mirror of
https://github.com/curl/curl.git
synced 2026-04-15 01:01:41 +03:00
lib: make SSPI global symbols use Curl_ prefix
Do not pollute the namespace. Closes #14776
This commit is contained in:
Daniel Stenberg
parent
6a9b71037a
commit
bca9c7719a
10 changed files with 186 additions and 182 deletions
|
|
@ -52,10 +52,10 @@ typedef PSecurityFunctionTable (APIENTRY *INITSECURITYINTERFACE_FN)(VOID);
|
|||
#endif
|
||||
|
||||
/* Handle of security.dll or secur32.dll, depending on Windows version */
|
||||
HMODULE s_hSecDll = NULL;
|
||||
HMODULE Curl_hSecDll = NULL;
|
||||
|
||||
/* Pointer to SSPI dispatch table */
|
||||
PSecurityFunctionTable s_pSecFn = NULL;
|
||||
PSecurityFunctionTable Curl_pSecFn = NULL;
|
||||
|
||||
/*
|
||||
* Curl_sspi_global_init()
|
||||
|
|
@ -79,29 +79,29 @@ CURLcode Curl_sspi_global_init(void)
|
|||
INITSECURITYINTERFACE_FN pInitSecurityInterface;
|
||||
|
||||
/* If security interface is not yet initialized try to do this */
|
||||
if(!s_hSecDll) {
|
||||
if(!Curl_hSecDll) {
|
||||
/* Security Service Provider Interface (SSPI) functions are located in
|
||||
* security.dll on WinNT 4.0 and in secur32.dll on Win9x. Win2K and XP
|
||||
* have both these DLLs (security.dll forwards calls to secur32.dll) */
|
||||
|
||||
/* Load SSPI dll into the address space of the calling process */
|
||||
if(curlx_verify_windows_version(4, 0, 0, PLATFORM_WINNT, VERSION_EQUAL))
|
||||
s_hSecDll = Curl_load_library(TEXT("security.dll"));
|
||||
Curl_hSecDll = Curl_load_library(TEXT("security.dll"));
|
||||
else
|
||||
s_hSecDll = Curl_load_library(TEXT("secur32.dll"));
|
||||
if(!s_hSecDll)
|
||||
Curl_hSecDll = Curl_load_library(TEXT("secur32.dll"));
|
||||
if(!Curl_hSecDll)
|
||||
return CURLE_FAILED_INIT;
|
||||
|
||||
/* Get address of the InitSecurityInterfaceA function from the SSPI dll */
|
||||
pInitSecurityInterface =
|
||||
CURLX_FUNCTION_CAST(INITSECURITYINTERFACE_FN,
|
||||
(GetProcAddress(s_hSecDll, SECURITYENTRYPOINT)));
|
||||
(GetProcAddress(Curl_hSecDll, SECURITYENTRYPOINT)));
|
||||
if(!pInitSecurityInterface)
|
||||
return CURLE_FAILED_INIT;
|
||||
|
||||
/* Get pointer to Security Service Provider Interface dispatch table */
|
||||
s_pSecFn = pInitSecurityInterface();
|
||||
if(!s_pSecFn)
|
||||
Curl_pSecFn = pInitSecurityInterface();
|
||||
if(!Curl_pSecFn)
|
||||
return CURLE_FAILED_INIT;
|
||||
}
|
||||
|
||||
|
|
@ -119,10 +119,10 @@ CURLcode Curl_sspi_global_init(void)
|
|||
*/
|
||||
void Curl_sspi_global_cleanup(void)
|
||||
{
|
||||
if(s_hSecDll) {
|
||||
FreeLibrary(s_hSecDll);
|
||||
s_hSecDll = NULL;
|
||||
s_pSecFn = NULL;
|
||||
if(Curl_hSecDll) {
|
||||
FreeLibrary(Curl_hSecDll);
|
||||
Curl_hSecDll = NULL;
|
||||
Curl_pSecFn = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -57,8 +57,8 @@ CURLcode Curl_create_sspi_identity(const char *userp, const char *passwdp,
|
|||
void Curl_sspi_free_identity(SEC_WINNT_AUTH_IDENTITY *identity);
|
||||
|
||||
/* Forward-declaration of global variables defined in curl_sspi.c */
|
||||
extern HMODULE s_hSecDll;
|
||||
extern PSecurityFunctionTable s_pSecFn;
|
||||
extern HMODULE Curl_hSecDll;
|
||||
extern PSecurityFunctionTable Curl_pSecFn;
|
||||
|
||||
/* Provide some definitions missing in old headers */
|
||||
#define SP_NAME_DIGEST "WDigest"
|
||||
|
|
|
|||
|
|
@ -187,10 +187,10 @@ CURLcode Curl_output_ntlm(struct Curl_easy *data, bool proxy)
|
|||
passwdp = "";
|
||||
|
||||
#ifdef USE_WINDOWS_SSPI
|
||||
if(!s_hSecDll) {
|
||||
if(!Curl_hSecDll) {
|
||||
/* not thread safe and leaks - use curl_global_init() to avoid */
|
||||
CURLcode err = Curl_sspi_global_init();
|
||||
if(!s_hSecDll)
|
||||
if(!Curl_hSecDll)
|
||||
return err;
|
||||
}
|
||||
#ifdef SECPKG_ATTR_ENDPOINT_BINDINGS
|
||||
|
|
|
|||
156
lib/socks_sspi.c
156
lib/socks_sspi.c
|
|
@ -139,7 +139,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
cred_handle.dwLower = 0;
|
||||
cred_handle.dwUpper = 0;
|
||||
|
||||
status = s_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
status = Curl_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
(TCHAR *) TEXT("Kerberos"),
|
||||
SECPKG_CRED_OUTBOUND,
|
||||
NULL,
|
||||
|
|
@ -152,7 +152,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
if(check_sspi_err(data, status, "AcquireCredentialsHandle")) {
|
||||
failf(data, "Failed to acquire credentials.");
|
||||
free(service_name);
|
||||
s_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
|
|
@ -167,7 +167,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
if(!sname)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
status = s_pSecFn->InitializeSecurityContext(&cred_handle,
|
||||
status = Curl_pSecFn->InitializeSecurityContext(&cred_handle,
|
||||
context_handle,
|
||||
sname,
|
||||
ISC_REQ_MUTUAL_AUTH |
|
||||
|
|
@ -186,17 +186,17 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
curlx_unicodefree(sname);
|
||||
|
||||
if(sspi_recv_token.pvBuffer) {
|
||||
s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
sspi_recv_token.pvBuffer = NULL;
|
||||
sspi_recv_token.cbBuffer = 0;
|
||||
}
|
||||
|
||||
if(check_sspi_err(data, status, "InitializeSecurityContext")) {
|
||||
free(service_name);
|
||||
s_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
if(sspi_recv_token.pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
failf(data, "Failed to initialise security context.");
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
|
@ -213,11 +213,11 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
failf(data, "Failed to send SSPI authentication request.");
|
||||
free(service_name);
|
||||
if(sspi_send_token.pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
if(sspi_recv_token.pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
s_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
|
|
@ -228,24 +228,24 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
failf(data, "Failed to send SSPI authentication token.");
|
||||
free(service_name);
|
||||
if(sspi_send_token.pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
if(sspi_recv_token.pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
s_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
if(sspi_send_token.pvBuffer) {
|
||||
s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
sspi_send_token.pvBuffer = NULL;
|
||||
}
|
||||
sspi_send_token.cbBuffer = 0;
|
||||
|
||||
if(sspi_recv_token.pvBuffer) {
|
||||
s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
sspi_recv_token.pvBuffer = NULL;
|
||||
}
|
||||
sspi_recv_token.cbBuffer = 0;
|
||||
|
|
@ -267,8 +267,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
if(result || (actualread != 4)) {
|
