From a0f212946b1e839a673973930034b98031f1507c Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Sun, 20 Mar 2016 11:56:07 +0000 Subject: [PATCH] vauth: Introduced Curl_auth_is__supported() functions As Windows SSPI authentication calls fail when a particular mechanism isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5 and Negotiate to allow both HTTP and SASL authentication the opportunity to query support for a supported mechanism before selecting it. For now each function returns TRUE to maintain compatability with the existing code when called. --- lib/vauth/digest.c | 14 ++++++++++++++ lib/vauth/digest_sspi.c | 16 ++++++++++++++++ lib/vauth/krb5_gssapi.c | 14 ++++++++++++++ lib/vauth/krb5_sspi.c | 16 ++++++++++++++++ lib/vauth/ntlm.c | 14 ++++++++++++++ lib/vauth/ntlm_sspi.c | 16 ++++++++++++++++ lib/vauth/spnego_gssapi.c | 14 ++++++++++++++ lib/vauth/spnego_sspi.c | 16 ++++++++++++++++ lib/vauth/vauth.h | 12 ++++++++++++ 9 files changed, 132 insertions(+) diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c index 26ea7b5983..f4898404f2 100644 --- a/lib/vauth/digest.c +++ b/lib/vauth/digest.c @@ -305,6 +305,20 @@ static CURLcode auth_decode_digest_md5_message(const char *chlg64, return CURLE_OK; } +/* + * Curl_auth_is_digest_supported() + * + * This is used to evaluate if DIGEST is supported. + * + * Parameters: None + * + * Returns TRUE as DIGEST as handled by libcurl. + */ +bool Curl_auth_is_digest_supported(void) +{ + return TRUE; +} + /* * Curl_auth_create_digest_md5_message() * diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c index 6a7315eb50..9254385e59 100644 --- a/lib/vauth/digest_sspi.c +++ b/lib/vauth/digest_sspi.c @@ -43,6 +43,22 @@ #include "curl_memory.h" #include "memdebug.h" +/* +* Curl_auth_is_digest_supported() +* +* This is used to evaluate if DIGEST is supported. +* +* Parameters: None +* +* Returns TRUE if DIGEST is supported by Windows SSPI. +*/ +bool Curl_auth_is_digest_supported(void) +{ + /* TODO: Return true for now which maintains compatability with the existing + code */ + return TRUE; +} + /* * Curl_auth_create_digest_md5_message() * diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c index 31c8c7da41..c754fae452 100644 --- a/lib/vauth/krb5_gssapi.c +++ b/lib/vauth/krb5_gssapi.c @@ -41,6 +41,20 @@ #include "curl_memory.h" #include "memdebug.h" +/* + * Curl_auth_is_gssapi_supported() + * + * This is used to evaluate if GSSAPI (Kerberos V5) is supported. + * + * Parameters: None + * + * Returns TRUE if Kerberos V5 is supported by the GSS-API library. + */ +bool Curl_auth_is_gssapi_supported(void) +{ + return TRUE; +} + /* * Curl_auth_create_gssapi_user_message() * diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c index 08774f6c9e..e046900461 100644 --- a/lib/vauth/krb5_sspi.c +++ b/lib/vauth/krb5_sspi.c @@ -39,6 +39,22 @@ #include "curl_memory.h" #include "memdebug.h" +/* + * Curl_auth_is_gssapi_supported() + * + * This is used to evaluate if GSSAPI (Kerberos V5) is supported. + * + * Parameters: None + * + * Returns TRUE if Kerberos V5 is supported by Windows SSPI. + */ +bool Curl_auth_is_gssapi_supported(void) +{ + /* TODO: Return true for now which maintains compatability with the existing + code */ + return TRUE; +} + /* * Curl_auth_create_gssapi_user_message() * diff --git a/lib/vauth/ntlm.c b/lib/vauth/ntlm.c index c85fe42988..b484a011a2 100644 --- a/lib/vauth/ntlm.c +++ b/lib/vauth/ntlm.c @@ -216,6 +216,20 @@ static CURLcode ntlm_decode_type2_target(struct Curl_easy *data, from the beginning of the NTLM message. */ +/* + * Curl_auth_is_ntlm_supported() + * + * This is used to evaluate if NTLM is supported. + * + * Parameters: