Commit Graph

15122 Commits

Author SHA1 Message Date
Steve Holme
9a51c11074 Makefile.vc6: Added version.lib if built with SSPI 2012-06-11 19:04:16 +02:00
Marc Hoersken
cb142cf217 winbuild: Updated winbuild scripts to add schannel 2012-06-11 19:03:14 +02:00
Marc Hoersken
7da6a9128b mingw32: Fixed warning of USE_SSL being redefined 2012-06-11 19:00:37 +02:00
Marc Hoersken
61d152384e sspi: Fixed incompatible parameter pointer type in Curl_sspi_version 2012-06-11 19:00:37 +02:00
Marc Hoersken
0c86ccc647 sspi: Updated RELEASE-NOTES, FEATURES and THANKS 2012-06-11 19:00:37 +02:00
Marc Hoersken
a92df2e007 setup.h: Automatically define USE_SSL if USE_SCHANNEL is defined 2012-06-11 19:00:36 +02:00
Marc Hoersken
634f7cfee4 version: Replaced SSPI feature information with version string details
Added Windows SSPI version information to the curl version string when
SCHANNEL SSL is not enabled, as the version of the library should also
be included when SSPI is used to generate security contexts.

Removed SSPI from the feature list as the features are GSS-Negotiate,
NTLM and SSL depending on the usage of the SSPI library.
2012-06-11 19:00:36 +02:00
Steve Holme
70d56bfe3c sspi.c: Post Curl_sspi_version() rework code tidy up
Removed duplicate blank lines.
Removed spaces between the not and test in various if statements.
Removed explicit test of NULL in an if statement.
Placed function returns on same line as function declarations.
Replaced the use of curl_maprintf() with aprintf() as it is the
preprocessor job to do this substitution if ENABLE_CURLX_PRINTF
is set.
2012-06-11 19:00:36 +02:00
Steve Holme
bd38ebc697 sspi: Reworked Curl_sspi_version() to return version components
Reworked the version function to return four version components rather
than a string that has to be freed by the caller.
2012-06-11 19:00:36 +02:00
Guenter Knauf
b15434e749 configure.ac: Added -lversion if built with SSPI 2012-06-11 19:00:36 +02:00
Marc Hoersken
7047e2ed72 schannel: Code cleanup and bug fixes
curl_sspi.c: Fixed mingw32-gcc compiler warnings
curl_sspi.c: Fixed length of error code hex output

The hex value was printed as signed 64-bit value on 64-bit systems:
SEC_E_WRONG_PRINCIPAL (0xFFFFFFFF80090322)

It is now correctly printed as the following:
SEC_E_WRONG_PRINCIPAL (0x80090322)

curl_sspi.c: Fallback to security function table version number
Instead of reporting an unknown version, the interface version is used.

curl_sspi.c: Removed SSPI/ version prefix from Curl_sspi_version
curl_schannel: Replaced static buffer sizes with defined names
curl_schannel.c: First brace when declaring functions on column 0
curl_schannel.c: Put the pointer sign directly at variable name
curl_schannel.c: Use structs directly instead of typedef'ed structs
curl_schannel.c: Removed space before opening brace
curl_schannel.c: Fixed lines being longer than 80 chars
2012-06-11 19:00:35 +02:00
Marc Hoersken
c1311c2b8f curl_sspi: Added Curl_sspi_version function
Added new function to get SSPI version as string.
Added required library version.lib to makefiles.
Changed curl_schannel.c to use Curl_sspi_version.
2012-06-11 19:00:35 +02:00
Guenter Knauf
0bb5ff5d1a schannel: Updated mingw32 makefiles 2012-06-11 19:00:35 +02:00
Marc Hoersken
64dc957a41 schannel: Replace ASCII specific code with general defines 2012-06-11 19:00:35 +02:00
Marc Hoersken
3d3a3f9e7c schannel: Added definitions which are missing in mingw32 2012-06-11 19:00:34 +02:00
Marc Hoersken
8d78848a39 schannel: Moved interal struct types to urldata.h
Moved type definitions in order to avoid inclusion loop
2012-06-11 19:00:34 +02:00
Marc Hoersken
90412c8613 schannel: Fixed compiler warnings about pointer type assignments 2012-06-11 19:00:34 +02:00
Marc Hoersken
78729e76da schannel: Fixed critical typo in conditions and added buffer length checks 2012-06-11 19:00:34 +02:00
Marc Hoersken
f858bb0d1f sspi: Refactored socks_sspi and schannel to use same error message functions
Moved the error constant switch to curl_sspi.c and added two new helper
functions to curl_sspi.[ch] which either return the constant or a fully
translated message representing the SSPI security status.
Updated socks_sspi.c and curl_schannel.c to use the new functions.
2012-06-11 19:00:34 +02:00
Marc Hoersken
15ca80c831 schannel: Added special shutdown check for Windows 2000 Professional
Windows 2000 Professional:  Schannel returns SEC_E_OK instead
of SEC_I_CONTEXT_EXPIRED. If the length of the output buffer
is zero and the first byte of the encrypted packet is 0x15,
the application can safely assume that the message was a
close_notify message and change the return value to
SEC_I_CONTEXT_EXPIRED.