||||
failf(data, "Failed to receive SSPI authentication response.");
|
||||
free(service_name);
|
||||
s_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
|
|
@ -277,8 +277,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
failf(data, "User was rejected by the SOCKS5 server (%u %u).",
|
||||
(unsigned int)socksreq[0], (unsigned int)socksreq[1]);
|
||||
free(service_name);
|
||||
s_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
|
|
@ -286,8 +286,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
failf(data, "Invalid SSPI authentication response type (%u %u).",
|
||||
(unsigned int)socksreq[0], (unsigned int)socksreq[1]);
|
||||
free(service_name);
|
||||
s_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
|
|
@ -299,8 +299,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
|
||||
if(!sspi_recv_token.pvBuffer) {
|
||||
free(service_name);
|
||||
s_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
result = Curl_blockread_all(cf, data, (char *)sspi_recv_token.pvBuffer,
|
||||
|
|
@ -310,9 +310,9 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
failf(data, "Failed to receive SSPI authentication token.");
|
||||
free(service_name);
|
||||
if(sspi_recv_token.pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
s_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_recv_token.pvBuffer);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
|
|
@ -322,13 +322,13 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
free(service_name);
|
||||
|
||||
/* Everything is good so far, user was authenticated! */
|
||||
status = s_pSecFn->QueryCredentialsAttributes(&cred_handle,
|
||||
status = Curl_pSecFn->QueryCredentialsAttributes(&cred_handle,
|
||||
SECPKG_CRED_ATTR_NAMES,
|
||||
&names);
|
||||
s_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred_handle);
|
||||
if(check_sspi_err(data, status, "QueryCredentialAttributes")) {
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
s_pSecFn->FreeContextBuffer(names.sUserName);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(names.sUserName);
|
||||
failf(data, "Failed to determine username.");
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
|
@ -339,7 +339,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
(user_utf8 ? user_utf8 : "(unknown)"));
|
||||
curlx_unicodefree(user_utf8);
|
||||
#endif
|
||||
s_pSecFn->FreeContextBuffer(names.sUserName);
|
||||
Curl_pSecFn->FreeContextBuffer(names.sUserName);
|
||||
}
|
||||
|
||||
/* Do encryption */
|
||||
|
|
@ -394,11 +394,11 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
memcpy(socksreq + 2, &us_length, sizeof(short));
|
||||
}
|
||||
else {
|
||||
status = s_pSecFn->QueryContextAttributes(&sspi_context,
|
||||
status = Curl_pSecFn->QueryContextAttributes(&sspi_context,
|
||||
SECPKG_ATTR_SIZES,
|
||||
&sspi_sizes);
|
||||
if(check_sspi_err(data, status, "QueryContextAttributes")) {
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
failf(data, "Failed to query security context attributes.");
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
|
@ -408,15 +408,15 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
sspi_w_token[0].pvBuffer = malloc(sspi_sizes.cbSecurityTrailer);
|
||||
|
||||
if(!sspi_w_token[0].pvBuffer) {
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
sspi_w_token[1].cbBuffer = 1;
|
||||
sspi_w_token[1].pvBuffer = malloc(1);
|
||||
if(!sspi_w_token[1].pvBuffer) {
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
|
|
@ -425,20 +425,20 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
sspi_w_token[2].cbBuffer = sspi_sizes.cbBlockSize;
|
||||
sspi_w_token[2].pvBuffer = malloc(sspi_sizes.cbBlockSize);
|
||||
if(!sspi_w_token[2].pvBuffer) {
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
status = s_pSecFn->EncryptMessage(&sspi_context,
|
||||
status = Curl_pSecFn->EncryptMessage(&sspi_context,
|
||||
KERB_WRAP_NO_ENCRYPT,
|
||||
&wrap_desc,
|
||||
0);
|
||||
if(check_sspi_err(data, status, "EncryptMessage")) {
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[2].pvBuffer);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[2].pvBuffer);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
failf(data, "Failed to query security context attributes.");
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
|
@ -447,10 +447,10 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
+ sspi_w_token[2].cbBuffer;
|
||||
sspi_send_token.pvBuffer = malloc(sspi_send_token.cbBuffer);
|
||||
if(!sspi_send_token.pvBuffer) {
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[2].pvBuffer);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[2].pvBuffer);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
|
|
@ -463,13 +463,13 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
+ sspi_w_token[1].cbBuffer,
|
||||
sspi_w_token[2].pvBuffer, sspi_w_token[2].cbBuffer);
|
||||
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
sspi_w_token[0].pvBuffer = NULL;
|
||||
sspi_w_token[0].cbBuffer = 0;
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
sspi_w_token[1].pvBuffer = NULL;
|
||||
sspi_w_token[1].cbBuffer = 0;
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[2].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[2].pvBuffer);
|
||||
sspi_w_token[2].pvBuffer = NULL;
|
||||
sspi_w_token[2].cbBuffer = 0;
|
||||
|
||||
|
|
@ -482,8 +482,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
if(code || (4 != written)) {
|
||||
failf(data, "Failed to send SSPI encryption request.");
|
||||
if(sspi_send_token.pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
|
|
@ -493,7 +493,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
&code);
|
||||
if(code || (1 != written)) {
|
||||
failf(data, "Failed to send SSPI encryption type.");
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
}
|
||||
|
|
@ -504,18 +504,18 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
if(code || (sspi_send_token.cbBuffer != (size_t)written)) {
|
||||
failf(data, "Failed to send SSPI encryption type.");
|
||||
if(sspi_send_token.pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
if(sspi_send_token.pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_send_token.pvBuffer);
|
||||
}
|
||||
|
||||
result = Curl_blockread_all(cf, data, (char *)socksreq, 4, &actualread);
|
||||
if(result || (actualread != 4)) {
|
||||
failf(data, "Failed to receive SSPI encryption response.");
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
|
|
@ -523,14 +523,14 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
if(socksreq[1] == 255) { /* status / message type */
|
||||
failf(data, "User was rejected by the SOCKS5 server (%u %u).",
|
||||