None + * + * Returns TRUE as NTLM as handled by libcurl. + */ +bool Curl_auth_is_ntlm_supported(void) +{ + return TRUE; +} + /* * Curl_auth_decode_ntlm_type2_message() * diff --git a/lib/vauth/ntlm_sspi.c b/lib/vauth/ntlm_sspi.c index 982a9d378c..6f446780e0 100644 --- a/lib/vauth/ntlm_sspi.c +++ b/lib/vauth/ntlm_sspi.c @@ -37,6 +37,22 @@ #include "curl_memory.h" #include "memdebug.h" +/* + * Curl_auth_is_ntlm_supported() + * + * This is used to evaluate if NTLM is supported. + * + * Parameters: None + * + * Returns TRUE if NTLM is supported by Windows SSPI. + */ +bool Curl_auth_is_ntlm_supported(void) +{ + /* TODO: Return true for now which maintains compatability with the existing + code */ + return TRUE; +} + /* * Curl_auth_create_ntlm_type1_message() * diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c index b256ee6167..8840db8fda 100644 --- a/lib/vauth/spnego_gssapi.c +++ b/lib/vauth/spnego_gssapi.c @@ -40,6 +40,20 @@ #include "curl_memory.h" #include "memdebug.h" +/* + * Curl_auth_is_spnego_supported() + * + * This is used to evaluate if SPNEGO (Negotiate) is supported. + * + * Parameters: None + * + * Returns TRUE if Negotiate supported by the GSS-API library. + */ +bool Curl_auth_is_spnego_supported(void) +{ + return TRUE; +} + /* * Curl_auth_decode_spnego_message() * diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c index b6176ece16..1222a654df 100644 --- a/lib/vauth/spnego_sspi.c +++ b/lib/vauth/spnego_sspi.c @@ -39,6 +39,22 @@ #include "curl_memory.h" #include "memdebug.h" +/* + * Curl_auth_is_spnego_supported() + * + * This is used to evaluate if SPNEGO (Negotiate) is supported. + * + * Parameters: None + * + * Returns TRUE if Negotiate is supported by Windows SSPI. + */ +bool Curl_auth_is_spnego_supported(void) +{ + /* TODO: Return true for now which maintains compatability with the existing + code */ + return TRUE; +} + /* * Curl_auth_decode_spnego_message() * diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h index 38806ee73b..3ad2139f9a 100644 --- a/lib/vauth/vauth.h +++ b/lib/vauth/vauth.h @@ -83,6 +83,9 @@ CURLcode Curl_auth_create_cram_md5_message(struct Curl_easy *data, const char *passwdp, char **outptr, size_t *outlen); +/* This is used to evaluate if DIGEST is supported */ +bool Curl_auth_is_digest_supported(void); + /* This is used to generate a base64 encoded DIGEST-MD5 response message */ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data, const char *chlg64, @@ -109,6 +112,9 @@ void Curl_auth_digest_cleanup(struct digestdata *digest); #endif /* !CURL_DISABLE_CRYPTO_AUTH */ #if defined(USE_NTLM) +/* This is used to evaluate if NTLM is supported */ +bool Curl_auth_is_ntlm_supported(void); + /* This is used to generate a base64 encoded NTLM type-1 message */ CURLcode Curl_auth_create_ntlm_type1_message(const char *userp, const char *passwdp, @@ -140,6 +146,9 @@ CURLcode Curl_auth_create_oauth_bearer_message(struct Curl_easy *data, const char *bearer, char **outptr, size_t *outlen); #if defined(USE_KERBEROS5) +/* This is used to evaluate if GSSAPI (Kerberos V5) is supported */ +bool Curl_auth_is_gssapi_supported(void); + /* This is used to generate a base64 encoded GSSAPI (Kerberos V5) user token message */ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data, @@ -165,6 +174,9 @@ void Curl_auth_gssapi_cleanup(struct kerberos5data *krb5); #endif /* USE_KERBEROS5 */ #if defined(USE_SPNEGO) +/* This is used to evaluate if SPNEGO (Negotiate) is supported */ +bool Curl_auth_is_spnego_supported(void); + /* This is used to decode a base64 encoded SPNEGO (Negotiate) challenge message */ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,