curl.h/features: Deprecate GSS-Negotiate macros due to bad naming

- Replace CURLAUTH_GSSNEGOTIATE with CURLAUTH_NEGOTIATE
- CURL_VERSION_GSSNEGOTIATE is deprecated which
  is served by CURL_VERSION_SSPI, CURL_VERSION_GSSAPI and
  CURUL_VERSION_SPNEGO now.
- Remove display of feature 'GSS-Negotiate'
This commit is contained in:
Michael Osipov
2014-07-21 09:53:46 +02:00
committed by Daniel Stenberg
parent 46750c39bd
commit e38ba43014
10 changed files with 40 additions and 39 deletions

View File

@@ -619,7 +619,8 @@ typedef enum {
* CURLAUTH_NONE - No HTTP authentication * CURLAUTH_NONE - No HTTP authentication
* CURLAUTH_BASIC - HTTP Basic authentication (default) * CURLAUTH_BASIC - HTTP Basic authentication (default)
* CURLAUTH_DIGEST - HTTP Digest authentication * CURLAUTH_DIGEST - HTTP Digest authentication
* CURLAUTH_GSSNEGOTIATE - HTTP GSS-Negotiate authentication * CURLAUTH_NEGOTIATE - HTTP Negotiate (SPNEGO) authentication
* CURLAUTH_GSSNEGOTIATE - Alias for CURLAUTH_NEGOTIATE (deprecated)
* CURLAUTH_NTLM - HTTP NTLM authentication * CURLAUTH_NTLM - HTTP NTLM authentication
* CURLAUTH_DIGEST_IE - HTTP Digest authentication with IE flavour * CURLAUTH_DIGEST_IE - HTTP Digest authentication with IE flavour
* CURLAUTH_NTLM_WB - HTTP NTLM authentication delegated to winbind helper * CURLAUTH_NTLM_WB - HTTP NTLM authentication delegated to winbind helper
@@ -632,7 +633,9 @@ typedef enum {
#define CURLAUTH_NONE ((unsigned long)0) #define CURLAUTH_NONE ((unsigned long)0)
#define CURLAUTH_BASIC (((unsigned long)1)<<0) #define CURLAUTH_BASIC (((unsigned long)1)<<0)
#define CURLAUTH_DIGEST (((unsigned long)1)<<1) #define CURLAUTH_DIGEST (((unsigned long)1)<<1)
#define CURLAUTH_GSSNEGOTIATE (((unsigned long)1)<<2) #define CURLAUTH_NEGOTIATE (((unsigned long)1)<<2)
/* Deprecated since the advent of CURLAUTH_NEGOTIATE */
#define CURLAUTH_GSSNEGOTIATE CURLAUTH_NEGOTIATE
#define CURLAUTH_NTLM (((unsigned long)1)<<3) #define CURLAUTH_NTLM (((unsigned long)1)<<3)
#define CURLAUTH_DIGEST_IE (((unsigned long)1)<<4) #define CURLAUTH_DIGEST_IE (((unsigned long)1)<<4)
#define CURLAUTH_NTLM_WB (((unsigned long)1)<<5) #define CURLAUTH_NTLM_WB (((unsigned long)1)<<5)
@@ -2231,7 +2234,8 @@ typedef struct {
#define CURL_VERSION_SSL (1<<2) /* SSL options are present */ #define CURL_VERSION_SSL (1<<2) /* SSL options are present */
#define CURL_VERSION_LIBZ (1<<3) /* libz features are present */ #define CURL_VERSION_LIBZ (1<<3) /* libz features are present */
#define CURL_VERSION_NTLM (1<<4) /* NTLM auth is supported */ #define CURL_VERSION_NTLM (1<<4) /* NTLM auth is supported */
#define CURL_VERSION_GSSNEGOTIATE (1<<5) /* Negotiate auth support */ #define CURL_VERSION_GSSNEGOTIATE (1<<5) /* Negotiate auth support
(deprecated) */
#define CURL_VERSION_DEBUG (1<<6) /* built with debug capabilities */ #define CURL_VERSION_DEBUG (1<<6) /* built with debug capabilities */
#define CURL_VERSION_ASYNCHDNS (1<<7) /* asynchronous dns resolves */ #define CURL_VERSION_ASYNCHDNS (1<<7) /* asynchronous dns resolves */
#define CURL_VERSION_SPNEGO (1<<8) /* SPNEGO auth is supported */ #define CURL_VERSION_SPNEGO (1<<8) /* SPNEGO auth is supported */