(unsigned int)socksreq[0], (unsigned int)socksreq[1]);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
if(socksreq[1] != 2) { /* status / message type */
|
||||
failf(data, "Invalid SSPI encryption response type (%u %u).",
|
||||
(unsigned int)socksreq[0], (unsigned int)socksreq[1]);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
|
|
@ -540,7 +540,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
sspi_w_token[0].cbBuffer = us_length;
|
||||
sspi_w_token[0].pvBuffer = malloc(us_length);
|
||||
if(!sspi_w_token[0].pvBuffer) {
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
}
|
||||
|
||||
|
|
@ -549,8 +549,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
|
||||
if(result || (actualread != us_length)) {
|
||||
failf(data, "Failed to receive SSPI encryption type.");
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
|
|
@ -562,17 +562,17 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
sspi_w_token[1].cbBuffer = 0;
|
||||
sspi_w_token[1].pvBuffer = NULL;
|
||||
|
||||
status = s_pSecFn->DecryptMessage(&sspi_context,
|
||||
status = Curl_pSecFn->DecryptMessage(&sspi_context,
|
||||
&wrap_desc,
|
||||
0,
|
||||
&qop);
|
||||
|
||||
if(check_sspi_err(data, status, "DecryptMessage")) {
|
||||
if(sspi_w_token[0].pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
if(sspi_w_token[1].pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
failf(data, "Failed to query security context attributes.");
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
|
@ -581,27 +581,27 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
failf(data, "Invalid SSPI encryption response length (%lu).",
|
||||
(unsigned long)sspi_w_token[1].cbBuffer);
|
||||
if(sspi_w_token[0].pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
if(sspi_w_token[1].pvBuffer)
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
|
||||
memcpy(socksreq, sspi_w_token[1].pvBuffer, sspi_w_token[1].cbBuffer);
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[1].pvBuffer);
|
||||
}
|
||||
else {
|
||||
if(sspi_w_token[0].cbBuffer != 1) {
|
||||
failf(data, "Invalid SSPI encryption response length (%lu).",
|
||||
(unsigned long)sspi_w_token[0].cbBuffer);
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
return CURLE_COULDNT_CONNECT;
|
||||
}
|
||||
memcpy(socksreq, sspi_w_token[0].pvBuffer, sspi_w_token[0].cbBuffer);
|
||||
s_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(sspi_w_token[0].pvBuffer);
|
||||
}
|
||||
(void)curlx_nonblock(sock, TRUE);
|
||||
|
||||
|
|
@ -614,7 +614,7 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(struct Curl_cfilter *cf,
|
|||
if(socksreq[0] != 0)
|
||||
conn->socks5_sspi_context = sspi_context;
|
||||
else {
|
||||
s_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(&sspi_context);
|
||||
conn->socks5_sspi_context = sspi_context;
|
||||
}
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -60,12 +60,13 @@ bool Curl_auth_is_digest_supported(void)
|
|||
SECURITY_STATUS status;
|
||||
|
||||
/* Query the security package for Digest */
|
||||
status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST),
|
||||
&SecurityPackage);
|
||||
status =
|
||||
Curl_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST),
|
||||
&SecurityPackage);
|
||||
|
||||
/* Release the package buffer as it is not required anymore */
|
||||
if(status == SEC_E_OK) {
|
||||
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
Curl_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
}
|
||||
|
||||
return (status == SEC_E_OK ? TRUE : FALSE);
|
||||
|
|
@ -119,8 +120,9 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
|
|||
}
|
||||
|
||||
/* Query the security package for DigestSSP */
|
||||
status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST),
|
||||
&SecurityPackage);
|
||||
status =
|
||||
Curl_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST),
|
||||
&SecurityPackage);
|
||||
if(status != SEC_E_OK) {
|
||||
failf(data, "SSPI: could not get auth info");
|
||||
return CURLE_AUTH_ERROR;
|
||||
|
|
@ -129,7 +131,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
|
|||
token_max = SecurityPackage->cbMaxToken;
|
||||
|
||||
/* Release the package buffer as it is not required anymore */
|
||||
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
Curl_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
|
||||
/* Allocate our response buffer */
|
||||
output_token = malloc(token_max);
|
||||
|
|
@ -160,7 +162,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
|
|||
p_identity = NULL;
|
||||
|
||||
/* Acquire our credentials handle */
|
||||
status = s_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
status = Curl_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
(TCHAR *) TEXT(SP_NAME_DIGEST),
|
||||
SECPKG_CRED_OUTBOUND, NULL,
|
||||
p_identity, NULL, NULL,
|
||||
|
|
@ -190,20 +192,20 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
|
|||
resp_buf.cbBuffer = curlx_uztoul(token_max);
|
||||
|
||||
/* Generate our response message */
|
||||
status = s_pSecFn->InitializeSecurityContext(&credentials, NULL, spn,
|
||||
status = Curl_pSecFn->InitializeSecurityContext(&credentials, NULL, spn,
|
||||
0, 0, 0, &chlg_desc, 0,
|
||||
&context, &resp_desc, &attrs,
|
||||
&expiry);
|
||||
|
||||
if(status == SEC_I_COMPLETE_NEEDED ||
|
||||
status == SEC_I_COMPLETE_AND_CONTINUE)
|
||||
s_pSecFn->CompleteAuthToken(&credentials, &resp_desc);
|
||||
Curl_pSecFn->CompleteAuthToken(&credentials, &resp_desc);
|
||||
else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) {
|
||||
#if !defined(CURL_DISABLE_VERBOSE_STRINGS)
|
||||
char buffer[STRERROR_LEN];
|
||||
#endif
|
||||
|
||||
s_pSecFn->FreeCredentialsHandle(&credentials);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&credentials);
|
||||
Curl_sspi_free_identity(p_identity);
|
||||
free(spn);
|
||||
free(output_token);
|
||||
|
|
@ -223,8 +225,8 @@ CURLcode Curl_auth_create_digest_md5_message(struct Curl_easy *data,
|
|||
Curl_bufref_set(out, output_token, resp_buf.cbBuffer, curl_free);
|
||||
|
||||
/* Free our handles */
|
||||
s_pSecFn->DeleteSecurityContext(&context);
|
||||
s_pSecFn->FreeCredentialsHandle(&credentials);
|
||||
Curl_pSecFn->DeleteSecurityContext(&context);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&credentials);
|
||||
|
||||
/* Free the identity structure */
|
||||
Curl_sspi_free_identity(p_identity);
|
||||
|
|
@ -410,8 +412,9 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||
(void) data;
|
||||
|
||||
/* Query the security package for DigestSSP */
|
||||
status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST),
|
||||
&SecurityPackage);
|
||||
status =
|
||||
