windows: suppress UI in all CryptAcquireContext() calls

Ref: https://docs.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecontexta#parameters
Reviewed-by: Marc Hörsken

windows: suppress UI in all CryptAcquireContext() calls

Ref: https://docs.microsoft.com/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecontexta#parameters
Reviewed-by: Marc Hörsken
Closes https://github.com/curl/curl/pull/5088

show more ...

md4: use init/update/final functions in Secure Transport

We can use CC_MD4_Init/Update/Final without having to allocate memory
directly.

Closes #4979

md4: Use non-deprecated functions in mbedTLS >= 2.7.0

Closes #4983

md4: Use const for the length input parameter

This keeps the interface the same as md5 and sha256.

md4: Fixed compilation issues when using GNU TLS gcrypt

* Don't include 'struct' in the gcrypt MD4_CTX typedef
* The call to gcry_md_read() should use a dereferenced ctx
* The call t

md4: Fixed compilation issues when using GNU TLS gcrypt

* Don't include 'struct' in the gcrypt MD4_CTX typedef
* The call to gcry_md_read() should use a dereferenced ctx
* The call to gcry_md_close() should use a dereferenced ctx

Additional minor whitespace issue in the USE_WIN32_CRYPTO code.

Closes #4959

show more ...

misc: Copyright year out of date, should be 2020

Follow-up to recent commits

[skip ci]

cmake: Enable SMB for Windows builds

- Define USE_WIN32_CRYPTO by default. This enables SMB.

- Show whether SMB is enabled in the "Enabled features" output.

- Fix mingw com

cmake: Enable SMB for Windows builds

- Define USE_WIN32_CRYPTO by default. This enables SMB.

- Show whether SMB is enabled in the "Enabled features" output.

- Fix mingw compiler warning for call to CryptHashData by casting away
const param. mingw CryptHashData prototype is wrong.

Closes https://github.com/curl/curl/pull/4717

show more ...

md4: Use our own MD4 implementation when no crypto libraries are available

Closes #3780

md4: Move the mbed TLS MD4 implementation out of the NTLM code

md4: Move the WinCrypt implementation out of the NTLM code

md4: Move the SecureTransport implementation out of the NTLM code

md4: Use the Curl_md4it() function for OpenSSL based NTLM

md4: Move the GNU TLS gcrypt MD4 implementation out of the NTLM code

md4: Move the GNU TLS Nettle MD4 implementation out of the NTLM code

md4: include the mbedtls config.h to get the MD4 info

md4: build correctly with openssl without MD4

Reported-by: elsamuko at github
Fixes #3921
Closes #3922

lib: reduce variable scopes

Fixes Codacy/CppCheck warnings.

Closes https://github.com/curl/curl/pull/3872

ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4

Just like we do for mbed TLS, use our local implementation of MD4 when
OpenSSL doesn't support it. This allow

ntlm: Support the NT response in the type-3 when OpenSSL doesn't include MD4

Just like we do for mbed TLS, use our local implementation of MD4 when
OpenSSL doesn't support it. This allows a type-3 message to include the
NT response.

show more ...

md(4|5): Fixed indentation oddities with the importation of replacement code

The indentation from 211d5329 and 57d6d253 was a little strange as
parts didn't align correctly, uses 4 space

md(4|5): Fixed indentation oddities with the importation of replacement code

The indentation from 211d5329 and 57d6d253 was a little strange as
parts didn't align correctly, uses 4 spaces rather than 2. Checked
the indentation of the original source so it aligns, albeit, using
curl style.

show more ...

checksrc: add COPYRIGHTYEAR check

Forgetting to bump the year in the copyright clause when hacking has
been quite common among curl developers, but a traditional checksrc
check isn't

checksrc: add COPYRIGHTYEAR check

Forgetting to bump the year in the copyright clause when hacking has
been quite common among curl developers, but a traditional checksrc
check isn't a good fit as it would penalize anyone hacking on January
1st (among other things). This adds a more selective COPYRIGHTYEAR
check which intends to only cover the currently hacked on changeset.

The check for updated copyright year is currently not enforced on all
files but only on files edited and/or committed locally. This is due to
the amount of files which aren't updated with their correct copyright
year at the time of their respective commit.

To further avoid running this expensive check for every developer, it
adds a new local override mode for checksrc where a .checksrc file can
be used to turn on extended warnings locally.

Closes #3303
Reviewed-by: Daniel Stenberg <daniel@haxx.se>

show more ...

secure Openwall URLs

MD(4|5): silence cast-align clang warning

Unaligned access is on purpose here and the warning is harmless on
affected architectures. GCC knows that, while clang warns on all
architec

MD(4|5): silence cast-align clang warning

Unaligned access is on purpose here and the warning is harmless on
affected architectures. GCC knows that, while clang warns on all
architectures.

show more ...

mbedtls: enable NTLM (& SMB) even if MD4 support is unavailable

In that case, use libcurl's internal MD4 routine. This fixes tests 1013
and 1014 which were failing due to configure assum

mbedtls: enable NTLM (& SMB) even if MD4 support is unavailable

In that case, use libcurl's internal MD4 routine. This fixes tests 1013
and 1014 which were failing due to configure assuming NTLM and SMB were
always available whenever mbed TLS was in use (which is now true).

show more ...

checksrc: warn for assignments within if() expressions

... they're already frowned upon in our source code style guide, this
now enforces the rule harder.

MD(4|5): make the MD4_* and MD5_* functions static