83 Commits

Author SHA1 Message Date
David Woodhouse
9ad282b1ae Remove all traces of FBOpenSSL SPNEGO support
This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which
allows client and server to negotiate the underlying mechanism which will
actually be used to authenticate. This is *often* Kerberos, and can also
be NTLM and other things. And to complicate matters, there are various
different OIDs which can be used to specify the Kerberos mechanism too.

A SPNEGO exchange will identify *which* GSSAPI mechanism is being used,
and will exchange GSSAPI tokens which are appropriate for that mechanism.

But this SPNEGO implementation just strips the incoming SPNEGO packet
and extracts the token, if any. And completely discards the information
about *which* mechanism is being used. Then we *assume* it was Kerberos,
and feed the token into gss_init_sec_context() with the default
mechanism (GSS_S_NO_OID for the mech_type argument).

Furthermore... broken as this code is, it was never even *used* for input
tokens anyway, because higher layers of curl would just bail out if the
server actually said anything *back* to us in the negotiation. We assume
that we send a single token to the server, and it accepts it. If the server
wants to continue the exchange (as is required for NTLM and for SPNEGO
to do anything useful), then curl was broken anyway.

So the only bit which actually did anything was the bit in
Curl_output_negotiate(), which always generates an *initial* SPNEGO
token saying "Hey, I support only the Kerberos mechanism and this is its
token".

You could have done that by manually just prefixing the Kerberos token
with the appropriate bytes, if you weren't going to do any proper SPNEGO
handling. There's no need for the FBOpenSSL library at all.

The sane way to do SPNEGO is just to *ask* the GSSAPI library to do
SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context()
is for. And then it should all Just Work™.