Curl_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_DIGEST),
|
||||
&SecurityPackage);
|
||||
if(status != SEC_E_OK) {
|
||||
failf(data, "SSPI: could not get auth info");
|
||||
return CURLE_AUTH_ERROR;
|
||||
|
|
@ -420,7 +423,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||
token_max = SecurityPackage->cbMaxToken;
|
||||
|
||||
/* Release the package buffer as it is not required anymore */
|
||||
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
Curl_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
|
||||
/* Allocate the output buffer according to the max token size as indicated
|
||||
by the security package */
|
||||
|
|
@ -436,7 +439,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||
(userp && digest->user && Curl_timestrcmp(userp, digest->user)) ||
|
||||
(passwdp && digest->passwd && Curl_timestrcmp(passwdp, digest->passwd))) {
|
||||
if(digest->http_context) {
|
||||
s_pSecFn->DeleteSecurityContext(digest->http_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(digest->http_context);
|
||||
Curl_safefree(digest->http_context);
|
||||
}
|
||||
Curl_safefree(digest->user);
|
||||
|
|
@ -463,13 +466,14 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||
chlg_buf[4].pvBuffer = output_token;
|
||||
chlg_buf[4].cbBuffer = curlx_uztoul(token_max);
|
||||
|
||||
status = s_pSecFn->MakeSignature(digest->http_context, 0, &chlg_desc, 0);
|
||||
status = Curl_pSecFn->MakeSignature(digest->http_context, 0, &chlg_desc,
|
||||
0);
|
||||
if(status == SEC_E_OK)
|
||||
output_token_len = chlg_buf[4].cbBuffer;
|
||||
else { /* delete the context so a new one can be made */
|
||||
infof(data, "digest_sspi: MakeSignature failed, error 0x%08lx",
|
||||
(long)status);
|
||||
s_pSecFn->DeleteSecurityContext(digest->http_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(digest->http_context);
|
||||
Curl_safefree(digest->http_context);
|
||||
}
|
||||
}
|
||||
|
|
@ -529,7 +533,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||
}
|
||||
|
||||
/* Acquire our credentials handle */
|
||||
status = s_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
status = Curl_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
(TCHAR *) TEXT(SP_NAME_DIGEST),
|
||||
SECPKG_CRED_OUTBOUND, NULL,
|
||||
p_identity, NULL, NULL,
|
||||
|
|
@ -565,7 +569,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||
|
||||
spn = curlx_convert_UTF8_to_tchar((char *) uripath);
|
||||
if(!spn) {
|
||||
s_pSecFn->FreeCredentialsHandle(&credentials);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&credentials);
|
||||
|
||||
Curl_sspi_free_identity(p_identity);
|
||||
free(output_token);
|
||||
|
|
@ -579,7 +583,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
/* Generate our response message */
|
||||
status = s_pSecFn->InitializeSecurityContext(&credentials, NULL,
|
||||
status = Curl_pSecFn->InitializeSecurityContext(&credentials, NULL,
|
||||
spn,
|
||||
ISC_REQ_USE_HTTP_STYLE, 0, 0,
|
||||
&chlg_desc, 0,
|
||||
|
|
@ -589,13 +593,13 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||
|
||||
if(status == SEC_I_COMPLETE_NEEDED ||
|
||||
status == SEC_I_COMPLETE_AND_CONTINUE)
|
||||
s_pSecFn->CompleteAuthToken(&credentials, &resp_desc);
|
||||
Curl_pSecFn->CompleteAuthToken(&credentials, &resp_desc);
|
||||
else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED) {
|
||||
#if !defined(CURL_DISABLE_VERBOSE_STRINGS)
|
||||
char buffer[STRERROR_LEN];
|
||||
#endif
|
||||
|
||||
s_pSecFn->FreeCredentialsHandle(&credentials);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&credentials);
|
||||
|
||||
Curl_sspi_free_identity(p_identity);
|
||||
free(output_token);
|
||||
|
|
@ -615,7 +619,7 @@ CURLcode Curl_auth_create_digest_http_message(struct Curl_easy *data,
|
|||
|
||||
output_token_len = resp_buf.cbBuffer;
|
||||
|
||||
s_pSecFn->FreeCredentialsHandle(&credentials);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&credentials);
|
||||
Curl_sspi_free_identity(p_identity);
|
||||
}
|
||||
|
||||
|
|
@ -660,7 +664,7 @@ void Curl_auth_digest_cleanup(struct digestdata *digest)
|
|||
|
||||
/* Delete security context */
|
||||
if(digest->http_context) {
|
||||
s_pSecFn->DeleteSecurityContext(digest->http_context);
|
||||
Curl_pSecFn->DeleteSecurityContext(digest->http_context);
|
||||
Curl_safefree(digest->http_context);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -55,13 +55,13 @@ bool Curl_auth_is_gssapi_supported(void)
|
|||
SECURITY_STATUS status;
|
||||
|
||||
/* Query the security package for Kerberos */
|
||||
status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *)
|
||||
status = Curl_pSecFn->QuerySecurityPackageInfo((TCHAR *)
|
||||
TEXT(SP_NAME_KERBEROS),
|
||||
&SecurityPackage);
|
||||
|
||||
/* Release the package buffer as it is not required anymore */
|
||||
if(status == SEC_E_OK) {
|
||||
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
Curl_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
}
|
||||
|
||||
return (status == SEC_E_OK ? TRUE : FALSE);
|
||||
|
|
@ -118,7 +118,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
|
|||
|
||||
if(!krb5->output_token) {
|
||||
/* Query the security package for Kerberos */
|
||||
status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *)
|
||||
status = Curl_pSecFn->QuerySecurityPackageInfo((TCHAR *)
|
||||
TEXT(SP_NAME_KERBEROS),
|
||||
&SecurityPackage);
|
||||
if(status != SEC_E_OK) {
|
||||
|
|
@ -129,7 +129,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
|
|||
krb5->token_max = SecurityPackage->cbMaxToken;
|
||||
|
||||
/* Release the package buffer as it is not required anymore */
|
||||
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
Curl_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
|
||||
/* Allocate our response buffer */
|
||||
krb5->output_token = malloc(krb5->token_max);
|
||||
|
|
@ -158,7 +158,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
|
|||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
/* Acquire our credentials handle */
|
||||
status = s_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
status = Curl_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
(TCHAR *)
|
||||
TEXT(SP_NAME_KERBEROS),
|
||||
SECPKG_CRED_OUTBOUND, NULL,
|
||||
|
|
@ -197,7 +197,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
|
|||
resp_buf.cbBuffer = curlx_uztoul(krb5->token_max);
|
||||
|
||||
/* Generate our challenge-response message */
|
||||
status = s_pSecFn->InitializeSecurityContext(krb5->credentials,
|
||||
status = Curl_pSecFn->InitializeSecurityContext(krb5->credentials,
|
||||
chlg ? krb5->context : NULL,
|
||||
krb5->spn,
|
||||
(mutual_auth ?
