Annotation of embedaddon/curl/lib/socks_gssapi.c, revision 1.1
1.1 ! misho 1: /***************************************************************************
! 2: * _ _ ____ _
! 3: * Project ___| | | | _ \| |
! 4: * / __| | | | |_) | |
! 5: * | (__| |_| | _ <| |___
! 6: * \___|\___/|_| \_\_____|
! 7: *
! 8: * Copyright (C) 2012 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
! 9: * Copyright (C) 2009, Markus Moeller, <markus_moeller@compuserve.com>
! 10: *
! 11: * This software is licensed as described in the file COPYING, which
! 12: * you should have received as part of this distribution. The terms
! 13: * are also available at https://curl.haxx.se/docs/copyright.html.
! 14: *
! 15: * You may opt to use, copy, modify, merge, publish, distribute and/or sell
! 16: * copies of the Software, and permit persons to whom the Software is
! 17: * furnished to do so, under the terms of the COPYING file.
! 18: *
! 19: * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
! 20: * KIND, either express or implied.
! 21: *
! 22: ***************************************************************************/
! 23:
! 24: #include "curl_setup.h"
! 25:
! 26: #if defined(HAVE_GSSAPI) && !defined(CURL_DISABLE_PROXY)
! 27:
! 28: #include "curl_gssapi.h"
! 29: #include "urldata.h"
! 30: #include "sendf.h"
! 31: #include "connect.h"
! 32: #include "timeval.h"
! 33: #include "socks.h"
! 34: #include "warnless.h"
! 35:
! 36: /* The last 3 #include files should be in this order */
! 37: #include "curl_printf.h"
! 38: #include "curl_memory.h"
! 39: #include "memdebug.h"
! 40:
! 41: static gss_ctx_id_t gss_context = GSS_C_NO_CONTEXT;
! 42:
! 43: /*
! 44: * Helper GSS-API error functions.
! 45: */
! 46: static int check_gss_err(struct Curl_easy *data,
! 47: OM_uint32 major_status,
! 48: OM_uint32 minor_status,
! 49: const char *function)
! 50: {
! 51: if(GSS_ERROR(major_status)) {
! 52: OM_uint32 maj_stat, min_stat;
! 53: OM_uint32 msg_ctx = 0;
! 54: gss_buffer_desc status_string;
! 55: char buf[1024];
! 56: size_t len;
! 57:
! 58: len = 0;
! 59: msg_ctx = 0;
! 60: while(!msg_ctx) {
! 61: /* convert major status code (GSS-API error) to text */
! 62: maj_stat = gss_display_status(&min_stat, major_status,
! 63: GSS_C_GSS_CODE,
! 64: GSS_C_NULL_OID,
! 65: &msg_ctx, &status_string);
! 66: if(maj_stat == GSS_S_COMPLETE) {
! 67: if(sizeof(buf) > len + status_string.length + 1) {
! 68: strcpy(buf + len, (char *) status_string.value);
! 69: len += status_string.length;
! 70: }
! 71: gss_release_buffer(&min_stat, &status_string);
! 72: break;
! 73: }
! 74: gss_release_buffer(&min_stat, &status_string);
! 75: }
! 76: if(sizeof(buf) > len + 3) {
! 77: strcpy(buf + len, ".\n");
! 78: len += 2;
! 79: }
! 80: msg_ctx = 0;
! 81: while(!msg_ctx) {
! 82: /* convert minor status code (underlying routine error) to text */
! 83: maj_stat = gss_display_status(&min_stat, minor_status,
! 84: GSS_C_MECH_CODE,
! 85: GSS_C_NULL_OID,
! 86: &msg_ctx, &status_string);
! 87: if(maj_stat == GSS_S_COMPLETE) {
! 88: if(sizeof(buf) > len + status_string.length)
! 89: strcpy(buf + len, (char *) status_string.value);
! 90: gss_release_buffer(&min_stat, &status_string);
! 91: break;
! 92: }
! 93: gss_release_buffer(&min_stat, &status_string);
! 94: }
! 95: failf(data, "GSS-API error: %s failed:\n%s", function, buf);
! 96: return 1;
! 97: }
! 98:
! 99: return 0;
! 100: }
! 101:
! 102: CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex,
! 103: struct connectdata *conn)
! 104: {
! 105: struct Curl_easy *data = conn->data;
! 106: curl_socket_t sock = conn->sock[sockindex];
! 107: CURLcode code;
