HTTP: Remove checkprefix("GSS-Negotiate")

  negdata->state = GSS_AUTHNONE;

  if((authstatus->picked == CURLAUTH_GSSNEGOTIATE) &&

     negdata->context && !GSS_ERROR(negdata->status)) {

    auth="GSS-Negotiate";

    auth="Negotiate";

    result = Curl_output_negotiate(conn, proxy);

    if(result)

      return result;

  while(*auth) {

#ifdef USE_HTTP_NEGOTIATE

    if(checkprefix("GSS-Negotiate", auth) ||

       checkprefix("Negotiate", auth)) {

    if(checkprefix("Negotiate", auth)) {

      int neg;

      *availp |= CURLAUTH_GSSNEGOTIATE;

      authp->avail |= CURLAUTH_GSSNEGOTIATE;

  OM_uint32 major_status, minor_status;

  gss_buffer_desc token = GSS_C_EMPTY_BUFFER;

  char name[2048];

  const char* service;

  /* GSSAPI implementation by Globus (known as GSI) requires the name to be

     of form "<service>/<fqdn>" instead of <service>@<fqdn> (ie. slash instead

     of at-sign). Also GSI servers are often identified as 'host' not 'khttp'.

     Change following lines if you want to use GSI */

  /* IIS uses the <service>@<fqdn> form but uses 'http' as the service name */

  if(neg_ctx->gss)

    service = "KHTTP";

  else

    service = "HTTP";

  const char* service = "HTTP";

  token.length = strlen(service) + 1 + strlen(proxy ? conn->proxy.name :

                                              conn->host.name) + 1;

  int ret;

  size_t len;

  size_t rawlen = 0;

  bool gss;

  const char* protocol;

  CURLcode error;

  if(checkprefix("GSS-Negotiate", header)) {

    protocol = "GSS-Negotiate";

    gss = TRUE;

  }

  else if(checkprefix("Negotiate", header)) {

    protocol = "Negotiate";

    gss = FALSE;

  }

  else

    return -1;

  if(neg_ctx->context) {

    if(neg_ctx->gss != gss) {

      return -1;

    }

  }

  else {

    neg_ctx->protocol = protocol;

    neg_ctx->gss = gss;

  }

  if(neg_ctx->context && neg_ctx->status == GSS_S_COMPLETE) {

    /* We finished successfully our part of authentication, but server

     * rejected it (since we're again here). Exit with an error since we

      (ret = get_gss_name(conn, proxy, &neg_ctx->server_name)))

    return ret;

  header += strlen(neg_ctx->protocol);

  header += strlen("Negotiate");

  while(*header && ISSPACE(*header))

    header++;

    return CURLE_REMOTE_ACCESS_DENIED;

  }

  userp = aprintf("%sAuthorization: %s %s\r\n", proxy ? "Proxy-" : "",

                  neg_ctx->protocol, encoded);

  userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "",

                  encoded);

  if(proxy) {

    Curl_safefree(conn->allocptr.proxyuserpwd);

    conn->allocptr.proxyuserpwd = userp;

get_gss_name(struct connectdata *conn, bool proxy,

             struct negotiatedata *neg_ctx)

{

  const char* service;

  const char* service = "HTTP";

  size_t length;

  if(proxy && !conn->proxy.name)

    /* proxy auth requested but no given proxy name, error out! */

    return -1;

  /* GSSAPI implementation by Globus (known as GSI) requires the name to be

     of form "<service>/<fqdn>" instead of <service>@<fqdn> (ie. slash instead

     of at-sign). Also GSI servers are often identified as 'host' not 'khttp'.

     Change following lines if you want to use GSI */

  /* IIS uses the <service>@<fqdn> form but uses 'http' as the service name,

     and SSPI then generates an NTLM token. When using <service>/<fqdn> a

     Kerberos token is generated. */

  if(neg_ctx->gss)

    service = "KHTTP";

  else

    service = "HTTP";

  length = strlen(service) + 1 + strlen(proxy ? conn->proxy.name :

                                        conn->host.name) + 1;

  if(length + 1 > sizeof(neg_ctx->server_name))

  TCHAR             *sname;

  int ret;

  size_t len = 0, input_token_len = 0;

  bool gss = FALSE;

  const char* protocol;

  CURLcode error;

  if(checkprefix("GSS-Negotiate", header)) {

    protocol = "GSS-Negotiate";

    gss = TRUE;

  }

  else if(checkprefix("Negotiate", header)) {

    protocol = "Negotiate";

    gss = FALSE;

  }

  else

    return -1;

  if(neg_ctx->context) {

    if(neg_ctx->gss != gss) {

      return -1;

    }

  }

  else {

    neg_ctx->protocol = protocol;

    neg_ctx->gss = gss;

  }

  if(neg_ctx->context && neg_ctx->status == SEC_E_OK) {

    /* We finished successfully our part of authentication, but server

     * rejected it (since we're again here). Exit with an error since we

  }

  /* Obtain the input token, if any */

  header += strlen(neg_ctx->protocol);

  header += strlen("Negotiate");

  while(*header && ISSPACE(*header))

    header++;

  if(len == 0)

    return CURLE_REMOTE_ACCESS_DENIED;

  userp = aprintf("%sAuthorization: %s %s\r\n", proxy ? "Proxy-" : "",

                  neg_ctx->protocol, encoded);

  userp = aprintf("%sAuthorization: Negotiate %s\r\n", proxy ? "Proxy-" : "",

                  encoded);

  if(proxy)

    conn->allocptr.proxyuserpwd = userp;

#ifdef USE_HTTP_NEGOTIATE

struct negotiatedata {

  /* when doing Negotiate we first need to receive an auth token and then we

     need to send our header */

  /* When doing Negotiate (SPNEGO) auth, we first need to send a token

     and then validate the received one. */

  enum { GSS_AUTHNONE, GSS_AUTHRECV, GSS_AUTHSENT } state;

  bool gss; /* Whether we're processing GSS-Negotiate or Negotiate */

  const char* protocol; /* "GSS-Negotiate" or "Negotiate" */

#ifdef HAVE_GSSAPI

  OM_uint32 status;

  gss_ctx_id_t context;