|
||||
|
|
@ -215,7 +215,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct Curl_easy *data,
|
|||
return CURLE_AUTH_ERROR;
|
||||
|
||||
if(memcmp(&context, krb5->context, sizeof(context))) {
|
||||
s_pSecFn->DeleteSecurityContext(krb5->context);
|
||||
Curl_pSecFn->DeleteSecurityContext(krb5->context);
|
||||
|
||||
memcpy(krb5->context, &context, sizeof(context));
|
||||
}
|
||||
|
|
@ -282,7 +282,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
|
|||
}
|
||||
|
||||
/* Get our response size information */
|
||||
status = s_pSecFn->QueryContextAttributes(krb5->context,
|
||||
status = Curl_pSecFn->QueryContextAttributes(krb5->context,
|
||||
SECPKG_ATTR_SIZES,
|
||||
&sizes);
|
||||
|
||||
|
|
@ -304,7 +304,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
|
|||
input_buf[1].cbBuffer = 0;
|
||||
|
||||
/* Decrypt the inbound challenge and obtain the qop */
|
||||
status = s_pSecFn->DecryptMessage(krb5->context, &input_desc, 0, &qop);
|
||||
status = Curl_pSecFn->DecryptMessage(krb5->context, &input_desc, 0, &qop);
|
||||
if(status != SEC_E_OK) {
|
||||
infof(data, "GSSAPI handshake failure (empty security message)");
|
||||
return CURLE_BAD_CONTENT_ENCODING;
|
||||
|
|
@ -323,7 +323,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
|
|||
((unsigned long)indata[2] << 8) | indata[3];
|
||||
|
||||
/* Free the challenge as it is not required anymore */
|
||||
s_pSecFn->FreeContextBuffer(input_buf[1].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(input_buf[1].pvBuffer);
|
||||
|
||||
/* Process the security layer */
|
||||
if(!(sec_layer & KERB_WRAP_NO_ENCRYPT)) {
|
||||
|
|
@ -392,7 +392,7 @@ CURLcode Curl_auth_create_gssapi_security_message(struct Curl_easy *data,
|
|||
wrap_buf[2].cbBuffer = sizes.cbBlockSize;
|
||||
|
||||
/* Encrypt the data */
|
||||
status = s_pSecFn->EncryptMessage(krb5->context, KERB_WRAP_NO_ENCRYPT,
|
||||
status = Curl_pSecFn->EncryptMessage(krb5->context, KERB_WRAP_NO_ENCRYPT,
|
||||
&wrap_desc, 0);
|
||||
if(status != SEC_E_OK) {
|
||||
free(padding);
|
||||
|
|
@ -448,14 +448,14 @@ void Curl_auth_cleanup_gssapi(struct kerberos5data *krb5)
|
|||
{
|
||||
/* Free our security context */
|
||||
if(krb5->context) {
|
||||
s_pSecFn->DeleteSecurityContext(krb5->context);
|
||||
Curl_pSecFn->DeleteSecurityContext(krb5->context);
|
||||
free(krb5->context);
|
||||
krb5->context = NULL;
|
||||
}
|
||||
|
||||
/* Free our credentials handle */
|
||||
if(krb5->credentials) {
|
||||
s_pSecFn->FreeCredentialsHandle(krb5->credentials);
|
||||
Curl_pSecFn->FreeCredentialsHandle(krb5->credentials);
|
||||
free(krb5->credentials);
|
||||
krb5->credentials = NULL;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -55,12 +55,12 @@ bool Curl_auth_is_ntlm_supported(void)
|
|||
SECURITY_STATUS status;
|
||||
|
||||
/* Query the security package for NTLM */
|
||||
status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM),
|
||||
status = Curl_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM),
|
||||
&SecurityPackage);
|
||||
|
||||
/* Release the package buffer as it is not required anymore */
|
||||
if(status == SEC_E_OK) {
|
||||
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
Curl_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
}
|
||||
|
||||
return (status == SEC_E_OK ? TRUE : FALSE);
|
||||
|
|
@ -103,7 +103,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
|
|||
Curl_auth_cleanup_ntlm(ntlm);
|
||||
|
||||
/* Query the security package for NTLM */
|
||||
status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM),
|
||||
status = Curl_pSecFn->QuerySecurityPackageInfo((TCHAR *) TEXT(SP_NAME_NTLM),
|
||||
&SecurityPackage);
|
||||
if(status != SEC_E_OK) {
|
||||
failf(data, "SSPI: could not get auth info");
|
||||
|
|
@ -113,7 +113,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
|
|||
ntlm->token_max = SecurityPackage->cbMaxToken;
|
||||
|
||||
/* Release the package buffer as it is not required anymore */
|
||||
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
Curl_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
|
||||
/* Allocate our output buffer */
|
||||
ntlm->output_token = malloc(ntlm->token_max);
|
||||
|
|
@ -141,7 +141,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
|
|||
return CURLE_OUT_OF_MEMORY;
|
||||
|
||||
/* Acquire our credentials handle */
|
||||
status = s_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
status = Curl_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
(TCHAR *) TEXT(SP_NAME_NTLM),
|
||||
SECPKG_CRED_OUTBOUND, NULL,
|
||||
ntlm->p_identity, NULL, NULL,
|
||||
|
|
@ -167,7 +167,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
|
|||
type_1_buf.cbBuffer = curlx_uztoul(ntlm->token_max);
|
||||
|
||||
/* Generate our type-1 message */
|
||||
status = s_pSecFn->InitializeSecurityContext(ntlm->credentials, NULL,
