ignored and if another
challenge was received it would cause error CURLE_BAD_CONTENT_ENCODING.
Ref: https://tools.ietf.org/html/rfc2617#page-10
Bug: https://github.com/curl/curl/issues/928
Reported-by: tarek112@users.noreply.github.com
2017-02-21 01:04:59 -05:00
Max Khon
f77dabefd8
digest_sspi: Fix nonce-count generation in HTTP digest
...
- on the first invocation: keep security context returned by
InitializeSecurityContext()
- on subsequent invocations: use MakeSignature() instead of
InitializeSecurityContext() to generate HTTP digest response
Bug: https://github.com/curl/curl/issues/870
Reported-by: Andreas Roth
Closes https://github.com/curl/curl/pull/1251
2017-02-20 00:53:01 -05:00
Max Khon
89b7898846
digest_sspi: copy terminating NUL as well
...
Curl_auth_decode_digest_http_message(): copy terminating NUL as later
Curl_override_sspi_http_realm() expects a NUL-terminated string.
Fixes #1180
2016-12-29 00:21:14 +01:00
Daniel Stenberg
8657c268e1
checksrc: white space edits to comply to stricter checksrc
2016-11-24 23:58:22 +01:00
Marcel Raad
4f97d9832c
digest_sspi: fix include
...
Fix compile break from 811a693b80
2016-10-31 12:51:27 +01:00
Daniel Stenberg
811a693b80
strcasecompare: all case insensitive string compares ignore locale now
...
We had some confusions on when each function was used. We should not act
differently on different locales anyway.
2016-10-31 08:46:35 +01:00
Steve Holme
43dbd76616
vauth: Added check for supported SSPI based authentication mechanisms
...
Completing commit 00417fd66c
and 2708d4259b
.
2016-08-21 10:27:09 +01:00
Steve Holme
a0f212946b
vauth: Introduced Curl_auth_is_<mechansism>_supported() functions
...
As Windows SSPI authentication calls fail when a particular mechanism
isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5
and Negotiate to allow both HTTP and SASL authentication the opportunity
to query support for a supported mechanism before selecting it.
For now each function returns TRUE to maintain compatability with the
existing code when called.
2016-08-18 20:31:20 +01:00
Jay Satiro
c5cffce56e
vauth: Fix memleak by freeing credentials if out of memory
...
This is a follow up to the parent commit dcdd4be
which fixes one leak
but creates another by failing to free the credentials handle if out of
memory. Also there's a second location a few lines down where we fail to
do same. This commit fixes both of those issues.
2016-07-20 22:00:45 -04:00
Saurav Babu
dcdd4be352
vauth: Fixed memory leak due to function returning without free
...
This patch allocates memory to "output_token" only when it is required
so that memory is not leaked if function returns.
2016-07-20 23:21:49 +02:00
Daniel Stenberg
434f8d0389
internals: rename the SessionHandle struct to Curl_easy
2016-06-22 10:28:41 +02:00
Viktor Szakats
a24f71aac4
URLs: change http to https in many places
...
Closes #754
2016-04-06 11:58:34 +02:00
Steve Holme
cbc52ff341
vauth: Corrected a number of typos in comments
...
Reported-by: Michael Osipov
2016-04-06 00:21:07 +01:00
Steve Holme
9feb2676a4
vauth: Removed the need for a separate GSS-API based SPN function
2016-04-03 20:26:03 +01:00
Steve Holme
58a7bc96ec
vauth: Refactored function names after move to new vauth directory
...
Renamed all the SASL functions that moved to the new vauth directory to
include the correct module name.
2016-03-25 17:40:12 +00:00
Steve Holme
7d2a5a05f6
vauth: Updated the copyright year after recent changes
...
As most of this work was performed in 2015 but not pushed until 2016
updated the copyright year to reflect the public facing changes.
2016-03-25 17:40:12 +00:00
Steve Holme
51358a3f40
vauth: Moved the DIGEST authentication code to the new vauth directory
2016-03-25 12:05:23 +00:00