Connection shutdown does not mean that there is no data to read
Correctly handle incomplete message and ask curl to re-read
Fixed buffer for decrypted being to small
Re-structured read condition to be more effective
Removed obsolete verbose messages
Changed memory reduction method to keep a minimum buffer of size 4096
2012-06-11 19:00:34 +02:00
Marc Hoersken
ec9e9f38b1 schannel: Implemented SSL/TLS renegotiation
Updated TODO information and added related MSDN articles
2012-06-11 19:00:34 +02:00
Marc Hoersken
46792af733 schannel: Save session credential handles in session cache 2012-06-11 19:00:34 +02:00
Marc Hoersken
445245ca85 schannel: Code cleanup 2012-06-11 19:00:34 +02:00
Marc Hoersken
f96f1f3165 schannel: Check for required context attributes 2012-06-11 19:00:34 +02:00
Marc Hoersken
bead90a837 schannel: Allow certificate and revocation checks being deactivated 2012-06-11 19:00:34 +02:00
Marc Hoersken
aaa42aa0d5 schannel: Added SSL/TLS support with Microsoft Windows Schannel SSPI 2012-06-11 19:00:29 +02:00
Marc Hoersken
1f635608bb http: Replaced specific SSL libraries list in https_getsock fallback 2012-06-11 19:00:29 +02:00
Marc Hoersken
9c94236e6c connect.c/ftp.c: Fixed dereferencing pointer breakin strict-aliasing
Fixed warning: dereferencing pointer does break strict-aliasing rules
by using a union instead of separate pointer variables.
Internal union sockaddr_u could probably be moved to generic header.
Thanks to Paul Howarth for the hint about using unions for this.

Important for winbuild: Separate declaration of sockaddr_u pointer.
The pointer variable *sock cannot be declared and initialized right
after the union declaration. Therefore it has to be a separate statement.
2012-06-11 15:26:30 +02:00
Marc Hoersken
3f9ab7cf5d curl_ntlm_msgs.c: Fixed passwdlen not being used and recalculated 2012-06-11 14:47:23 +02:00
Yang Tse
63e9685470 tests: fix test definitions # 1355, 1363, 1385 and 1393
-i without HTTP protocol shall not include headers in the output
2012-06-11 13:56:40 +02:00
Daniel Stenberg
6cd084a3b5 Curl_pgrsDone: return int and acknowledge return code
Since Curl_pgrsDone() itself calls Curl_pgrsUpdate() which may return an
abort instruction or similar we need to return that info back and
subsequently properly handle return codes from Curl_pgrsDone() where
used.

(Spotted by a Coverity scan)
2012-06-10 23:40:35 +02:00
Marc Hoersken
72c7c1d64e winbuild: Fixed environment variables being lost
Fixed USE_IPV6 and USE_IDN not being passed
from Makefile.vc to MakefileBuild.vc
Fixed whitespace and formatting issues
Fixed typo and format in help message
2012-06-10 16:12:48 +01:00
Guenter Knauf
6ea32b8b76 Added metalink support to NetWare builds. 2012-06-09 23:10:47 +02:00
Steve Holme
1aaf86a596 smtp.c: Removed unused variable 2012-06-09 19:49:59 +01:00
Steve Holme
6188855b67 smtp: Post apop feature code tidy up 2012-06-09 19:22:29 +01:00
Steve Holme
a3660127a4 pop3: Post apop feature code tidy up 2012-06-09 19:21:44 +01:00
Steve Holme
c09c621af7 pop3: Added support for apop authentication 2012-06-09 13:49:37 +01:00
Steve Holme
4e430a8a16 pop3: Enhanced the extended authentication mechanism detection
Enhanced the authentication type / mechanism detection in preparation
for the introduction of APOP support.
2012-06-09 11:48:44 +01:00
Steve Holme
6478e1d7e5 pop3.c: Fixed length of SASL check 2012-06-09 11:08:08 +01:00
Yang Tse
a884ffe430 Fixes allowing 26 more test cases in 1334 to 1393 range to succeed 2012-06-09 05:49:49 +02:00
Yang Tse
c29d1f4e3a tests: fix test definitions # 1370 and 1371
-J without -O shall not honor C-D filename
2012-06-09 05:49:48 +02:00
Daniel Stenberg
674e53f40e OpenSSL: support longer certificate subject names
Previously it would use a 256 byte buffer and thus cut off very long
subject names. The limit is now upped to the receive buffer size, 16K.

Bug: http://curl.haxx.se/bug/view.cgi?id=3533045
Reported by: Anthony G. Basile
2012-06-09 00:06:54 +02:00
Kamil Dudka
68857e40d6 ssl: fix duplicated SSL handshake with multi interface and proxy
Bug: https://bugzilla.redhat.com/788526
Reported by: Enrico Scholz
2012-06-08 23:27:11 +02:00
Daniel Stenberg
dd576194ce tool_getparam.h: fix compiler error
forward declare the Configurable struct
2012-06-08 23:14:30 +02:00
Daniel Stenberg
870c99b7e7 metalink: restore some includes
Commit eeeba1496c removed them and thus broke my Linux build
2012-06-08 23:13:32 +02:00
Daniel Stenberg
e3f5e04cf0 openldap: OOM fixes
when calloc fails, return error! (Detected by Fortify)

Reported by: Robert B. Harris
2012-06-08 20:57:11 +02:00
Steve Holme
0cd8c287a4 sasl: Re-factored mechanism constants in preparation for APOP work 2012-06-08 19:52:28 +01:00
Yang Tse
eeeba1496c metalink: build fixes and adjustments II
Additionally, make hash checking ability mandatory in order to allow metalink
support in curl.

A command line option could be introduced to skip hash checking at runtime,
but the ability to check hashes should always be built-in when providing
metalink support.
2012-06-08 14:27:45 +02:00
Guenter Knauf
186b101deb Added metalink support to MinGW builds. 2012-06-08 14:16:43 +02:00
Daniel Stenberg
d2fc8b4a5f log2changes.pl: fix the Version output
Previously it could easily wrongly get repeated
2012-06-07 23:50:00 +02:00