Daniel Stenberg
2a15e594ef
MD(4|5): make the MD4_* and MD5_* functions static
2015-02-06 14:26:32 +01:00
Daniel Stenberg
d557da5d79
axtls: fix conversion from size_t to int warning
2015-02-06 14:26:32 +01:00
Steve Holme
600ccb2237
ftp: Use 'CURLcode result' for curl result codes
2015-02-05 20:31:12 +00:00
Daniel Stenberg
45b9b62de4
openssl: SSL_SESSION->ssl_version no longer exist
...
The struct went private in 1.0.2 so we cannot read the version number
from there anymore. Use SSL_version() instead!
Reported-by: Gisle Vanem
Bug: http://curl.haxx.se/mail/lib-2015-02/0034.html
2015-02-05 11:57:33 +01:00
Daniel Stenberg
0d41c3e46b
MD5: fix compiler warnings and code style nits
2015-02-04 08:09:06 +01:00
Daniel Stenberg
57d6d253a1
MD5: replace implementation
...
The previous one was "encumbered" by RSA Inc - to avoid the licensing
restrictions it has being replaced. This is the initial import,
inserting the md5.c and md5.h files from
http://openwall.info/wiki/people/solar/software/public-domain-source-code/md5
Code-by: Alexander Peslyak
2015-02-04 08:09:06 +01:00
Daniel Stenberg
7f1d76f7ee
MD4: fix compiler warnings and code style nits
2015-02-04 08:09:06 +01:00
Daniel Stenberg
211d5329f4
MD4: replace implementation
...
The previous one was "encumbered" by RSA Inc - to avoid the licensing
restrictions it has being replaced. This is the initial import,
inserting the md4.c and md4.h files from
http://openwall.info/wiki/people/solar/software/public-domain-source-code/md4
Code-by: Alexander Peslyak
2015-02-04 08:09:05 +01:00
Steve Holme
cfc6d460cb
telnet: Prefer 'CURLcode result' for curl result codes
2015-02-04 00:09:31 +00:00
Steve Holme
0ebe2c15d1
hostasyn: Prefer 'CURLcode result' for curl result codes
2015-02-04 00:07:39 +00:00
Steve Holme
28c9e1edf4
schannel: Prefer 'CURLcode result' for curl result codes
2015-02-04 00:07:16 +00:00
Daniel Stenberg
b3cbf4500d
unit1601: MD5 unit tests
2015-02-03 23:05:55 +01:00
Daniel Stenberg
83bb07027d
unit1600: unit test for Curl_ntlm_core_mk_nt_hash
2015-02-03 21:03:11 +01:00
Steve Holme
0a7182f6ad
curl_sasl.c: More code policing
...
Better use of 80 character line limit, comment corrections and line
spacing preferences.
2015-02-02 16:50:39 +00:00
Marc Hoersken
4161624e94
TODO: moved WinSSL/SChannel todo items into docs
2015-01-31 12:30:11 +01:00
Steve Holme
8ca3b05624
curl_sasl.c: Fixed compilation warning when cryptography is disabled
...
curl_sasl.c:1506: warning: unused variable 'chlg'
2015-01-29 11:48:11 +00:00
Steve Holme
6fdc8651bd
curl_sasl.c: Fixed compilation warning when verbose debug output disabled
...
curl_sasl.c:1317: warning: unused parameter 'conn'
2015-01-28 22:48:01 +00:00
Steve Holme
8cc70db2db
ntlm_core: Use own odd parity function when crypto engine doesn't have one
2015-01-28 22:34:53 +00:00
Steve Holme
c469369b86
ntlm_core: Prefer sizeof(key) rather than hard coded sizes
2015-01-28 22:34:52 +00:00
Steve Holme
58e39b4da5
ntlm_core: Added consistent comments to DES functions
2015-01-28 22:34:51 +00:00
Steve Holme
300876a7a6
des: Added Curl_des_set_odd_parity()
...
Added Curl_des_set_odd_parity() for use when cryptography engines
don't include this functionality.
2015-01-28 22:34:49 +00:00
Steve Holme
595a66ce0f
sasl: Minor code policing and grammar corrections
2015-01-28 19:23:37 +00:00
Gisle Vanem
3cc9e9383b
ldap: build with BoringSSL
2015-01-28 14:22:11 +01:00
Daniel Stenberg
9d964e5477
security: avoid compiler warning
...
Possible access to uninitialised memory '&nread' at line 140 of
lib/security.c in function 'ftp_send_command'.
Reported-by: Rich Burridge
2015-01-28 10:10:59 +01:00
Patrick Monnerat
7b2012f262
sasl: remove XOAUTH2 from default enabled authentication mechanism.
2015-01-27 18:08:18 +01:00
Patrick Monnerat
fe79f20957
imap: remove automatic password setting: it breaks external sasl authentication
2015-01-27 17:34:40 +01:00
Patrick Monnerat
0d24f64473
sasl: implement EXTERNAL authentication mechanism.
...
Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and
by not setting the password.
2015-01-27 17:24:55 +01:00
Steve Holme
e1bb13c09f
openssl: Fixed Curl_ossl_cert_status_request() not returning FALSE
...