View File

@@ -610,7 +610,7 @@ int netware_init(void);
#if !defined(CURL_DISABLE_CRYPTO_AUTH) && \ #if !defined(CURL_DISABLE_CRYPTO_AUTH) && \
(defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)) (defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI))
#define USE_HTTP_NEGOTIATE #define USE_SPNEGO
#endif #endif
/* Single point where USE_NTLM definition might be done */ /* Single point where USE_NTLM definition might be done */

View File

@@ -328,8 +328,8 @@ static bool pickoneauth(struct auth *pick)
/* The order of these checks is highly relevant, as this will be the order /* The order of these checks is highly relevant, as this will be the order
of preference in case of the existence of multiple accepted types. */ of preference in case of the existence of multiple accepted types. */
if(avail & CURLAUTH_GSSNEGOTIATE) if(avail & CURLAUTH_NEGOTIATE)
pick->picked = CURLAUTH_GSSNEGOTIATE; pick->picked = CURLAUTH_NEGOTIATE;
else if(avail & CURLAUTH_DIGEST) else if(avail & CURLAUTH_DIGEST)
pick->picked = CURLAUTH_DIGEST; pick->picked = CURLAUTH_DIGEST;
else if(avail & CURLAUTH_NTLM) else if(avail & CURLAUTH_NTLM)
@@ -557,7 +557,7 @@ output_auth_headers(struct connectdata *conn,
struct SessionHandle *data = conn->data; struct SessionHandle *data = conn->data;
const char *auth=NULL; const char *auth=NULL;
CURLcode result = CURLE_OK; CURLcode result = CURLE_OK;
#ifdef USE_HTTP_NEGOTIATE #ifdef USE_SPNEGO
struct negotiatedata *negdata = proxy? struct negotiatedata *negdata = proxy?
&data->state.proxyneg:&data->state.negotiate; &data->state.proxyneg:&data->state.negotiate;
#endif #endif
@@ -567,9 +567,9 @@ output_auth_headers(struct connectdata *conn,
(void)path; (void)path;
#endif #endif
#ifdef USE_HTTP_NEGOTIATE #ifdef USE_SPNEGO
negdata->state = GSS_AUTHNONE; negdata->state = GSS_AUTHNONE;
if((authstatus->picked == CURLAUTH_GSSNEGOTIATE) && if((authstatus->picked == CURLAUTH_NEGOTIATE) &&
negdata->context && !GSS_ERROR(negdata->status)) { negdata->context && !GSS_ERROR(negdata->status)) {
auth="Negotiate"; auth="Negotiate";
result = Curl_output_negotiate(conn, proxy); result = Curl_output_negotiate(conn, proxy);
@@ -737,7 +737,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
*/ */
struct SessionHandle *data = conn->data; struct SessionHandle *data = conn->data;
#ifdef USE_HTTP_NEGOTIATE #ifdef USE_SPNEGO
struct negotiatedata *negdata = proxy? struct negotiatedata *negdata = proxy?
&data->state.proxyneg:&data->state.negotiate; &data->state.proxyneg:&data->state.negotiate;
#endif #endif
@@ -771,13 +771,13 @@ CURLcode Curl_http_input_auth(struct connectdata *conn, bool proxy,
*/ */
while(*auth) { while(*auth) {
#ifdef USE_HTTP_NEGOTIATE #ifdef USE_SPNEGO
if(checkprefix("Negotiate", auth)) { if(checkprefix("Negotiate", auth)) {
int neg; int neg;
*availp |= CURLAUTH_GSSNEGOTIATE; *availp |= CURLAUTH_NEGOTIATE;
authp->avail |= CURLAUTH_GSSNEGOTIATE; authp->avail |= CURLAUTH_NEGOTIATE;
if(authp->picked == CURLAUTH_GSSNEGOTIATE) { if(authp->picked == CURLAUTH_NEGOTIATE) {
if(negdata->state == GSS_AUTHSENT || negdata->state == GSS_AUTHNONE) { if(negdata->state == GSS_AUTHSENT || negdata->state == GSS_AUTHNONE) {
neg = Curl_input_negotiate(conn, proxy, auth); neg = Curl_input_negotiate(conn, proxy, auth);
if(neg == 0) { if(neg == 0) {
@@ -1440,7 +1440,7 @@ CURLcode Curl_http_done(struct connectdata *conn,
Curl_unencode_cleanup(conn); Curl_unencode_cleanup(conn);
#ifdef USE_HTTP_NEGOTIATE #ifdef USE_SPNEGO
if(data->state.proxyneg.state == GSS_AUTHSENT || if(data->state.proxyneg.state == GSS_AUTHSENT ||
data->state.negotiate.state == GSS_AUTHSENT) data->state.negotiate.state == GSS_AUTHSENT)
Curl_cleanup_negotiate(data); Curl_cleanup_negotiate(data);

View File

@@ -22,7 +22,7 @@
* *
***************************************************************************/ ***************************************************************************/
#ifdef USE_HTTP_NEGOTIATE #ifdef USE_SPNEGO
/* this is for Negotiate header input */ /* this is for Negotiate header input */
int Curl_input_negotiate(struct connectdata *conn, bool proxy, int Curl_input_negotiate(struct connectdata *conn, bool proxy,
@@ -37,6 +37,6 @@ void Curl_cleanup_negotiate(struct SessionHandle *data);
#define GSS_ERROR(status) (status & 0x80000000) #define GSS_ERROR(status) (status & 0x80000000)
#endif #endif
#endif /* USE_HTTP_NEGOTIATE */ #endif /* USE_SPNEGO */
#endif /* HEADER_CURL_HTTP_NEGOTIATE_H */ #endif /* HEADER_CURL_HTTP_NEGOTIATE_H */

View File

@@ -24,7 +24,7 @@
#ifdef USE_WINDOWS_SSPI #ifdef USE_WINDOWS_SSPI
#if !defined(CURL_DISABLE_HTTP) && defined(USE_HTTP_NEGOTIATE) #if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)
#include "urldata.h" #include "urldata.h"
#include "sendf.h" #include "sendf.h"
@@ -262,6 +262,6 @@ void Curl_cleanup_negotiate(struct SessionHandle *data)
cleanup(&data->state.proxyneg); cleanup(&data->state.proxyneg);
} }
#endif /* !CURL_DISABLE_HTTP && USE_HTTP_NEGOTIATE */ #endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */
#endif /* USE_WINDOWS_SSPI */ #endif /* USE_WINDOWS_SSPI */

