to add more method in the future.
Changelog
Daniel (10 June)
+- Modified how to set auth type to libcurl. Now use CURLOPT_HTTPAUTH instead,
+ and pick method. Supported ones currently are:
+ CURLHTTP_BASIC - default selection
+ CURLHTTP_DIGEST - formerly CURLOPT_HTTPDIGEST
+ CURLHTTP_NEGOTIATE
+
- Daniel Kouril added HTTP Negotiate authentication support, as defined in the
IETF draft draft-brezak-spnego-http-04.txt. In use already by various
- Microsoft web applications. CURLOPT_HTTPNEGOTIATE and --negotiate are the
- new family members.
+ Microsoft web applications. --negotiate is the new family member.
- A missing ending bracket (']') while doing URL globbing could lead to a
segfault. While fixing this, I also introduced better error reporting in the
CURLPROXY_SOCKS5 = 5
} curl_proxytype;
+typedef enum {
+ CURLHTTP_BASIC = 0, /* default */
+ CURLHTTP_DIGEST = 1, /* Digest */
+ CURLHTTP_NEGOTIATE = 2, /* Negotiate */
+ CURLHTTP_NTLM = 3, /* NTLM */
+ CURLHTTP_LAST /* never to be used */
+} curl_httpauth;
+
/* this was the error code 50 in 7.7.3 and a few earlier versions, this
is no longer used by libcurl but is instead #defined here only to not
make programs break */
attempted before the good old traditional PORT command. */
CINIT(FTP_USE_EPRT, LONG, 106),
- /* Set this to a non-zero value to enable HTTP Digest Authentication.
- You should use this in combination with CURLOPT_USERPWD. */
- CINIT(HTTPDIGEST, LONG, 107),
-
- /* Set this to a non-zero value to enable HTTP Negotiate Authentication.
- You should use this in combination with CURLOPT_USERPWD. */
- CINIT(HTTPNEGOTIATE, LONG, 108),
+ /* Set this to a curl_httpauth value to enable that particular authentication
+ method. Use this in combination with CURLOPT_USERPWD. */
+ CINIT(HTTPAUTH, LONG, 107),
CURLOPT_LASTENTRY /* the last unused */
} CURLoption;
data->set.encoding = (char*)ALL_CONTENT_ENCODINGS;
break;
- case CURLOPT_HTTPDIGEST:
+ case CURLOPT_HTTPAUTH:
/*
- * Enable HTTP Digest Authentication
+ * Set HTTP Authentication type.
*/
- data->set.httpdigest = va_arg(param, long);
- break;
+ {
+ curl_httpauth auth = va_arg(param, long);
+ switch(auth) {
+ case CURLHTTP_BASIC:
+ /* default */
+ data->set.httpdigest = FALSE;
+ data->set.httpnegotiate = FALSE;
+ break;
+ case CURLHTTP_DIGEST:
+ /* Enable HTTP Digest authentication */
+ data->set.httpdigest = TRUE;
+ data->set.httpnegotiate = FALSE;
+ break;
+ case CURLHTTP_NEGOTIATE:
#ifdef GSSAPI
- case CURLOPT_HTTPNEGOTIATE:
- /* Enable HTTP Negotaiate authentication */
- data->set.httpnegotiate = va_arg(param, long);
- break;
+ /* Enable HTTP Negotaiate authentication */
+ data->set.httpdigest = FALSE;
+ data->set.httpnegotiate = TRUE;
+ break;
+#else
+ /* fall-through */
#endif
+ default:
+ return CURLE_FAILED_INIT; /* unsupported type */
+ }
+ }
+ break;
+
case CURLOPT_USERPWD:
/*
* user:password to use in the operation
long use_port; /* which port to use (when not using default) */
char *userpwd; /* <user:password>, if used */
bool httpdigest; /* if HTTP Digest is enabled */
-#ifdef GSSAPI
bool httpnegotiate; /* if HTTP Negotiate authentication is enabled */
-#endif
char *set_range; /* range, if used. See README for detailed specification
on this syntax. */
long followlocation; /* as in HTTP Location: */
" -d/--data <data> HTTP POST data (H)\n"
" --data-ascii <data> HTTP POST ASCII data (H)\n"
" --data-binary <data> HTTP POST binary data (H)\n"
-#ifdef GSSAPI
- " --negotiate Enable HTTP Negotiate Authentication\n"
-#endif
+ " --negotiate Enable HTTP Negotiate Authentication (req GSS-lib)\n"
" --digest Enable HTTP Digest Authentication");
puts(" --disable-eprt Prevents curl from using EPRT or LPRT (F)\n"
" --disable-epsv Prevents curl from using EPSV (F)\n"
bool cookiesession; /* new session? */
bool encoding; /* Accept-Encoding please */
bool digest; /* Digest Authentication */
-#ifdef GSSAPI
bool negotiate; /* Negotiate Authentication */
-#endif
bool use_resume;
bool resume_from_current;
bool disable_epsv;
{"5i", "limit-rate", TRUE},
{"5j", "compressed", FALSE}, /* might take an arg someday */
{"5k", "digest", FALSE},
-#ifdef GSSAPI
{"5l", "negotiate", FALSE},
-#endif
{"0", "http1.0", FALSE},
{"1", "tlsv1", FALSE},
{"2", "sslv2", FALSE},
config->digest ^= TRUE;
break;
-#ifdef GSSAPI
case 'l': /* --negotiate */
config->negotiate ^= TRUE;
break;
-#endif
default: /* the URL! */
{
/* disable it */
curl_easy_setopt(curl, CURLOPT_FTP_USE_EPRT, FALSE);
- /* new in libcurl 7.10.6 */
- curl_easy_setopt(curl, CURLOPT_HTTPDIGEST, config->digest);
-
-#ifdef GSSAPI
- curl_easy_setopt(curl, CURLOPT_HTTPNEGOTIATE, config->negotiate);
-#endif
+ /* new in libcurl 7.10.6 (default is Basic) */
+ if(config->digest)
+ curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLHTTP_DIGEST);
+ else if(config->negotiate)
+ curl_easy_setopt(curl, CURLOPT_HTTPAUTH, CURLHTTP_NEGOTIATE);
/* new in curl 7.9.7 */
if(config->trace_dump) {
projects / platform / upstream / curl.git / commitdiff