| #
2dbe75bd |
| 09-Dec-2023 |
Viktor Szakats |
build: fix some `-Wsign-conversion`/`-Warith-conversion` warnings
- enable `-Wsign-conversion` warnings, but also setting them to not
raise errors.
- fix `-Warith-conversion` warni
build: fix some `-Wsign-conversion`/`-Warith-conversion` warnings
- enable `-Wsign-conversion` warnings, but also setting them to not
raise errors.
- fix `-Warith-conversion` warnings seen in CI.
These are triggered by `-Wsign-converion` and causing errors unless
explicitly silenced. It makes more sense to fix them, there just a few
of them.
- fix some `-Wsign-conversion` warnings.
- hide `-Wsign-conversion` warnings with a `#pragma`.
- add macro `CURL_WARN_SIGN_CONVERSION` to unhide them on a per-build
basis.
- update a CI job to unhide them with the above macro:
https://github.com/curl/curl/actions/workflows/linux.yml -> OpenSSL -O3
Closes #12492
show more ...
|
| #
2bc1d775 |
| 02-Jan-2023 |
Daniel Stenberg |
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- save
copyright: update all copyright lines and remove year ranges
- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING
checksrc is updated to allow non-year using copyright statements
Closes #10205
show more ...
|
| #
ad9bc597 |
| 17-May-2022 |
max.mehl |
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the
copyright: make repository REUSE compliant
Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.
This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.
Closes #8869
show more ...
|
| #
7da2990b |
| 16-Aug-2021 |
Patrick Monnerat |
auth: do not append zero-terminator to authorisation id in kerberos
RFC4752 Section 3.1 states "The authorization identity is not terminated
with a zero-valued (%x00) octet". Although a
auth: do not append zero-terminator to authorisation id in kerberos
RFC4752 Section 3.1 states "The authorization identity is not terminated
with a zero-valued (%x00) octet". Although a comment in code said it may
be needed anyway, nothing confirms it. In addition, servers may consider
it as part of the identity, causing a failure.
Closes #7008
show more ...
|
| #
396a2d7f |
| 16-Aug-2021 |
Patrick Monnerat |
auth: use sasl authzid option in kerberos
... instead of deriving it from active ticket.
Closes #7008
|
| #
0a1c85e3 |
| 16-Aug-2021 |
Patrick Monnerat |
auth: we do not support a security layer after kerberos authentication
Closes #7008
|
| #
3f9b1d0c |
| 16-Aug-2021 |
Patrick Monnerat |
auth: properly handle byte order in kerberos security message
Closes #7008
|
| #
e7416cfd |
| 06-Jul-2021 |
Daniel Stenberg |
infof: remove newline from format strings, always append it
- the data needs to be "line-based" anyway since it's also passed to the
debug callback/application
- it makes info
infof: remove newline from format strings, always append it
- the data needs to be "line-based" anyway since it's also passed to the
debug callback/application
- it makes infof() work like failf() and consistency is good
- there's an assert that triggers on newlines in the format string
- Also removes a few instances of "..."
- Removes the code that would append "..." to the end of the data *iff*
it was truncated in infof()
Closes #7357
show more ...
|
|
Revision tags: curl-7_76_1, curl-7_76_0 |
|
| #
19ea52da |
| 17-Mar-2021 |
Patrick Monnerat |
vauth: factor base64 conversions out of authentication procedures
Input challenges and returned messages are now in binary.
Conversions from/to base64 are performed by callers (currently
vauth: factor base64 conversions out of authentication procedures
Input challenges and returned messages are now in binary.
Conversions from/to base64 are performed by callers (currently curl_sasl.c
and http_ntlm.c).
Closes #6654
show more ...
|
|
Revision tags: curl-7_75_0, curl-7_74_0 |
|
| #
ac0a88fd |
| 05-Nov-2020 |
Daniel Stenberg |
copyright: fix year ranges
Follow-up from 4d2f8006777
|
| #
4d2f8006 |
| 04-Nov-2020 |
Daniel Stenberg |
curl.se: new home
Closes #6172
|
|
Revision tags: curl-7_73_0, tiny-curl-7_72_0, curl-7_72_0, curl-7_71_1, curl-7_71_0, curl-7_70_0, curl-7_69_1, curl-7_69_0, curl-7_68_0, curl-7_67_0, curl-7_66_0, curl-7_65_3, curl-7_65_2, curl-7_65_1, curl-7_65_0 |
|
| #
dca6f736 |
| 11-May-2019 |
Jay Satiro |
vauth: Use CURLE_AUTH_ERROR for auth function errors
- Add new error code CURLE_AUTH_ERROR.
Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CU
vauth: Use CURLE_AUTH_ERROR for auth function errors
- Add new error code CURLE_AUTH_ERROR.
Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was
technically correct.
Ref: https://github.com/curl/curl/pull/3848
Co-authored-by: Dominik Hölzl
Closes https://github.com/curl/curl/pull/3864
show more ...
|
| #
52dfab65 |
| 11-May-2019 |
Steve Holme |
auth: Rename the various authentication clean up functions
For consistency and to a avoid confusion.
