Dan Fandrich added the --disable-crypto-auth option to configure to allow (94043b11) · Commits · CYBER - Cyber Security / TS 103 523 MSP / TLMSP / TLMSP curl

configure.ac

+19 −0

Original line number	Diff line number	Diff line
		@@ -1473,6 +1473,25 @@ AC_HELP_STRING([--disable-debug],[Disable debug options]),
		AC_MSG_RESULT(no)
		)

		dnl ************************************************************
		dnl disable cryptographic authentication
		dnl
		AC_MSG_CHECKING([whether to enable cryptographic authentication methods])
		AC_ARG_ENABLE(crypto-auth,
		AC_HELP_STRING([--enable-crypto-auth],[Enable cryptographic authentication])
		AC_HELP_STRING([--disable-crypto-auth],[Disable cryptographic authentication]),
		[ case "$enableval" in
		no)
		AC_MSG_RESULT(no)
		AC_DEFINE(CURL_DISABLE_CRYPTO_AUTH, 1, [to disable cryptographic authentication])
		AC_SUBST(CURL_DISABLE_CRYPTO_AUTH)
		;;
		*) AC_MSG_RESULT(yes)
		;;
		esac ],
		AC_MSG_RESULT(yes)
		)

		AM_CONDITIONAL(CROSSCOMPILING, test x$cross_compiling = xyes)

		AC_CONFIG_FILES([Makefile \

lib/http.c

+10 −4

Original line number	Diff line number	Diff line
		@@ -330,6 +330,7 @@ Curl_http_output_auth(struct connectdata *conn,
		}
		data->state.authproxy.done = TRUE;
		}
		#ifndef CURL_DISABLE_CRYPTO_AUTH
		else if(data->state.authproxy.want == CURLAUTH_DIGEST) {
		auth=(char *)"Digest";
		result = Curl_output_digest(conn,
		@@ -339,7 +340,7 @@ Curl_http_output_auth(struct connectdata *conn,
		if(result)
		return result;
		}

		#endif
		infof(data, "Proxy auth using %s with user '%s'\n",
		auth, conn->proxyuser?conn->proxyuser:"");
		}
		@@ -373,6 +374,7 @@ Curl_http_output_auth(struct connectdata *conn,
		else
		#endif
		{
		#ifndef CURL_DISABLE_CRYPTO_AUTH
		if(data->state.authhost.picked == CURLAUTH_DIGEST) {
		auth=(char *)"Digest";
		result = Curl_output_digest(conn,
		@@ -381,8 +383,9 @@ Curl_http_output_auth(struct connectdata *conn,
		(unsigned char *)path);
		if(result)
		return result;
		}
		else if(data->state.authhost.picked == CURLAUTH_BASIC) {
		} else
		#endif
		if(data->state.authhost.picked == CURLAUTH_BASIC) {
		if(conn->bits.user_passwd &&
		!checkheaders(data, "Authorization:")) {
		auth=(char *)"Basic";
		@@ -489,6 +492,7 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
		}
		else
		#endif
		#ifndef CURL_DISABLE_CRYPTO_AUTH
		if(checkprefix("Digest", start)) {
		CURLdigest dig;
		*availp \|= CURLAUTH_DIGEST;
		@@ -504,7 +508,9 @@ CURLcode Curl_http_input_auth(struct connectdata *conn,
		data->state.authproblem = TRUE;
		}
		}
		else if(checkprefix("Basic", start)) {
		else
		#endif
		if(checkprefix("Basic", start)) {
		*availp \|= CURLAUTH_BASIC;
		authp->avail \|= CURLAUTH_BASIC;
		if(authp->picked == CURLAUTH_BASIC) {

lib/http_digest.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -22,7 +22,7 @@
		***************************************************************************/
		#include "setup.h"

		#ifndef CURL_DISABLE_HTTP
		#if !defined(CURL_DISABLE_HTTP) && !defined(CURL_DISABLE_CRYPTO_AUTH)
		/* -- WIN32 approved -- */
		#include <stdio.h>
		#include <string.h>

lib/md5.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -23,6 +23,8 @@

		#include "setup.h"

		#ifndef CURL_DISABLE_CRYPTO_AUTH

		#ifndef USE_SSLEAY
		/* This code segment is only used if OpenSSL is not provided, as if it is
		we use the MD5-function provided there instead. No good duplicating
		@@ -346,3 +348,5 @@ void Curl_md5it(unsigned char outbuffer, / 16 bytes */
		MD5_Update(&ctx, input, strlen((char *)input));
		MD5_Final(outbuffer, &ctx);
		}

		#endif

lib/url.c

+2 −0

Original line number	Diff line number	Diff line
		@@ -250,7 +250,9 @@ CURLcode Curl_close(struct SessionHandle *data)
		}
		Curl_share_unlock(data, CURL_LOCK_DATA_COOKIE);

		#ifndef CURL_DISABLE_CRYPTO_AUTH
		Curl_digest_cleanup(data);
		#endif
		#endif

		/* free the connection cache */