|
||||
status = Curl_pSecFn->InitializeSecurityContext(ntlm->credentials, NULL,
|
||||
ntlm->spn,
|
||||
0, 0, SECURITY_NETWORK_DREP,
|
||||
NULL, 0,
|
||||
|
|
@ -175,7 +175,7 @@ CURLcode Curl_auth_create_ntlm_type1_message(struct Curl_easy *data,
|
|||
&attrs, &expiry);
|
||||
if(status == SEC_I_COMPLETE_NEEDED ||
|
||||
status == SEC_I_COMPLETE_AND_CONTINUE)
|
||||
s_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc);
|
||||
Curl_pSecFn->CompleteAuthToken(ntlm->context, &type_1_desc);
|
||||
else if(status == SEC_E_INSUFFICIENT_MEMORY)
|
||||
return CURLE_OUT_OF_MEMORY;
|
||||
else if(status != SEC_E_OK && status != SEC_I_CONTINUE_NEEDED)
|
||||
|
|
@ -282,7 +282,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
|
|||
SEC_CHANNEL_BINDINGS channelBindings;
|
||||
SecPkgContext_Bindings pkgBindings;
|
||||
pkgBindings.Bindings = &channelBindings;
|
||||
status = s_pSecFn->QueryContextAttributes(
|
||||
status = Curl_pSecFn->QueryContextAttributes(
|
||||
ntlm->sslContext,
|
||||
SECPKG_ATTR_ENDPOINT_BINDINGS,
|
||||
&pkgBindings
|
||||
|
|
@ -305,7 +305,7 @@ CURLcode Curl_auth_create_ntlm_type3_message(struct Curl_easy *data,
|
|||
type_3_buf.cbBuffer = curlx_uztoul(ntlm->token_max);
|
||||
|
||||
/* Generate our type-3 message */
|
||||
status = s_pSecFn->InitializeSecurityContext(ntlm->credentials,
|
||||
status = Curl_pSecFn->InitializeSecurityContext(ntlm->credentials,
|
||||
ntlm->context,
|
||||
ntlm->spn,
|
||||
0, 0, SECURITY_NETWORK_DREP,
|
||||
|
|
@ -343,14 +343,14 @@ void Curl_auth_cleanup_ntlm(struct ntlmdata *ntlm)
|
|||
{
|
||||
/* Free our security context */
|
||||
if(ntlm->context) {
|
||||
s_pSecFn->DeleteSecurityContext(ntlm->context);
|
||||
Curl_pSecFn->DeleteSecurityContext(ntlm->context);
|
||||
free(ntlm->context);
|
||||
ntlm->context = NULL;
|
||||
}
|
||||
|
||||
/* Free our credentials handle */
|
||||
if(ntlm->credentials) {
|
||||
s_pSecFn->FreeCredentialsHandle(ntlm->credentials);
|
||||
Curl_pSecFn->FreeCredentialsHandle(ntlm->credentials);
|
||||
free(ntlm->credentials);
|
||||
ntlm->credentials = NULL;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -57,13 +57,13 @@ bool Curl_auth_is_spnego_supported(void)
|
|||
SECURITY_STATUS status;
|
||||
|
||||
/* Query the security package for Negotiate */
|
||||
status = s_pSecFn->QuerySecurityPackageInfo((TCHAR *)
|
||||
status = Curl_pSecFn->QuerySecurityPackageInfo((TCHAR *)
|
||||
TEXT(SP_NAME_NEGOTIATE),
|
||||
&SecurityPackage);
|
||||
|
||||
/* Release the package buffer as it is not required anymore */
|
||||
if(status == SEC_E_OK) {
|
||||
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
Curl_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -128,7 +128,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
|
|||
|
||||
if(!nego->output_token) {
|
||||
/* Query the security package for Negotiate */
|
||||
nego->status = (DWORD)s_pSecFn->QuerySecurityPackageInfo((TCHAR *)
|
||||
nego->status = (DWORD)Curl_pSecFn->QuerySecurityPackageInfo((TCHAR *)
|
||||
TEXT(SP_NAME_NEGOTIATE),
|
||||
&SecurityPackage);
|
||||
if(nego->status != SEC_E_OK) {
|
||||
|
|
@ -139,7 +139,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
|
|||
nego->token_max = SecurityPackage->cbMaxToken;
|
||||
|
||||
/* Release the package buffer as it is not required anymore */
|
||||
s_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
Curl_pSecFn->FreeContextBuffer(SecurityPackage);
|
||||
|
||||
/* Allocate our output buffer */
|
||||
nego->output_token = malloc(nego->token_max);
|
||||
|
|
@ -169,7 +169,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
|
|||
|
||||
/* Acquire our credentials handle */
|
||||
nego->status = (DWORD)
|
||||
s_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
Curl_pSecFn->AcquireCredentialsHandle(NULL,
|
||||
(TCHAR *)TEXT(SP_NAME_NEGOTIATE),
|
||||
SECPKG_CRED_OUTBOUND, NULL,
|
||||
nego->p_identity, NULL, NULL,
|
||||
|
|
@ -218,7 +218,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
|
|||
SEC_CHANNEL_BINDINGS channelBindings;
|
||||
SecPkgContext_Bindings pkgBindings;
|
||||
pkgBindings.Bindings = &channelBindings;
|
||||
nego->status = (DWORD)s_pSecFn->QueryContextAttributes(
|
||||
nego->status = (DWORD)Curl_pSecFn->QueryContextAttributes(
|
||||
nego->sslContext,
|
||||
SECPKG_ATTR_ENDPOINT_BINDINGS,
|
||||
&pkgBindings
|
||||
|
|
@ -242,16 +242,16 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
|
|||
resp_buf.cbBuffer = curlx_uztoul(nego->token_max);
|
||||
|
||||
/* Generate our challenge-response message */
|
||||
nego->status = (DWORD)s_pSecFn->InitializeSecurityContext(nego->credentials,
|
||||
chlg ? nego->context :
|
||||
NULL,
|
||||
nego->spn,
|
||||
ISC_REQ_CONFIDENTIALITY,
|
||||
0, SECURITY_NATIVE_DREP,
|
||||
chlg ? &chlg_desc : NULL,
|
||||
0, nego->context,
