http_negotiate: Combine GSS-API and SSPI source files

  curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c pop3.c smtp.c    \

  pingpong.c rtsp.c curl_threads.c warnless.c hmac.c curl_rtmp.c        \

  openldap.c curl_gethostname.c gopher.c idn_win32.c                    \

  http_negotiate_sspi.c http_proxy.c non-ascii.c asyn-ares.c            \

  asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c                \

  curl_ntlm_core.c curl_sasl.c curl_multibyte.c hostcheck.c conncache.c \

  pipeline.c dotdot.c x509asn1.c http2.c smb.c curl_endian.c curl_des.c

  http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c      \

  curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_sasl.c               \

  curl_multibyte.c hostcheck.c conncache.c pipeline.c dotdot.c          \

  x509asn1.c http2.c smb.c curl_endian.c curl_des.c

LIB_HFILES = arpa_telnet.h netrc.h file.h timeval.h hostip.h progress.h \

  formdata.h cookie.h http.h sendf.h ftp.h url.h dict.h if2ip.h         \

	$(DIROBJ)\http_chunks.obj \

	$(DIROBJ)\http_digest.obj \

	$(DIROBJ)\http_negotiate.obj \

	$(DIROBJ)\http_negotiate_sspi.obj \

	$(DIROBJ)\http_proxy.obj \

	$(DIROBJ)\idn_win32.obj \

	$(DIROBJ)\if2ip.obj \

#include "curl_setup.h"

#if defined(HAVE_GSSAPI) && !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)

#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)

#include "urldata.h"

#include "sendf.h"

                              const char *header)

{

  struct SessionHandle *data = conn->data;

  size_t len;

  /* Point to the service and host */

  /* Point to the username, password, service and host */

  const char *userp;

  const char *passwdp;

  const char *service;

  const char *host;

  struct negotiatedata *neg_ctx;

  if(proxy) {

    userp = conn->proxyuser;

    passwdp = conn->proxypasswd;

    service = data->set.str[STRING_PROXY_SERVICE_NAME];

    host = conn->host.name;

    neg_ctx = &data->state.proxyneg;

  }

  else {

    userp = conn->user;

    passwdp = conn->passwd;

    service = data->set.str[STRING_SERVICE_NAME];

    host = conn->proxy.name;

    neg_ctx = &data->state.negotiate;

  }

  /* Not set means empty */

  if(!userp)

    userp = "";

  if(!passwdp)

    passwdp = "";

  /* Obtain the input token, if any */

  header += strlen("Negotiate");

  while(*header && ISSPACE(*header))

    header++;

  len = strlen(header);

  if(!len) {

    /* Is this the first call in a new negotiation? */

    if(neg_ctx->context) {

      /* The server rejected our authentication and hasn't suppled any more

      negotiation mechanisms */

      return CURLE_LOGIN_DENIED;

    }

  }

  /* Initilise the security context and decode our challenge */

  return Curl_auth_decode_spnego_message(data, NULL, NULL, service, host,

  return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host,

                                         header, neg_ctx);

}

  Curl_auth_spnego_cleanup(&data->state.proxyneg);

}

#endif /* HAVE_GSSAPI && !CURL_DISABLE_HTTP && USE_SPNEGO */

#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */

/***************************************************************************

 *                                  _   _ ____  _

 *  Project                     ___| | | |  _ \| |

 *                             / __| | | | |_) | |

 *                            | (__| |_| |  _ <| |___

 *                             \___|\___/|_| \_\_____|

 *

 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.

 *

 * This software is licensed as described in the file COPYING, which

 * you should have received as part of this distribution. The terms

 * are also available at https://curl.haxx.se/docs/copyright.html.

 *

 * You may opt to use, copy, modify, merge, publish, distribute and/or sell

 * copies of the Software, and permit persons to whom the Software is

 * furnished to do so, under the terms of the COPYING file.

 *

 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY

 * KIND, either express or implied.