! 108: ssize_t actualread;
! 109: ssize_t written;
! 110: int result;
! 111: OM_uint32 gss_major_status, gss_minor_status, gss_status;
! 112: OM_uint32 gss_ret_flags;
! 113: int gss_conf_state, gss_enc;
! 114: gss_buffer_desc service = GSS_C_EMPTY_BUFFER;
! 115: gss_buffer_desc gss_send_token = GSS_C_EMPTY_BUFFER;
! 116: gss_buffer_desc gss_recv_token = GSS_C_EMPTY_BUFFER;
! 117: gss_buffer_desc gss_w_token = GSS_C_EMPTY_BUFFER;
! 118: gss_buffer_desc* gss_token = GSS_C_NO_BUFFER;
! 119: gss_name_t server = GSS_C_NO_NAME;
! 120: gss_name_t gss_client_name = GSS_C_NO_NAME;
! 121: unsigned short us_length;
! 122: char *user = NULL;
! 123: unsigned char socksreq[4]; /* room for GSS-API exchange header only */
! 124: const char *serviceptr = data->set.str[STRING_PROXY_SERVICE_NAME] ?
! 125: data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd";
! 126: const size_t serviceptr_length = strlen(serviceptr);
! 127:
! 128: /* GSS-API request looks like
! 129: * +----+------+-----+----------------+
! 130: * |VER | MTYP | LEN | TOKEN |
! 131: * +----+------+----------------------+
! 132: * | 1 | 1 | 2 | up to 2^16 - 1 |
! 133: * +----+------+-----+----------------+
! 134: */
! 135:
! 136: /* prepare service name */
! 137: if(strchr(serviceptr, '/')) {
! 138: service.length = serviceptr_length;
! 139: service.value = malloc(service.length);
! 140: if(!service.value)
! 141: return CURLE_OUT_OF_MEMORY;
! 142: memcpy(service.value, serviceptr, service.length);
! 143:
! 144: gss_major_status = gss_import_name(&gss_minor_status, &service,
! 145: (gss_OID) GSS_C_NULL_OID, &server);
! 146: }
! 147: else {
! 148: service.value = malloc(serviceptr_length +
! 149: strlen(conn->socks_proxy.host.name) + 2);
! 150: if(!service.value)
! 151: return CURLE_OUT_OF_MEMORY;
! 152: service.length = serviceptr_length +
! 153: strlen(conn->socks_proxy.host.name) + 1;
! 154: msnprintf(service.value, service.length + 1, "%s@%s",
! 155: serviceptr, conn->socks_proxy.host.name);
! 156:
! 157: gss_major_status = gss_import_name(&gss_minor_status, &service,
! 158: GSS_C_NT_HOSTBASED_SERVICE, &server);
! 159: }
! 160:
! 161: gss_release_buffer(&gss_status, &service); /* clear allocated memory */
! 162:
! 163: if(check_gss_err(data, gss_major_status,
! 164: gss_minor_status, "gss_import_name()")) {
! 165: failf(data, "Failed to create service name.");
! 166: gss_release_name(&gss_status, &server);
! 167: return CURLE_COULDNT_CONNECT;
! 168: }
! 169:
! 170: (void)curlx_nonblock(sock, FALSE);
! 171:
! 172: /* As long as we need to keep sending some context info, and there's no */
! 173: /* errors, keep sending it... */
! 174: for(;;) {
! 175: gss_major_status = Curl_gss_init_sec_context(data,
! 176: &gss_minor_status,
! 177: &gss_context,
! 178: server,
! 179: &Curl_krb5_mech_oid,
! 180: NULL,
! 181: gss_token,
! 182: &gss_send_token,
! 183: TRUE,
! 184: &gss_ret_flags);
! 185:
! 186: if(gss_token != GSS_C_NO_BUFFER)
! 187: gss_release_buffer(&gss_status, &gss_recv_token);
! 188: if(check_gss_err(data, gss_major_status,
! 189: gss_minor_status, "gss_init_sec_context")) {
! 190: gss_release_name(&gss_status, &server);
! 191: gss_release_buffer(&gss_status, &gss_recv_token);
! 192: gss_release_buffer(&gss_status, &gss_send_token);
! 193: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 194: failf(data, "Failed to initial GSS-API token.");
! 195: return CURLE_COULDNT_CONNECT;
! 196: }
! 197:
! 198: if(gss_send_token.length != 0) {
! 199: socksreq[0] = 1; /* GSS-API subnegotiation version */
! 200: socksreq[1] = 1; /* authentication message type */