|
||||
&resp_desc, &attrs,
|
||||
&expiry);
|
||||
nego->status =
|
||||
(DWORD)Curl_pSecFn->InitializeSecurityContext(nego->credentials,
|
||||
chlg ? nego->context : NULL,
|
||||
nego->spn,
|
||||
ISC_REQ_CONFIDENTIALITY,
|
||||
0, SECURITY_NATIVE_DREP,
|
||||
chlg ? &chlg_desc : NULL,
|
||||
0, nego->context,
|
||||
&resp_desc, &attrs,
|
||||
&expiry);
|
||||
|
||||
/* Free the decoded challenge as it is not required anymore */
|
||||
free(chlg);
|
||||
|
|
@ -269,7 +269,7 @@ CURLcode Curl_auth_decode_spnego_message(struct Curl_easy *data,
|
|||
|
||||
if(nego->status == SEC_I_COMPLETE_NEEDED ||
|
||||
nego->status == SEC_I_COMPLETE_AND_CONTINUE) {
|
||||
nego->status = (DWORD)s_pSecFn->CompleteAuthToken(nego->context,
|
||||
nego->status = (DWORD)Curl_pSecFn->CompleteAuthToken(nego->context,
|
||||
&resp_desc);
|
||||
if(GSS_ERROR(nego->status)) {
|
||||
char buffer[STRERROR_LEN];
|
||||
|
|
@ -333,14 +333,14 @@ void Curl_auth_cleanup_spnego(struct negotiatedata *nego)
|
|||
{
|
||||
/* Free our security context */
|
||||
if(nego->context) {
|
||||
s_pSecFn->DeleteSecurityContext(nego->context);
|
||||
Curl_pSecFn->DeleteSecurityContext(nego->context);
|
||||
free(nego->context);
|
||||
nego->context = NULL;
|
||||
}
|
||||
|
||||
/* Free our credentials handle */
|
||||
if(nego->credentials) {
|
||||
s_pSecFn->FreeCredentialsHandle(nego->credentials);
|
||||
Curl_pSecFn->FreeCredentialsHandle(nego->credentials);
|
||||
free(nego->credentials);
|
||||
nego->credentials = NULL;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -968,7 +968,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
|
|||
#endif
|
||||
|
||||
sspi_status =
|
||||
s_pSecFn->AcquireCredentialsHandle(NULL, (TCHAR*)UNISP_NAME,
|
||||
Curl_pSecFn->AcquireCredentialsHandle(NULL, (TCHAR*)UNISP_NAME,
|
||||
SECPKG_CRED_OUTBOUND, NULL,
|
||||
&credentials, NULL, NULL,
|
||||
&backend->cred->cred_handle,
|
||||
|
|
@ -1015,7 +1015,7 @@ schannel_acquire_credential_handle(struct Curl_cfilter *cf,
|
|||
#endif
|
||||
|
||||
sspi_status =
|
||||
s_pSecFn->AcquireCredentialsHandle(NULL, (TCHAR*)UNISP_NAME,
|
||||
Curl_pSecFn->AcquireCredentialsHandle(NULL, (TCHAR*)UNISP_NAME,
|
||||
SECPKG_CRED_OUTBOUND, NULL,
|
||||
&schannel_cred, NULL, NULL,
|
||||
&backend->cred->cred_handle,
|
||||
|
|
@ -1245,7 +1245,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
|
|||
use it for that, and WINE (for which we currently disable ALPN) is giving
|
||||
us problems with inbuf regardless. https://github.com/curl/curl/issues/983
|
||||
*/
|
||||
sspi_status = s_pSecFn->InitializeSecurityContext(
|
||||
sspi_status = Curl_pSecFn->InitializeSecurityContext(
|
||||
&backend->cred->cred_handle, NULL, backend->cred->sni_hostname,
|
||||
backend->req_flags, 0, 0,
|
||||
(backend->use_alpn ? &inbuf_desc : NULL),
|
||||
|
|
@ -1289,7 +1289,7 @@ schannel_connect_step1(struct Curl_cfilter *cf, struct Curl_easy *data)
|
|||
written = Curl_conn_cf_send(cf->next, data,
|
||||
outbuf.pvBuffer, outbuf.cbBuffer, FALSE,
|
||||
&result);
|
||||
s_pSecFn->FreeContextBuffer(outbuf.pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(outbuf.pvBuffer);
|
||||
if((result != CURLE_OK) || (outbuf.cbBuffer != (size_t) written)) {
|
||||
failf(data, "schannel: failed to send initial handshake data: "
|
||||
"sent %zd of %lu bytes", written, outbuf.cbBuffer);
|
||||
|
|
@ -1436,7 +1436,7 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
|
|||
memcpy(inbuf[0].pvBuffer, backend->encdata_buffer,
|
||||
backend->encdata_offset);
|
||||
|
||||
sspi_status = s_pSecFn->InitializeSecurityContext(
|
||||
sspi_status = Curl_pSecFn->InitializeSecurityContext(
|
||||
&backend->cred->cred_handle, &backend->ctxt->ctxt_handle,
|
||||
backend->cred->sni_hostname, backend->req_flags,
|
||||
0, 0, &inbuf_desc, 0, NULL,
|
||||
|
|
@ -1488,7 +1488,7 @@ schannel_connect_step2(struct Curl_cfilter *cf, struct Curl_easy *data)
|
|||
|
||||
/* free obsolete buffer */
|
||||
if(outbuf[i].pvBuffer) {
|
||||
s_pSecFn->FreeContextBuffer(outbuf[i].pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(outbuf[i].pvBuffer);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -1684,7 +1684,7 @@ static void schannel_session_free(void *sessionid, size_t idsize)
|
|||
if(cred) {
|
||||
cred->refcount--;
|
||||
if(cred->refcount == 0) {
|
||||
s_pSecFn->FreeCredentialsHandle(&cred->cred_handle);
|
||||
Curl_pSecFn->FreeCredentialsHandle(&cred->cred_handle);
|
||||
curlx_unicodefree(cred->sni_hostname);
|
||||
#ifdef HAS_CLIENT_CERT_PATH
|
||||
if(cred->client_cert_store) {
|
||||
|
|
@ -1739,7 +1739,7 @@ schannel_connect_step3(struct Curl_cfilter *cf, struct Curl_easy *data)
|
|||
#ifdef HAS_ALPN
|
||||
if(backend->use_alpn) {
|
||||
sspi_status =
|
||||
s_pSecFn->QueryContextAttributes(&backend->ctxt->ctxt_handle,
|