 *

 ***************************************************************************/

#include "curl_setup.h"

#ifdef USE_WINDOWS_SSPI

#if !defined(CURL_DISABLE_HTTP) && defined(USE_SPNEGO)

#include "urldata.h"

#include "sendf.h"

#include "rawstr.h"

#include "vauth/vauth.h"

#include "http_negotiate.h"

#include "curl_printf.h"

/* The last #include files should be: */

#include "curl_memory.h"

#include "memdebug.h"

CURLcode Curl_input_negotiate(struct connectdata *conn, bool proxy,

                              const char *header)

{

  struct SessionHandle *data = conn->data;

  size_t len;

  /* Point to the username, password, service and host */

  const char *userp;

  const char *passwdp;

  const char *service;

  const char *host;

  /* Point to the correct struct with this */

  struct negotiatedata *neg_ctx;

  if(proxy) {

    userp = conn->proxyuser;

    passwdp = conn->proxypasswd;

    service = data->set.str[STRING_PROXY_SERVICE_NAME];

    host = conn->host.name;

    neg_ctx = &data->state.proxyneg;

  }

  else {

    userp = conn->user;

    passwdp = conn->passwd;

    service = data->set.str[STRING_SERVICE_NAME];

    host = conn->proxy.name;

    neg_ctx = &data->state.negotiate;

  }

  /* Not set means empty */

  if(!userp)

    userp = "";

  if(!passwdp)

    passwdp = "";

  /* Obtain the input token, if any */

  header += strlen("Negotiate");

  while(*header && ISSPACE(*header))

    header++;

  len = strlen(header);

  if(!len) {

    /* Is this the first call in a new negotiation? */

    if(neg_ctx->context) {

      /* The server rejected our authentication and hasn't suppled any more

         negotiation mechanisms */

      return CURLE_LOGIN_DENIED;

    }

  }

  /* Initilise the security context and decode our challenge */

  return Curl_auth_decode_spnego_message(data, userp, passwdp, service, host,

                                         header, neg_ctx);

}

CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)

{

  struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:

    &conn->data->state.negotiate;

  char *base64 = NULL;

  size_t len = 0;

  char *userp;

  CURLcode result;

  result = Curl_auth_create_spnego_message(conn->data, neg_ctx, &base64, &len);

  if(result)

    return result;

  userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "",

                  base64);

  if(proxy) {

    Curl_safefree(conn->allocptr.proxyuserpwd);

    conn->allocptr.proxyuserpwd = userp;

  }

  else {

    Curl_safefree(conn->allocptr.userpwd);

    conn->allocptr.userpwd = userp;

  }

  free(base64);

  return (userp == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;

}

void Curl_cleanup_negotiate(struct SessionHandle *data)

{

  Curl_auth_spnego_cleanup(&data->state.negotiate);

  Curl_auth_spnego_cleanup(&data->state.proxyneg);

}

#endif /* !CURL_DISABLE_HTTP && USE_SPNEGO */

#endif /* USE_WINDOWS_SSPI */

  socks_sspi.c curl_sspi.c slist.c nonblock.c curl_memrchr.c imap.c    \

  pop3.c smtp.c pingpong.c rtsp.c curl_threads.c warnless.c hmac.c     \

  vtls/polarssl.c curl_rtmp.c openldap.c curl_gethostname.c gopher.c   \

  vtls/axtls.c idn_win32.c http_negotiate_sspi.c vtls/cyassl.c         \

  http_proxy.c non-ascii.c asyn-ares.c asyn-thread.c curl_gssapi.c     \

  curl_ntlm.c curl_ntlm_wb.c curl_ntlm_core.c curl_sasl.c              \

  vtls/schannel.c curl_multibyte.c vtls/darwinssl.c conncache.c        \

  curl_sasl_sspi.c smb.c curl_endian.c curl_des.c                      \

  vtls/axtls.c idn_win32.c vtls/cyassl.c http_proxy.c non-ascii.c      \

  asyn-ares.c asyn-thread.c curl_gssapi.c curl_ntlm.c curl_ntlm_wb.c   \

  curl_ntlm_core.c curl_sasl.c vtls/schannel.c curl_multibyte.c        \

  vtls/darwinssl.c conncache.c curl_sasl_sspi.c smb.c curl_endian.c    \

  curl_des.c                                                           \

  vauth/vauth.c vauth/cleartext.c vauth/cram.c vauth/digest.c          \

  vauth/digest_sspi.c vauth/krb5_gssapi.c vauth/krb5_sspi.c            \

  vauth/ntlm.c vauth/ntlm_sspi.c vauth/oauth2.c vauth/spnego_gssapi.c  \