* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2014 - 2015, Steve Holme, <steve_holme@hotmail.com>.
- * Copyright (C) 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2014, Steve Holme, <steve_holme@hotmail.com>.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
#if defined(HAVE_GSSAPI) && defined(USE_KERBEROS5)
+#ifdef HAVE_OLD_GSSMIT
+#define GSS_C_NT_HOSTBASED_SERVICE gss_nt_service_name
+#define NCOMPAT 1
+#endif
+
+#define GSSAUTH_P_NONE 1
+#define GSSAUTH_P_INTEGRITY 2
+#define GSSAUTH_P_PRIVACY 4
+
#include <curl/curl.h>
#include "curl_sasl.h"
#include "urldata.h"
#include "curl_base64.h"
#include "curl_gssapi.h"
+#include "curl_memory.h"
#include "sendf.h"
-#include "curl_printf.h"
-/* The last #include files should be: */
-#include "curl_memory.h"
+#define _MPRINTF_REPLACE /* use our functions only */
+#include <curl/mprintf.h>
+
+/* The last #include file should be: */
#include "memdebug.h"
/*
*
* Returns a pointer to the newly allocated SPN.
*/
-char *Curl_sasl_build_gssapi_spn(const char *service, const char *host)
+static char *Curl_sasl_build_gssapi_spn(const char *service, const char *host)
{
/* Generate and return our SPN */
return aprintf("%s@%s", service, host);
/* Import the SPN */
gss_major_status = gss_import_name(&gss_minor_status, &spn_token,
- GSS_C_NT_HOSTBASED_SERVICE, &krb5->spn);
+ gss_nt_service_name, &krb5->spn);
if(GSS_ERROR(gss_major_status)) {
Curl_gss_log_error(data, gss_minor_status, "gss_import_name() failed: ");
- free(spn);
-
return CURLE_OUT_OF_MEMORY;
}
-
- free(spn);
}
else {
/* Decode the base-64 encoded challenge message */
mutual_auth,
NULL);
- free(input_token.value);
+ Curl_safefree(input_token.value);
if(GSS_ERROR(gss_major_status)) {
if(output_token.value)
Curl_gss_log_error(data, gss_minor_status,
"gss_inquire_context() failed: ");
- free(chlg);
+ Curl_safefree(chlg);
return CURLE_OUT_OF_MEMORY;
}
if(GSS_ERROR(gss_major_status)) {
Curl_gss_log_error(data, gss_minor_status, "gss_display_name() failed: ");
- free(chlg);
+ Curl_safefree(chlg);
return CURLE_OUT_OF_MEMORY;
}
Curl_gss_log_error(data, gss_minor_status, "gss_unwrap() failed: ");
gss_release_buffer(&gss_status, &username_token);
- free(chlg);
+ Curl_safefree(chlg);
return CURLE_BAD_CONTENT_ENCODING;
}
infof(data, "GSSAPI handshake failure (invalid security data)\n");
gss_release_buffer(&gss_status, &username_token);
- free(chlg);
+ Curl_safefree(chlg);
return CURLE_BAD_CONTENT_ENCODING;
}
/* Copy the data out and free the challenge as it is not required anymore */
memcpy(&indata, output_token.value, 4);
gss_release_buffer(&gss_status, &output_token);
- free(chlg);
+ Curl_safefree(chlg);
/* Extract the security layer */
sec_layer = indata & 0x000000FF;
if(GSS_ERROR(gss_major_status)) {
Curl_gss_log_error(data, gss_minor_status, "gss_wrap() failed: ");
- free(message);
+ Curl_safefree(message);
return CURLE_OUT_OF_MEMORY;
}
gss_release_buffer(&gss_status, &output_token);
/* Free the message buffer */
- free(message);
+ Curl_safefree(message);
return result;
}