! 201: us_length = htons((short)gss_send_token.length);
! 202: memcpy(socksreq + 2, &us_length, sizeof(short));
! 203:
! 204: code = Curl_write_plain(conn, sock, (char *)socksreq, 4, &written);
! 205: if(code || (4 != written)) {
! 206: failf(data, "Failed to send GSS-API authentication request.");
! 207: gss_release_name(&gss_status, &server);
! 208: gss_release_buffer(&gss_status, &gss_recv_token);
! 209: gss_release_buffer(&gss_status, &gss_send_token);
! 210: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 211: return CURLE_COULDNT_CONNECT;
! 212: }
! 213:
! 214: code = Curl_write_plain(conn, sock, (char *)gss_send_token.value,
! 215: gss_send_token.length, &written);
! 216:
! 217: if(code || ((ssize_t)gss_send_token.length != written)) {
! 218: failf(data, "Failed to send GSS-API authentication token.");
! 219: gss_release_name(&gss_status, &server);
! 220: gss_release_buffer(&gss_status, &gss_recv_token);
! 221: gss_release_buffer(&gss_status, &gss_send_token);
! 222: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 223: return CURLE_COULDNT_CONNECT;
! 224: }
! 225:
! 226: }
! 227:
! 228: gss_release_buffer(&gss_status, &gss_send_token);
! 229: gss_release_buffer(&gss_status, &gss_recv_token);
! 230: if(gss_major_status != GSS_S_CONTINUE_NEEDED)
! 231: break;
! 232:
! 233: /* analyse response */
! 234:
! 235: /* GSS-API response looks like
! 236: * +----+------+-----+----------------+
! 237: * |VER | MTYP | LEN | TOKEN |
! 238: * +----+------+----------------------+
! 239: * | 1 | 1 | 2 | up to 2^16 - 1 |
! 240: * +----+------+-----+----------------+
! 241: */
! 242:
! 243: result = Curl_blockread_all(conn, sock, (char *)socksreq, 4, &actualread);
! 244: if(result || (actualread != 4)) {
! 245: failf(data, "Failed to receive GSS-API authentication response.");
! 246: gss_release_name(&gss_status, &server);
! 247: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 248: return CURLE_COULDNT_CONNECT;
! 249: }
! 250:
! 251: /* ignore the first (VER) byte */
! 252: if(socksreq[1] == 255) { /* status / message type */
! 253: failf(data, "User was rejected by the SOCKS5 server (%d %d).",
! 254: socksreq[0], socksreq[1]);
! 255: gss_release_name(&gss_status, &server);
! 256: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 257: return CURLE_COULDNT_CONNECT;
! 258: }
! 259:
! 260: if(socksreq[1] != 1) { /* status / messgae type */
! 261: failf(data, "Invalid GSS-API authentication response type (%d %d).",
! 262: socksreq[0], socksreq[1]);
! 263: gss_release_name(&gss_status, &server);
! 264: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 265: return CURLE_COULDNT_CONNECT;
! 266: }
! 267:
! 268: memcpy(&us_length, socksreq + 2, sizeof(short));
! 269: us_length = ntohs(us_length);
! 270:
! 271: gss_recv_token.length = us_length;
! 272: gss_recv_token.value = malloc(us_length);
! 273: if(!gss_recv_token.value) {
! 274: failf(data,
! 275: "Could not allocate memory for GSS-API authentication "
! 276: "response token.");
! 277: gss_release_name(&gss_status, &server);
! 278: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 279: return CURLE_OUT_OF_MEMORY;
! 280: }
! 281:
! 282: result = Curl_blockread_all(conn, sock, (char *)gss_recv_token.value,
! 283: gss_recv_token.length, &actualread);
! 284:
! 285: if(result || (actualread != us_length)) {
! 286: failf(data, "Failed to receive GSS-API authentication token.");
! 287: gss_release_name(&gss_status, &server);
! 288: gss_release_buffer(&gss_status, &gss_recv_token);
! 289: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 290: return CURLE_COULDNT_CONNECT;
! 291: }
! 292:
