Annotation of embedaddon/curl/lib/vauth/vauth.c, revision 1.1.1.1
1.1 misho 1: /***************************************************************************
2: * _ _ ____ _
3: * Project ___| | | | _ \| |
4: * / __| | | | |_) | |
5: * | (__| |_| | _ <| |___
6: * \___|\___/|_| \_\_____|
7: *
8: * Copyright (C) 2014 - 2019, Steve Holme, <steve_holme@hotmail.com>.
9: *
10: * This software is licensed as described in the file COPYING, which
11: * you should have received as part of this distribution. The terms
12: * are also available at https://curl.haxx.se/docs/copyright.html.
13: *
14: * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15: * copies of the Software, and permit persons to whom the Software is
16: * furnished to do so, under the terms of the COPYING file.
17: *
18: * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19: * KIND, either express or implied.
20: *
21: ***************************************************************************/
22:
23: #include "curl_setup.h"
24:
25: #include <curl/curl.h>
26:
27: #include "vauth.h"
28: #include "curl_multibyte.h"
29: #include "curl_printf.h"
30:
31: /* The last #include files should be: */
32: #include "curl_memory.h"
33: #include "memdebug.h"
34:
35: /*
36: * Curl_auth_build_spn()
37: *
38: * This is used to build a SPN string in the following formats:
39: *
40: * service/host@realm (Not currently used)
41: * service/host (Not used by GSS-API)
42: * service@realm (Not used by Windows SSPI)
43: *
44: * Parameters:
45: *
46: * service [in] - The service type such as http, smtp, pop or imap.
47: * host [in] - The host name.
48: * realm [in] - The realm.
49: *
50: * Returns a pointer to the newly allocated SPN.
51: */
52: #if !defined(USE_WINDOWS_SSPI)
53: char *Curl_auth_build_spn(const char *service, const char *host,
54: const char *realm)
55: {
56: char *spn = NULL;
57:
58: /* Generate our SPN */
59: if(host && realm)
60: spn = aprintf("%s/%s@%s", service, host, realm);
61: else if(host)
62: spn = aprintf("%s/%s", service, host);
63: else if(realm)
64: spn = aprintf("%s@%s", service, realm);
65:
66: /* Return our newly allocated SPN */
67: return spn;
68: }
69: #else
70: TCHAR *Curl_auth_build_spn(const char *service, const char *host,
71: const char *realm)
72: {
73: char *utf8_spn = NULL;
74: TCHAR *tchar_spn = NULL;
75:
76: (void) realm;
77:
78: /* Note: We could use DsMakeSPN() or DsClientMakeSpnForTargetServer() rather
79: than doing this ourselves but the first is only available in Windows XP
80: and Windows Server 2003 and the latter is only available in Windows 2000
81: but not Windows95/98/ME or Windows NT4.0 unless the Active Directory
82: Client Extensions are installed. As such it is far simpler for us to
83: formulate the SPN instead. */
84:
85: /* Generate our UTF8 based SPN */
86: utf8_spn = aprintf("%s/%s", service, host);
87: if(!utf8_spn) {
88: return NULL;
89: }
90:
91: /* Allocate our TCHAR based SPN */
92: tchar_spn = Curl_convert_UTF8_to_tchar(utf8_spn);
93: if(!tchar_spn) {
94: free(utf8_spn);
95:
96: return NULL;
97: }
98:
99: /* Release the UTF8 variant when operating with Unicode */
100: Curl_unicodefree(utf8_spn);
101:
102: /* Return our newly allocated SPN */
103: return tchar_spn;
104: }
105: #endif /* USE_WINDOWS_SSPI */
106:
107: /*
108: * Curl_auth_user_contains_domain()
109: *
110: * This is used to test if the specified user contains a Windows domain name as
111: * follows:
112: *
113: * Domain\User (Down-level Logon Name)
114: * Domain/User (curl Down-level format - for compatibility with existing code)
115: * User@Domain (User Principal Name)
116: *
117: * Note: The user name may be empty when using a GSS-API library or Windows
118: * SSPI as the user and domain are either obtained from the credentials cache
119: * when using GSS-API or via the currently logged in user's credentials when
120: * using Windows SSPI.
121: *
122: * Parameters:
123: *
124: * user [in] - The user name.
125: *
126: * Returns TRUE on success; otherwise FALSE.
127: */
128: bool Curl_auth_user_contains_domain(const char *user)
129: {
130: bool valid = FALSE;
131:
132: if(user && *user) {
133: /* Check we have a domain name or UPN present */
134: char *p = strpbrk(user, "\\/@");
135:
136: valid = (p != NULL && p > user && p < user + strlen(user) - 1 ? TRUE :
137: FALSE);
138: }
139: #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
140: else
141: /* User and domain are obtained from the GSS-API credentials cache or the
142: currently logged in user from Windows */
143: valid = TRUE;
144: #endif
145:
146: return valid;
147: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>