Closes #3869
|
|
Revision tags: curl-7_64_1, curl-7_64_0, curl-7_63_0, curl-7_62_0 |
|
| #
e182fc16 |
| 03-Oct-2018 |
Daniel Gustafsson |
comment: Fix multiple typos in function parameters
Ensure that the parameters in the comment match the actual names in the
prototype.
Closes #3079
Reviewed-by: Daniel Stenbe
comment: Fix multiple typos in function parameters
Ensure that the parameters in the comment match the actual names in the
prototype.
Closes #3079
Reviewed-by: Daniel Stenberg <daniel@haxx.se>
show more ...
|
|
Revision tags: curl-7_61_1, curl-7_61_0, curl-7_60_0, curl-7_59_0, curl-7_58_0, curl-7_57_0, curl-7_56_1, curl-7_56_0, curl-7_55_1, curl-7_55_0, curl-7_54_1, curl-7_54_0 |
|
| #
f7df67cf |
| 26-Mar-2017 |
klemens |
spelling fixes
Closes #1356
|
|
Revision tags: curl-7_53_1, curl-7_53_0, curl-7_52_1, curl-7_52_0, curl-7_51_0, curl-7_50_3, curl-7_50_2, curl-7_50_1, curl-7_50_0, curl-7_49_1, curl-7_49_0, curl-7_48_0 |
|
| #
a0f21294 |
| 20-Mar-2016 |
Steve Holme |
vauth: Introduced Curl_auth_is_<mechansism>_supported() functions
As Windows SSPI authentication calls fail when a particular mechanism
isn't available, introduced these functions for DI
vauth: Introduced Curl_auth_is_<mechansism>_supported() functions
As Windows SSPI authentication calls fail when a particular mechanism
isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5
and Negotiate to allow both HTTP and SASL authentication the opportunity
to query support for a supported mechanism before selecting it.
For now each function returns TRUE to maintain compatability with the
existing code when called.
show more ...
|
| #
434f8d03 |
| 21-Jun-2016 |
Daniel Stenberg |
internals: rename the SessionHandle struct to Curl_easy
|
| #
cbc52ff3 |
| 05-Apr-2016 |
Steve Holme |
vauth: Corrected a number of typos in comments
Reported-by: Michael Osipov
|
| #
9feb2676 |
| 03-Apr-2016 |
Steve Holme |
vauth: Removed the need for a separate GSS-API based SPN function
|
| #
1d451bdd |
| 03-Apr-2016 |
Steve Holme |
krb5: Small code tidy up
* Prefer dereference of string pointer rather than strlen()
* Free challenge pointer in one place
* Additional comments
|
| #
156b8287 |
| 03-Apr-2016 |
Steve Holme |
krb5_gssapi: Only process challenge when present
This wouldn't cause a problem because of the way the function is called,
but prior to this change, we were processing the challenge messa
krb5_gssapi: Only process challenge when present
This wouldn't cause a problem because of the way the function is called,
but prior to this change, we were processing the challenge message when
the credentials were NULL rather than when the challenge message was
populated.
This also brings this part of the Kerberos 5 code in line with the
Negotiate code.
show more ...
|
| #
73f10963 |
| 03-Apr-2016 |
Steve Holme |
krb5: Fixed missing client response when mutual authentication enabled
Although mutual authentication is currently turned off and can only be
enabled by changing libcurl source code, aut
krb5: Fixed missing client response when mutual authentication enabled
Although mutual authentication is currently turned off and can only be
enabled by changing libcurl source code, authentication using Kerberos
5 has been broken since commit 79543caf90 in this use case.
show more ...
|
| #
2d2c67e3 |
| 03-Apr-2016 |
Steve Holme |
krb5: Only generate a SPN when its not known
Prior to this change, we were generating the SPN in the SSPI code when
the credentials were NULL and in the GSS-API code when the context was
krb5: Only generate a SPN when its not known
Prior to this change, we were generating the SPN in the SSPI code when
the credentials were NULL and in the GSS-API code when the context was
empty. It is better to decouple the SPN generation from these checks
and only generate it when the SPN itself is NULL.
This also brings this part of the Kerberos 5 code in line with the
Negotiate code.
show more ...
|
| #
9173dc06 |
| 02-Apr-2016 |
Steve Holme |
krb5_gssapi: Renamed the status variables
For consistency with the spnego code.
|
| #
ced0cbb5 |
| 02-Apr-2016 |
Steve Holme |
krb5: Moved host from Curl_auth_create_gssapi_user_message() to be argument
For consistency with the spnego and oauth2 code moved the setting of
the host name outside of the Curl_auth_cr
krb5: Moved host from Curl_auth_create_gssapi_user_message() to be argument
For consistency with the spnego and oauth2 code moved the setting of
the host name outside of the Curl_auth_create_gssapi_user_messag()
function.
This will allow us to more easily override it in the future.
show more ...
|