! 293: gss_token = &gss_recv_token;
! 294: }
! 295:
! 296: gss_release_name(&gss_status, &server);
! 297:
! 298: /* Everything is good so far, user was authenticated! */
! 299: gss_major_status = gss_inquire_context(&gss_minor_status, gss_context,
! 300: &gss_client_name, NULL, NULL, NULL,
! 301: NULL, NULL, NULL);
! 302: if(check_gss_err(data, gss_major_status,
! 303: gss_minor_status, "gss_inquire_context")) {
! 304: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 305: gss_release_name(&gss_status, &gss_client_name);
! 306: failf(data, "Failed to determine user name.");
! 307: return CURLE_COULDNT_CONNECT;
! 308: }
! 309: gss_major_status = gss_display_name(&gss_minor_status, gss_client_name,
! 310: &gss_send_token, NULL);
! 311: if(check_gss_err(data, gss_major_status,
! 312: gss_minor_status, "gss_display_name")) {
! 313: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 314: gss_release_name(&gss_status, &gss_client_name);
! 315: gss_release_buffer(&gss_status, &gss_send_token);
! 316: failf(data, "Failed to determine user name.");
! 317: return CURLE_COULDNT_CONNECT;
! 318: }
! 319: user = malloc(gss_send_token.length + 1);
! 320: if(!user) {
! 321: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 322: gss_release_name(&gss_status, &gss_client_name);
! 323: gss_release_buffer(&gss_status, &gss_send_token);
! 324: return CURLE_OUT_OF_MEMORY;
! 325: }
! 326:
! 327: memcpy(user, gss_send_token.value, gss_send_token.length);
! 328: user[gss_send_token.length] = '\0';
! 329: gss_release_name(&gss_status, &gss_client_name);
! 330: gss_release_buffer(&gss_status, &gss_send_token);
! 331: infof(data, "SOCKS5 server authencticated user %s with GSS-API.\n",user);
! 332: free(user);
! 333: user = NULL;
! 334:
! 335: /* Do encryption */
! 336: socksreq[0] = 1; /* GSS-API subnegotiation version */
! 337: socksreq[1] = 2; /* encryption message type */
! 338:
! 339: gss_enc = 0; /* no data protection */
! 340: /* do confidentiality protection if supported */
! 341: if(gss_ret_flags & GSS_C_CONF_FLAG)
! 342: gss_enc = 2;
! 343: /* else do integrity protection */
! 344: else if(gss_ret_flags & GSS_C_INTEG_FLAG)
! 345: gss_enc = 1;
! 346:
! 347: infof(data, "SOCKS5 server supports GSS-API %s data protection.\n",
! 348: (gss_enc == 0)?"no":((gss_enc==1)?"integrity":"confidentiality"));
! 349: /* force for the moment to no data protection */
! 350: gss_enc = 0;
! 351: /*
! 352: * Sending the encryption type in clear seems wrong. It should be
! 353: * protected with gss_seal()/gss_wrap(). See RFC1961 extract below
! 354: * The NEC reference implementations on which this is based is
! 355: * therefore at fault
! 356: *
! 357: * +------+------+------+.......................+
! 358: * + ver | mtyp | len | token |
! 359: * +------+------+------+.......................+
! 360: * + 0x01 | 0x02 | 0x02 | up to 2^16 - 1 octets |
! 361: * +------+------+------+.......................+
! 362: *
! 363: * Where:
! 364: *
! 365: * - "ver" is the protocol version number, here 1 to represent the
! 366: * first version of the SOCKS/GSS-API protocol
! 367: *
! 368: * - "mtyp" is the message type, here 2 to represent a protection
! 369: * -level negotiation message
! 370: *
! 371: * - "len" is the length of the "token" field in octets
! 372: *
! 373: * - "token" is the GSS-API encapsulated protection level
! 374: *
! 375: * The token is produced by encapsulating an octet containing the
! 376: * required protection level using gss_seal()/gss_wrap() with conf_req
! 377: * set to FALSE. The token is verified using gss_unseal()/
! 378: * gss_unwrap().
! 379: *
! 380: */
! 381: if(data->set.socks5_gssapi_nec) {
! 382: us_length = htons((short)1);
! 383: memcpy(socksreq + 2, &us_length, sizeof(short));
! 384: }
! 385: else {
! 386: gss_send_token.length = 1;
! 387: gss_send_token.value = malloc(1);
! 388: if(!gss_send_token.value) {
! 389: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 390: return CURLE_OUT_OF_MEMORY;
! 391: }
! 392: memcpy(gss_send_token.value, &gss_enc, 1);
! 393:
! 394: gss_major_status = gss_wrap(&gss_minor_status, gss_context, 0,
! 395: GSS_C_QOP_DEFAULT, &gss_send_token,
! 396: &gss_conf_state, &gss_w_token);
! 397:
! 398: if(check_gss_err(data, gss_major_status, gss_minor_status, "gss_wrap")) {
! 399: gss_release_buffer(&gss_status, &gss_send_token);
! 400: gss_release_buffer(&gss_status, &gss_w_token);
! 401: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 402: failf(data, "Failed to wrap GSS-API encryption value into token.");
! 403: return CURLE_COULDNT_CONNECT;
! 404: }
! 405: gss_release_buffer(&gss_status, &gss_send_token);
! 406:
! 407: us_length = htons((short)gss_w_token.length);
! 408: memcpy(socksreq + 2, &us_length, sizeof(short));
! 409: }
! 410:
! 411: code = Curl_write_plain(conn, sock, (char *)socksreq, 4, &written);
! 412: if(code || (4 != written)) {
! 413: failf(data, "Failed to send GSS-API encryption request.");
! 414: gss_release_buffer(&gss_status, &gss_w_token);
! 415: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 416: return CURLE_COULDNT_CONNECT;
! 417: }
! 418:
! 419: if(data->set.socks5_gssapi_nec) {
! 420: memcpy(socksreq, &gss_enc, 1);
! 421: code = Curl_write_plain(conn, sock, socksreq, 1, &written);
! 422: if(code || ( 1 != written)) {
! 423: failf(data, "Failed to send GSS-API encryption type.");
! 424: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 425: return CURLE_COULDNT_CONNECT;
! 426: }
! 427: }
! 428: else {
! 429: code = Curl_write_plain(conn, sock, (char *)gss_w_token.value,
! 430: gss_w_token.length, &written);
! 431: if(code || ((ssize_t)gss_w_token.length != written)) {
! 432: failf(data, "Failed to send GSS-API encryption type.");
! 433: gss_release_buffer(&gss_status, &gss_w_token);
! 434: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 435: return CURLE_COULDNT_CONNECT;
! 436: }
! 437: gss_release_buffer(&gss_status, &gss_w_token);
! 438: }
! 439:
! 440: result = Curl_blockread_all(conn, sock, (char *)socksreq, 4, &actualread);
! 441: if(result || (actualread != 4)) {
! 442: failf(data, "Failed to receive GSS-API encryption response.");
! 443: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 444: return CURLE_COULDNT_CONNECT;
! 445: }
! 446:
! 447: /* ignore the first (VER) byte */
! 448: if(socksreq[1] == 255) { /* status / message type */
! 449: failf(data, "User was rejected by the SOCKS5 server (%d %d).",
! 450: socksreq[0], socksreq[1]);
! 451: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 452: return CURLE_COULDNT_CONNECT;
! 453: }
! 454:
! 455: if(socksreq[1] != 2) { /* status / messgae type */
! 456: failf(data, "Invalid GSS-API encryption response type (%d %d).",