||||
Curl_pSecFn->QueryContextAttributes(&backend->ctxt->ctxt_handle,
|
||||
SECPKG_ATTR_APPLICATION_PROTOCOL,
|
||||
&alpn_result);
|
||||
|
||||
|
|
@ -1787,7 +1787,7 @@ schannel_connect_step3(struct Curl_cfilter *cf, struct Curl_easy *data)
|
|||
if(data->set.ssl.certinfo) {
|
||||
int certs_count = 0;
|
||||
sspi_status =
|
||||
s_pSecFn->QueryContextAttributes(&backend->ctxt->ctxt_handle,
|
||||
Curl_pSecFn->QueryContextAttributes(&backend->ctxt->ctxt_handle,
|
||||
SECPKG_ATTR_REMOTE_CERT_CONTEXT,
|
||||
&ccert_context);
|
||||
|
||||
|
|
@ -1955,7 +1955,7 @@ schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data,
|
|||
|
||||
/* check if the maximum stream sizes were queried */
|
||||
if(backend->stream_sizes.cbMaximumMessage == 0) {
|
||||
sspi_status = s_pSecFn->QueryContextAttributes(
|
||||
sspi_status = Curl_pSecFn->QueryContextAttributes(
|
||||
&backend->ctxt->ctxt_handle,
|
||||
SECPKG_ATTR_STREAM_SIZES,
|
||||
&backend->stream_sizes);
|
||||
|
|
@ -1994,7 +1994,7 @@ schannel_send(struct Curl_cfilter *cf, struct Curl_easy *data,
|
|||
memcpy(outbuf[1].pvBuffer, buf, len);
|
||||
|
||||
/* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375390.aspx */
|
||||
sspi_status = s_pSecFn->EncryptMessage(&backend->ctxt->ctxt_handle, 0,
|
||||
sspi_status = Curl_pSecFn->EncryptMessage(&backend->ctxt->ctxt_handle, 0,
|
||||
&outbuf_desc, 0);
|
||||
|
||||
/* check if the message was encrypted */
|
||||
|
|
@ -2211,7 +2211,7 @@ schannel_recv(struct Curl_cfilter *cf, struct Curl_easy *data,
|
|||
|
||||
/* https://msdn.microsoft.com/en-us/library/windows/desktop/aa375348.aspx
|
||||
*/
|
||||
sspi_status = s_pSecFn->DecryptMessage(&backend->ctxt->ctxt_handle,
|
||||
sspi_status = Curl_pSecFn->DecryptMessage(&backend->ctxt->ctxt_handle,
|
||||
&inbuf_desc, 0, NULL);
|
||||
|
||||
/* check if everything went fine (server may want to renegotiate
|
||||
|
|
@ -2498,7 +2498,7 @@ static CURLcode schannel_shutdown(struct Curl_cfilter *cf,
|
|||
InitSecBuffer(&Buffer, SECBUFFER_TOKEN, &dwshut, sizeof(dwshut));
|
||||
InitSecBufferDesc(&BuffDesc, &Buffer, 1);
|
||||
|
||||
sspi_status = s_pSecFn->ApplyControlToken(&backend->ctxt->ctxt_handle,
|
||||
sspi_status = Curl_pSecFn->ApplyControlToken(&backend->ctxt->ctxt_handle,
|
||||
&BuffDesc);
|
||||
|
||||
if(sspi_status != SEC_E_OK) {
|
||||
|
|
@ -2513,7 +2513,7 @@ static CURLcode schannel_shutdown(struct Curl_cfilter *cf,
|
|||
InitSecBuffer(&outbuf, SECBUFFER_EMPTY, NULL, 0);
|
||||
InitSecBufferDesc(&outbuf_desc, &outbuf, 1);
|
||||
|
||||
sspi_status = s_pSecFn->InitializeSecurityContext(
|
||||
sspi_status = Curl_pSecFn->InitializeSecurityContext(
|
||||
&backend->cred->cred_handle,
|
||||
&backend->ctxt->ctxt_handle,
|
||||
backend->cred->sni_hostname,
|
||||
|
|
@ -2532,7 +2532,7 @@ static CURLcode schannel_shutdown(struct Curl_cfilter *cf,
|
|||
ssize_t written = Curl_conn_cf_send(cf->next, data,
|
||||
outbuf.pvBuffer, outbuf.cbBuffer,
|
||||
FALSE, &result);
|
||||
s_pSecFn->FreeContextBuffer(outbuf.pvBuffer);
|
||||
Curl_pSecFn->FreeContextBuffer(outbuf.pvBuffer);
|
||||
if(!result) {
|
||||
if(written < (ssize_t)outbuf.cbBuffer) {
|
||||
/* TODO: handle partial sends */
|
||||
|
|
@ -2605,7 +2605,7 @@ static void schannel_close(struct Curl_cfilter *cf, struct Curl_easy *data)
|
|||
/* free SSPI Schannel API security context handle */
|
||||
if(backend->ctxt) {
|
||||
DEBUGF(infof(data, "schannel: clear security context handle"));
|
||||
s_pSecFn->DeleteSecurityContext(&backend->ctxt->ctxt_handle);
|
||||
Curl_pSecFn->DeleteSecurityContext(&backend->ctxt->ctxt_handle);
|
||||
Curl_safefree(backend->ctxt);
|
||||
}
|
||||
|
||||
|
|
@ -2682,7 +2682,7 @@ static CURLcode schannel_pkp_pin_peer_pubkey(struct Curl_cfilter *cf,
|
|||
struct Curl_asn1Element *pubkey;
|
||||
|
||||
sspi_status =
|
||||
s_pSecFn->QueryContextAttributes(&backend->ctxt->ctxt_handle,
|
||||
Curl_pSecFn->QueryContextAttributes(&backend->ctxt->ctxt_handle,
|
||||
SECPKG_ATTR_REMOTE_CERT_CONTEXT,
|
||||
&pCertContextServer);
|
||||
|
||||
|
|
|
|||
|
|
@ -483,7 +483,7 @@ CURLcode Curl_verify_host(struct Curl_cfilter *cf,
|
|||
DWORD actual_len = 0;
|
||||
|
||||
sspi_status =
|
||||
s_pSecFn->QueryContextAttributes(&BACKEND->ctxt->ctxt_handle,
|
||||
Curl_pSecFn->QueryContextAttributes(&BACKEND->ctxt->ctxt_handle,
|
||||
SECPKG_ATTR_REMOTE_CERT_CONTEXT,
|
||||
&pCertContextServer);
|
||||
|
||||
|
|
@ -612,7 +612,7 @@ CURLcode Curl_verify_certificate(struct Curl_cfilter *cf,
|
|||
DEBUGASSERT(BACKEND);
|
||||
|
||||
sspi_status =
|
||||
s_pSecFn->QueryContextAttributes(&BACKEND->ctxt->ctxt_handle,
|
||||
Curl_pSecFn->QueryContextAttributes(&BACKEND->ctxt->ctxt_handle,
|
||||
SECPKG_ATTR_REMOTE_CERT_CONTEXT,
|
||||
&pCertContextServer);
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue