copyright: update all copyright lines and remove year ranges

- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- save

copyright: update all copyright lines and remove year ranges

- they are mostly pointless in all major jurisdictions
- many big corporations and projects already don't use them
- saves us from pointless churn
- git keeps history for us
- the year range is kept in COPYING

checksrc is updated to allow non-year using copyright statements

Closes #10205

show more ...

copyright: make repository REUSE compliant

Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the

copyright: make repository REUSE compliant

Add licensing and copyright information for all files in this repository. This
either happens in the file itself as a comment header or in the file
`.reuse/dep5`.

This commit also adds a Github workflow to check pull requests and adapts
copyright.pl to the changes.

Closes #8869

show more ...

lib: remove support for CURL_DOES_CONVERSIONS

TPF was the only user and support for that was dropped.

Closes #8378

infof: remove newline from format strings, always append it

- the data needs to be "line-based" anyway since it's also passed to the
debug callback/application

- it makes info

infof: remove newline from format strings, always append it

- the data needs to be "line-based" anyway since it's also passed to the
debug callback/application

- it makes infof() work like failf() and consistency is good

- there's an assert that triggers on newlines in the format string

- Also removes a few instances of "..."

- Removes the code that would append "..." to the end of the data *iff*
it was truncated in infof()

Closes #7357

show more ...

copyright: fix year ranges

Follow-up from 4d2f8006777

curl.se: new home

Closes #6172

vauth: return CURLE_AUTH_ERROR on gss_init_sec_context() failure

This is a follow-up to https://github.com/curl/curl/pull/3864 .

Closes #4224

vauth: Use CURLE_AUTH_ERROR for auth function errors

- Add new error code CURLE_AUTH_ERROR.

Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CU

vauth: Use CURLE_AUTH_ERROR for auth function errors

- Add new error code CURLE_AUTH_ERROR.

Prior to this change auth function errors were signaled by
CURLE_OUT_OF_MEMORY and CURLE_RECV_ERROR, and neither one was
technically correct.

Ref: https://github.com/curl/curl/pull/3848

Co-authored-by: Dominik Hölzl

Closes https://github.com/curl/curl/pull/3864

show more ...

http_negotiate: Move the Negotiate state out of the negotiatedata structure

Given that this member variable is not used by the SASL based protocols
there is no need to have it here.

http_negotiate: Move the Negotiate state out of the negotiatedata structure

Given that this member variable is not used by the SASL based protocols
there is no need to have it here.

Closes #3882

show more ...

auth: Rename the various authentication clean up functions

For consistency and to a avoid confusion.

Closes #3869

spnego_gssapi: fix return code on gss_init_sec_context() failure

Fixes #3726
Closes #3849

Negotiate: fix for HTTP POST with Negotiate

* Adjusted unit tests 2056, 2057
* do not generally close connections with CURLAUTH_NEGOTIATE after every request
* moved negotiatedata fr

Negotiate: fix for HTTP POST with Negotiate

* Adjusted unit tests 2056, 2057
* do not generally close connections with CURLAUTH_NEGOTIATE after every request
* moved negotiatedata from UrlState to connectdata
* Added stream rewind logic for CURLAUTH_NEGOTIATE
* introduced negotiatedata::GSS_AUTHDONE and negotiatedata::GSS_AUTHSUCC
* Consider authproblem state for CURLAUTH_NEGOTIATE
* Consider reuse_forbid for CURLAUTH_NEGOTIATE
* moved and adjusted negotiate authentication state handling from
output_auth_headers into Curl_output_negotiate
* Curl_output_negotiate: ensure auth done is always set
* Curl_output_negotiate: Set auth done also if result code is
GSS_S_CONTINUE_NEEDED/SEC_I_CONTINUE_NEEDED as this result code may
also indicate the last challenge request (only works with disabled
Expect: 100-continue and CURLOPT_KEEP_SENDING_ON_ERROR -> 1)
* Consider "Persistent-Auth" header, detect if not present;
Reset/Cleanup negotiate after authentication if no persistent
authentication
* apply changes introduced with #2546 for negotiate rewind logic

Fixes #1261
Closes #1975

show more ...

comment: Fix multiple typos in function parameters

Ensure that the parameters in the comment match the actual names in the
prototype.

Closes #3079
Reviewed-by: Daniel Stenbe

comment: Fix multiple typos in function parameters

Ensure that the parameters in the comment match the actual names in the
prototype.

Closes #3079
Reviewed-by: Daniel Stenberg <daniel@haxx.se>

show more ...

gssapi: fix memory leak of output token in multi round context

When multiple rounds are needed to establish a security context
(usually ntlm), we overwrite old token with a new one witho

gssapi: fix memory leak of output token in multi round context

When multiple rounds are needed to establish a security context
(usually ntlm), we overwrite old token with a new one without free.
Found by proposed gss tests using stub a gss implementation (by
valgrind error), though I have confirmed the leak with a real
gssapi implementation as well.

Closes https://github.com/curl/curl/pull/1733

show more ...

vauth: Introduced Curl_auth_is_<mechansism>_supported() functions

As Windows SSPI authentication calls fail when a particular mechanism
isn't available, introduced these functions for DI

vauth: Introduced Curl_auth_is_<mechansism>_supported() functions

As Windows SSPI authentication calls fail when a particular mechanism
isn't available, introduced these functions for DIGEST, NTLM, Kerberos 5
and Negotiate to allow both HTTP and SASL authentication the opportunity
to query support for a supported mechanism before selecting it.

For now each function returns TRUE to maintain compatability with the
existing code when called.

show more ...

spnego: Corrected miss-placed * in Curl_auth_spnego_cleanup() declaration

Typo introduced in commit ad5e9bfd5d.

internals: rename the SessionHandle struct to Curl_easy

URLs: change http to https in many places

Closes #754

vauth: Corrected a number of typos in comments

Reported-by: Michael Osipov

vauth: Removed the need for a separate GSS-API based SPN function

spnego: Small code tidy up

* Prefer dereference of string pointer rather than strlen()
* Free challenge pointer in one place
* Additional comments

spnego: Renamed the context's SPN variable

To be consistent with the Kerberos 5 context and other authentication
code.

spnego: Corrected some typos in comments

Corrected typos from commit ad5e9bfd5d and 6d6f9ca1d9.

GSS: make Curl_gss_log_error more verbose

Also display the GSS_C_GSS_CODE (major code) when specified instead of
only GSS_C_MECH_CODE (minor code).

In addition, the old code was

GSS: make Curl_gss_log_error more verbose

Also display the GSS_C_GSS_CODE (major code) when specified instead of
only GSS_C_MECH_CODE (minor code).

In addition, the old code was printing a colon twice after the prefix
and also miscalculated the length of the buffer in between calls to
gss_display_status (the length of ": " was missing).

Also, gss_buffer is not guaranteed to be NULL terminated and thus need
to restrict reading by its length.

Closes #738

show more ...

vauth: Moved the Negotiate authentication code to the new vauth directory

Part 2 of 2 - Moved the GSS-API based Negotiate authentication code.