View File

@@ -1267,9 +1267,9 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
#elif !defined(NTLM_WB_ENABLED) #elif !defined(NTLM_WB_ENABLED)
auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */ auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */
#endif #endif
#ifndef USE_HTTP_NEGOTIATE #ifndef USE_SPNEGO
auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without
WINDOWS_SSPI */ GSS-API or SSPI */
#endif #endif
/* check if any auth bit lower than CURLAUTH_ONLY is still set */ /* check if any auth bit lower than CURLAUTH_ONLY is still set */
@@ -1355,9 +1355,9 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option,
#elif !defined(NTLM_WB_ENABLED) #elif !defined(NTLM_WB_ENABLED)
auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */ auth &= ~CURLAUTH_NTLM_WB; /* no NTLM_WB support */
#endif #endif
#ifndef USE_HTTP_NEGOTIATE #ifndef USE_SPNEGO
auth &= ~CURLAUTH_GSSNEGOTIATE; /* no GSS-Negotiate without GSSAPI or auth &= ~CURLAUTH_NEGOTIATE; /* no Negotiate (SPNEGO) auth without
WINDOWS_SSPI */ GSS-API or SSPI */
#endif #endif
/* check if any auth bit lower than CURLAUTH_ONLY is still set */ /* check if any auth bit lower than CURLAUTH_ONLY is still set */

View File

@@ -444,7 +444,7 @@ struct ntlmdata {
#endif #endif
}; };
#ifdef USE_HTTP_NEGOTIATE #ifdef USE_SPNEGO
struct negotiatedata { struct negotiatedata {
/* When doing Negotiate (SPNEGO) auth, we first need to send a token /* When doing Negotiate (SPNEGO) auth, we first need to send a token
and then validate the received one. */ and then validate the received one. */
@@ -1245,7 +1245,7 @@ struct UrlState {
struct digestdata digest; /* state data for host Digest auth */ struct digestdata digest; /* state data for host Digest auth */
struct digestdata proxydigest; /* state data for proxy Digest auth */ struct digestdata proxydigest; /* state data for proxy Digest auth */
#ifdef USE_HTTP_NEGOTIATE #ifdef USE_SPNEGO
struct negotiatedata negotiate; /* state data for host Negotiate auth */ struct negotiatedata negotiate; /* state data for host Negotiate auth */
struct negotiatedata proxyneg; /* state data for proxy Negotiate auth */ struct negotiatedata proxyneg; /* state data for proxy Negotiate auth */
#endif #endif

View File

@@ -262,9 +262,6 @@ static curl_version_info_data version_info = {
#ifdef HAVE_LIBZ #ifdef HAVE_LIBZ
| CURL_VERSION_LIBZ | CURL_VERSION_LIBZ
#endif #endif
#ifdef USE_HTTP_NEGOTIATE
| CURL_VERSION_GSSNEGOTIATE
#endif
#ifdef DEBUGBUILD #ifdef DEBUGBUILD
| CURL_VERSION_DEBUG | CURL_VERSION_DEBUG
#endif #endif

View File

@@ -597,13 +597,13 @@ ParameterError getparameter(char *flag, /* f or -long-flag */
case 'l': /* --negotiate */ case 'l': /* --negotiate */
if(toggle) { if(toggle) {
if(curlinfo->features & CURL_VERSION_GSSNEGOTIATE) if(curlinfo->features & CURL_VERSION_SPNEGO)
config->authtype |= CURLAUTH_GSSNEGOTIATE; config->authtype |= CURLAUTH_NEGOTIATE;
else else
return PARAM_LIBCURL_DOESNT_SUPPORT; return PARAM_LIBCURL_DOESNT_SUPPORT;
} }
else else
config->authtype &= ~CURLAUTH_GSSNEGOTIATE; config->authtype &= ~CURLAUTH_NEGOTIATE;
break; break;
case 'm': /* --ntlm */ case 'm': /* --ntlm */
@@ -697,8 +697,7 @@ ParameterError getparameter(char *flag, /* f or -long-flag */
break; break;
case 'x': /* --krb */ case 'x': /* --krb */
/* kerberos level string */ /* kerberos level string */
if(curlinfo->features & (CURL_VERSION_KERBEROS4 | if(curlinfo->features & CURL_VERSION_KERBEROS4)
CURL_VERSION_GSSNEGOTIATE))
GetStr(&config->krblevel, nextarg); GetStr(&config->krblevel, nextarg);
else else
return PARAM_LIBCURL_DOESNT_SUPPORT; return PARAM_LIBCURL_DOESNT_SUPPORT;
@@ -798,11 +797,12 @@ ParameterError getparameter(char *flag, /* f or -long-flag */
break; break;
case 'k': /* --proxy-negotiate */ case 'k': /* --proxy-negotiate */
if(curlinfo->features & CURL_VERSION_GSSNEGOTIATE) if(curlinfo->features & CURL_VERSION_SPNEGO)
config->proxynegotiate = toggle; config->proxynegotiate = toggle;
else else
return PARAM_LIBCURL_DOESNT_SUPPORT; return PARAM_LIBCURL_DOESNT_SUPPORT;
break; break;
case 'm': /* --ftp-account */ case 'm': /* --ftp-account */
GetStr(&config->ftp_account, nextarg); GetStr(&config->ftp_account, nextarg);
break; break;