Modified the Curl_ossl_cert_status_request() function to return FALSE
when built with BoringSSL or when OpenSSL is missing the necessary TLS
extensions.
2015-01-27 12:53:41 +00:00
Steve Holme
a268a804b7
openssl: Fixed compilation errors when OpenSSL built with 'no-tlsext'
...
Fixed the build of openssl.c when OpenSSL is built without the necessary
TLS extensions for OCSP stapling.
Reported-by: John E. Malmberg
2015-01-27 12:47:48 +00:00
Brad Spencer
5691325440
curl_setup: Disable SMB/CIFS support when HTTP only
2015-01-26 18:48:44 +00:00
Daniel Stenberg
23c6f0a344
OCSP stapling: disabled when build with BoringSSL
2015-01-22 23:34:43 +01:00
Alessandro Ghedini
d1cf5d5706
openssl: add support for the Certificate Status Request TLS extension
...
Also known as "status_request" or OCSP stapling, defined in RFC6066
section 8.
Thanks-to: Joe Mason
- for the work-around for the OpenSSL bug.
2015-01-22 23:25:23 +01:00
Daniel Stenberg
e888e30476
BoringSSL: fix build for non-configure builds
...
HAVE_BORINGSSL gets defined now by configure and should be defined by
other build systems in case a BoringSSL build is desired.
2015-01-22 23:04:10 +01:00
Steve Holme
12e45b8462
curl_sasl: Reinstate the sasl_ prefix for locally scoped functions
...
Commit 7a8b2885e2
made some functions static and removed the public
Curl_ prefix. Unfortunately, it also removed the sasl_ prefix, which
is the naming convention we use in this source file.
2015-01-22 21:32:41 +00:00
Steve Holme
c260c9fad3
curl_sasl: Minor code policing following recent commits
2015-01-22 21:08:18 +00:00
Daniel Stenberg
eb748f159a
BoringSSL: detected by configure, switches off NTLM
2015-01-22 16:39:01 +01:00
Daniel Stenberg
d6c4695dcd
BoringSSL: no PKCS12 support nor ERR_remove_state
2015-01-22 16:39:01 +01:00
Leith Bade
261208d432
BoringSSL: fix build
2015-01-22 16:39:01 +01:00
Steve Holme
795f013006
curl_sasl.c: chlglen is not used when cryptography is disabled
2015-01-20 19:28:54 +00:00
Steve Holme
71f8fdee81
curl_sasl.c: Fixed compilation warning when cyptography is disabled
...
curl_sasl.c:1453: warning C4101: 'serverdata' : unreferenced local
variable
2015-01-20 19:25:43 +00:00
Steve Holme
6005b0d99c
curl_sasl.c: Fixed compilation error when USE_WINDOWS_SSPI defined
...
curl_sasl.c:1221: error C2065: 'mechtable' : undeclared identifier
This error could also happen for non-SSPI builds when cryptography is
disabled (CURL_DISABLE_CRYPTO_AUTH is defined).
2015-01-20 19:24:47 +00:00
Patrick Monnerat
7a8b2885e2
SASL: make some procedures local-scoped
2015-01-20 18:17:55 +01:00
Patrick Monnerat
79543caf90
SASL: common state engine for imap/pop3/smtp
2015-01-20 17:33:05 +01:00
Patrick Monnerat
e1ea18f90e
SASL: common URL option and auth capabilities decoders for all protocols
2015-01-20 15:27:25 +01:00
Patrick Monnerat
5f09cbcdbd
IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.
2015-01-20 14:14:26 +01:00
Daniel Stenberg
960b04e137
ipv6: enclose AF_INET6 uses with proper #ifdefs for ipv6
...
Reported-by: Chris Young
2015-01-20 09:03:55 +01:00
Chris Young
089783c838
timeval: typecast for better type (on Amiga)
...
There is an issue with conflicting "struct timeval" definitions with
certain AmigaOS releases and C libraries, depending on what gets
included when. It's a minor difference - the OS one is unsigned,
whereas the common structure has signed elements. If the OS one ends up
getting defined, this causes a timing calculation error in curl.
It's easy enough to resolve this at the curl end, by casting the
potentially errorneous calculation to a signed long.
2015-01-20 08:53:14 +01:00
Daniel Stenberg
be57f689b0
openssl: do public key pinning check independently
...
... of the other cert verification checks so that you can set verifyhost
and verifypeer to FALSE and still check the public key.
Bug: http://curl.haxx.se/bug/view.cgi?id=1471
Reported-by: Kyle J. McKay
2015-01-19 23:20:13 +01:00
Steve Holme
2cc571f9e3
ldap: Renamed the CURL_LDAP_WIN definition to USE_WIN32_LDAP
...
For consistency with other USE_WIN32_ defines as well as the
USE_OPENLDAP define.
2015-01-18 20:52:43 +00:00
Steve Holme
1cbc8fd3d1
http_negotiate: Use dynamic buffer for SPN generation
...
Use a dynamicly allocated buffer for the temporary SPN variable similar
to how the SASL GSS-API code does, rather than using a fixed buffer of
2048 characters.
2015-01-18 15:45:12 +00:00