! 457: socksreq[0], socksreq[1]);
! 458: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 459: return CURLE_COULDNT_CONNECT;
! 460: }
! 461:
! 462: memcpy(&us_length, socksreq + 2, sizeof(short));
! 463: us_length = ntohs(us_length);
! 464:
! 465: gss_recv_token.length = us_length;
! 466: gss_recv_token.value = malloc(gss_recv_token.length);
! 467: if(!gss_recv_token.value) {
! 468: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 469: return CURLE_OUT_OF_MEMORY;
! 470: }
! 471: result = Curl_blockread_all(conn, sock, (char *)gss_recv_token.value,
! 472: gss_recv_token.length, &actualread);
! 473:
! 474: if(result || (actualread != us_length)) {
! 475: failf(data, "Failed to receive GSS-API encryptrion type.");
! 476: gss_release_buffer(&gss_status, &gss_recv_token);
! 477: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 478: return CURLE_COULDNT_CONNECT;
! 479: }
! 480:
! 481: if(!data->set.socks5_gssapi_nec) {
! 482: gss_major_status = gss_unwrap(&gss_minor_status, gss_context,
! 483: &gss_recv_token, &gss_w_token,
! 484: 0, GSS_C_QOP_DEFAULT);
! 485:
! 486: if(check_gss_err(data, gss_major_status, gss_minor_status, "gss_unwrap")) {
! 487: gss_release_buffer(&gss_status, &gss_recv_token);
! 488: gss_release_buffer(&gss_status, &gss_w_token);
! 489: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 490: failf(data, "Failed to unwrap GSS-API encryption value into token.");
! 491: return CURLE_COULDNT_CONNECT;
! 492: }
! 493: gss_release_buffer(&gss_status, &gss_recv_token);
! 494:
! 495: if(gss_w_token.length != 1) {
! 496: failf(data, "Invalid GSS-API encryption response length (%d).",
! 497: gss_w_token.length);
! 498: gss_release_buffer(&gss_status, &gss_w_token);
! 499: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 500: return CURLE_COULDNT_CONNECT;
! 501: }
! 502:
! 503: memcpy(socksreq, gss_w_token.value, gss_w_token.length);
! 504: gss_release_buffer(&gss_status, &gss_w_token);
! 505: }
! 506: else {
! 507: if(gss_recv_token.length != 1) {
! 508: failf(data, "Invalid GSS-API encryption response length (%d).",
! 509: gss_recv_token.length);
! 510: gss_release_buffer(&gss_status, &gss_recv_token);
! 511: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 512: return CURLE_COULDNT_CONNECT;
! 513: }
! 514:
! 515: memcpy(socksreq, gss_recv_token.value, gss_recv_token.length);
! 516: gss_release_buffer(&gss_status, &gss_recv_token);
! 517: }
! 518:
! 519: (void)curlx_nonblock(sock, TRUE);
! 520:
! 521: infof(data, "SOCKS5 access with%s protection granted.\n",
! 522: (socksreq[0] == 0)?"out GSS-API data":
! 523: ((socksreq[0] == 1)?" GSS-API integrity":" GSS-API confidentiality"));
! 524:
! 525: conn->socks5_gssapi_enctype = socksreq[0];
! 526: if(socksreq[0] == 0)
! 527: gss_delete_sec_context(&gss_status, &gss_context, NULL);
! 528:
! 529: return CURLE_OK;
! 530: }
! 531:
! 532: #endif /* HAVE_GSSAPI && !CURL_DISABLE_PROXY */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to socks_gssapi.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / curl / lib