View File

@@ -135,7 +135,7 @@ static const char *const helptext[] = {
" --max-redirs NUM Maximum number of redirects allowed (H)", " --max-redirs NUM Maximum number of redirects allowed (H)",
" -m, --max-time SECONDS Maximum time allowed for the transfer", " -m, --max-time SECONDS Maximum time allowed for the transfer",
" --metalink Process given URLs as metalink XML file", " --metalink Process given URLs as metalink XML file",
" --negotiate Use HTTP Negotiate Authentication (H)", " --negotiate Use HTTP Negotiate (SPNEGO) authentication (H)",
" -n, --netrc Must read .netrc for user name and password", " -n, --netrc Must read .netrc for user name and password",
" --netrc-optional Use either .netrc or URL; overrides -n", " --netrc-optional Use either .netrc or URL; overrides -n",
" --netrc-file FILE Set up the netrc filename to use", " --netrc-file FILE Set up the netrc filename to use",
@@ -165,7 +165,8 @@ static const char *const helptext[] = {
" --proxy-anyauth Pick \"any\" proxy authentication method (H)", " --proxy-anyauth Pick \"any\" proxy authentication method (H)",
" --proxy-basic Use Basic authentication on the proxy (H)", " --proxy-basic Use Basic authentication on the proxy (H)",
" --proxy-digest Use Digest authentication on the proxy (H)", " --proxy-digest Use Digest authentication on the proxy (H)",
" --proxy-negotiate Use Negotiate authentication on the proxy (H)", " --proxy-negotiate "
"Use HTTP Negotiate (SPNEGO) authentication on the proxy (H)",
" --proxy-ntlm Use NTLM authentication on the proxy (H)", " --proxy-ntlm Use NTLM authentication on the proxy (H)",
" -U, --proxy-user USER[:PASSWORD] Proxy user and password", " -U, --proxy-user USER[:PASSWORD] Proxy user and password",
" --proxy1.0 HOST[:PORT] Use HTTP/1.0 proxy on given port", " --proxy1.0 HOST[:PORT] Use HTTP/1.0 proxy on given port",
@@ -258,7 +259,6 @@ static const struct feat feats[] = {
{"AsynchDNS", CURL_VERSION_ASYNCHDNS}, {"AsynchDNS", CURL_VERSION_ASYNCHDNS},
{"Debug", CURL_VERSION_DEBUG}, {"Debug", CURL_VERSION_DEBUG},
{"TrackMemory", CURL_VERSION_CURLDEBUG}, {"TrackMemory", CURL_VERSION_CURLDEBUG},
{"GSS-Negotiate", CURL_VERSION_GSSNEGOTIATE},
{"IDN", CURL_VERSION_IDN}, {"IDN", CURL_VERSION_IDN},
{"IPv6", CURL_VERSION_IPV6}, {"IPv6", CURL_VERSION_IPV6},
{"Largefile", CURL_VERSION_LARGEFILE}, {"Largefile", CURL_VERSION_LARGEFILE},