That 'sane way' will be added in a subsequent patch, as will bug fixes
for our failure to handle any exchange other than a single outbound
token to the server which results in immediate success.
2014-07-16 17:26:08 +02:00
Jiri Malak
420d9ff3eb Rework Open Watcom make files to use standard Wmake features
Remove slash/backslash problem, now only slashes are used,
Wmake automaticaly translate slash/backslash to proper version or tools are not sensitive for it.
Enable spaces in path.
Use internal rm command for all host platforms
Add error message if old Open Watcom version is used. Some old versions exhibit build problems for Curl latest version. Now only versions 1.8, 1.9 and 2.O beta are supported
2014-03-03 08:19:05 +01:00
Guenter Knauf
ae26ee3489 Updated zlib version in build files. 2013-05-11 17:08:00 +02:00
Guenter Knauf
5be2499e16 Updated dependency libs. 2013-02-09 01:35:11 +01:00
Guenter Knauf
0494da830b Updated dependency libs. 2013-01-28 01:25:39 +01:00
Guenter Knauf
1c58f291cc Updated dependency libary versions. 2012-05-22 04:15:37 +02:00
Guenter Knauf
1beda0cbb7 Updated dependency lib versions. 2012-04-26 14:40:50 +02:00
Guenter Knauf
0f54880277 Updated dependency lib versions. 2012-04-20 13:33:54 +02:00
Guenter Knauf
82306ebfba Updated dependency lib versions (2nd try). 2012-04-12 20:51:29 +02:00
Guenter Knauf
03d4b9f078 Updated dependency lib versions. 2012-04-12 20:44:50 +02:00
Guenter Knauf
2a9fec16cc Updated makefiles to latest libssh2. 2011-09-11 16:50:30 +02:00
Guenter Knauf
2be65bb0c5 Updated dependecies versions. 2011-09-03 14:01:09 +02:00
Guenter Knauf
722f286f80 Enabled OpenWatcom native Windows IDN build.
For now we directly import the Idn* symbols with the linker;
an upcoming release of OWC will have these added to the import
lib normaliz.lib, and prototypes are added to winnnls.h.
2011-04-24 18:58:07 +02:00
Guenter Knauf
24667466f0 Updated default (recommended) dependency versions. 2011-04-19 14:26:51 +02:00
Guenter Knauf
e36c039a07 Updated OpenSSL version, added links to docu. 2011-02-13 12:13:21 +01:00
Guenter Knauf
63598059cd Updated OpenSSL version. 2010-12-05 10:59:58 +01:00
Guenter Knauf
0cb3d7913c Some more small Watcom makefile fixes. 2010-10-14 01:22:40 +02:00
Guenter Knauf
7b79c8bf96 Modified Watcom makefiles to work on Linux too. 2010-10-13 17:29:47 +02:00
Guenter Knauf
2d3c7b7e01 Fixed Watcom makefile. 2010-10-12 15:31:41 +02:00
Guenter Knauf
edf9566c3b Added build bits for librtmp / libssh2 to Watcom makefiles. 2010-10-12 06:55:01 +02:00
Guenter Knauf
2b6208a6de It is sufficient to pipe stderr to NUL to get rid of the nasty messages. 2010-08-18 16:08:20 +02:00
Guenter Knauf
2f0532a072 Added SSPI build to Watcom makefile. 2010-08-18 15:17:05 +02:00
Guenter Knauf
8f6189600f Syncroniszed vclean target; fixed some comments. 2010-08-15 16:56:03 +02:00
Guenter Knauf
3c2ee9c341 Added OpenSSL builds to Watcom makefiles. 2010-08-11 18:08:39 +02:00
Guenter Knauf
06869597c3 More Watcom makefile fixes ...
Final fix (hopefully!) for dll wlink loader;
prefer faster internal rm if available.
2010-08-10 21:27:01 +02:00
Guenter Knauf
517f3a1b8f Fixed my wrong edit. 2010-08-10 17:41:48 +02:00
Guenter Knauf
495d3e07d4 More Watcom makefile fixes.
Added the -br switch to dynamic builds which fixes the issue I saw
with curl's --version output. Added debug info and symfile for debug
builds to linker opts. Added DLL loader for wlink back, but this time
dependend on wlink version.
Patch posted to the list by malak.jiri AT gmail.com.
2010-08-10 17:29:06 +02:00
Guenter Knauf
44e5e37f38 Changed test for -u switch in order to enable other wmake switches.
The var %MAKEFLAGS is only set in 3 cases: if set as environment
var or as macro definition from commandline, and either with the
-u or -ms switch. Since all these cases are unlikely for the average
user it should be safe to only test if %MAKEFLAGS is defined; this
has the benefit that now all other switches can be used again in
addition to the -u which was formerly not possible.
2010-08-10 15:32:56 +02:00
Guenter Knauf
6ea043a504 Fix to overwrite libcurl name. 2010-08-07 18:33:46 +02:00
Guenter Knauf
9df8257301 Some more Watcom makefile massage ...
For now removed the .autodepend directive until I've figured out
which of my changes broke it again.
2010-08-06 03:46:34 +02:00
Guenter Knauf
3cf658fc24 Removed ugly dependency lists since wmake knows the .autodepend directive. 2010-08-02 05:51:17 +02:00
Guenter Knauf
6f3dc2a726 Removed wlink from DLL loader list because it doesnt work with Watcom < 1.8. 2010-08-02 01:30:37 +02:00
Guenter Knauf
b01fb30f9c Moved the LDAP API defines from Makefile.Watcom to config-win32.h.
These defines are only needed for older Watcom versions (< 1280).
2010-08-02 01:28:46 +02:00
Guenter Knauf
b552ca223e Fixed curlbuild.h rule. 2010-08-01 04:48:29 +02:00
Guenter Knauf
a93522f68d Added rule to create curlbuild.h if not present (for builds from git). 2010-08-01 02:39:03 +02:00
Guenter Knauf
fbee86a9e2 Fixed curl.exe static linking. 2010-07-31 11:52:05 +02:00
Guenter Knauf
6ad0acb608 Make Watcom makefiles use Makefile.inc to reduce future maintainance.
lib/Makefile.Watcom works fine already, for src/Makefile.Watcom we
need first to tweak src/Makefile.inc a bit - therefore the handtweaked
list still exists for now.
2010-07-29 03:50:09 +02:00
Guenter Knauf
cfbb351e22 Watcom makefiles overhaul.
- make both libcurl and curl makefiles use register calling convention
  (previously libcurl had stack calling convention).
- added include paths to the Watcom headers so its no longer required
  to set the environment vars for this.
- added -wcd=201 to supress compiler warning about unreachable code.
- use macros for all tools, and removed dependency on GNU tools like rm.
- make ipv6 and debug builds controlable via env vars and so make them
  optional instead of default.
- commented WINLDAPAPI and WINBERAPI since they broke with OW 1.8, and
  it seems they're not needed (anymore?).
- added rule for hugehelp.c.cvs so that it will be created when not
  already exist - this is required for building from a release tarball
  since there we have no hugehelp.c.cvs, thus compilation broke.
- removed C_ARG creation from lib/Makefile.Watcom and use CFLAGS
  directly as done too in src/Makefile.Watcom - this has the benefit
  that we will see all active cflags and defines during compile.
- added LINK-ARG to src/Makefile.Watcom in order to better control
  linker input.
- a couple of other minor makefile tweaks here and there ...
- added largefile support for Watcom builds to config-win32.h. Not yet
  tested if it really works, but should since Win32 supports it.
- added loaddll stuff to speed up builds if supported.
2010-07-29 03:18:40 +02:00
Dan Fandrich
eb33f5d1f8 Added md4.c to the Watcom makefile 2010-07-26 16:41:27 -07:00
Yang Tse
3b24076c3b add missing new files to non-configure target build files 2010-06-02 15:09:39 +02:00
Dan Fandrich
76255cfdc9 Added Polar SSL and RTMP files to the non-autoconf build files
I didn't bother with a few that have little hope of running the required
dependent libraries.
2010-05-12 19:05:58 -07:00
Dan Fandrich
ad6bc4d82e Added the new ftp source files to the non-autoconf build files 2010-05-12 17:32:10 -07:00
monnerat
b30ce34d84 Add compilation directives for hmac in Watcom,riscos and vc6 platform-specific makefiles. 2010-04-20 19:23:48 +02:00
Daniel Stenberg
2309b4e330 remove the CVSish $Id$ lines 2010-03-24 11:02:54 +01:00
Yang Tse
048438345a fix compiler warning 2010-02-19 18:02:38 +00:00
Dan Fandrich
680434f313 Changed the Watcom makefiles to make them easier to keep in sync with
Makefile.inc since that can't be included directly.
2010-02-03 23:07:11 +00:00
Yang Tse
1d86ebfc88 add curl_threads.c to non-configure target build files 2010-01-26 09:20:09 +00:00
Dan Fandrich
5af20c70e4 Added rtsp.c to the non-configure target build files 2010-01-21 22:03:26 +00:00
Dan Fandrich
a644af129e Added the new protocol source files to the non-autoconf build files 2010-01-15 06:33:46 +00:00
Yang Tse
7d22ce5573 libcurl private function Curl_memrchr() now in curl_memrchr.c and curl_memrchr.h 2009-09-28 16:05:20 +00:00