While inspecting the Negotiate code, I noticed how the proxy auth was using

                                  Changelog

Daniel S (21 Nov 2007)

- While inspecting the Negotiate code, I noticed how the proxy auth was using

  the same state struct as the host auth, so both could never be used at the

  same time! I fixed it (without being able to check) to use two separate

  structs to allow authentication using Negotiate on host and proxy

  simultanouesly.

Daniel S (20 Nov 2007)

- Emil Romanus pointed out a bug that made an easy handle get the cookie

  engine activated when set to use a share (even if the share doesn't share

  cookies). I fixed it.

- Fixed a very long-lasting mprintf() bug that occured when we did "%.*s%s",

  since the second %s would then wrongly used the numerical precision argument

  instead and crash.

 o variable wrapping when using debug callback and the HTTP request wasn't sent

   in one go

 o SSL connections with NSS done with the multi-interface

 o setting a share no longer activates cookies

 o Negotiate now works on auth and proxy simultanouesly

This release includes the following known bugs:

advice from friends like these:

 Dan Fandrich, Gisle Vanem, Toby Peterson, Yang Tse, Daniel Black,

 Robin Johnson, Michal Marek, Ates Goral, Andres Garcia, Rob Crittenden

 Robin Johnson, Michal Marek, Ates Goral, Andres Garcia, Rob Crittenden,

 Emil Romanus

        Thanks! (and sorry if I forgot to mention someone)

To be addressed before 7.17.2 (planned release: December 2007)

=============================

106 - Share interface force-enable the cookie parser

      http://curl.haxx.se/mail/lib-2007-11/0234.html

107 - resolve the type= thing for FTP URLs over HTTP proxies

108 - 

static int

get_gss_name(struct connectdata *conn, bool proxy, gss_name_t *server)

{

  struct negotiatedata *neg_ctx = &conn->data->state.negotiate;

  struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:

    &conn->data->state.negotiate;

  OM_uint32 major_status, minor_status;

  gss_buffer_desc token = GSS_C_EMPTY_BUFFER;

  char name[2048];

int Curl_input_negotiate(struct connectdata *conn, bool proxy,

                         const char *header)

{

  struct negotiatedata *neg_ctx = &conn->data->state.negotiate;

  struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:

    &conn->data->state.negotiate;

  OM_uint32 major_status, minor_status, minor_status2;

  gss_buffer_desc input_token = GSS_C_EMPTY_BUFFER;

  gss_buffer_desc output_token = GSS_C_EMPTY_BUFFER;

CURLcode Curl_output_negotiate(struct connectdata *conn, bool proxy)

{

  struct negotiatedata *neg_ctx = &conn->data->state.negotiate;

  struct negotiatedata *neg_ctx = proxy?&conn->data->state.proxyneg:

    &conn->data->state.negotiate;

  OM_uint32 minor_status;

  char *encoded = NULL;

  int len;

  return (conn->allocptr.userpwd == NULL) ? CURLE_OUT_OF_MEMORY : CURLE_OK;

}

void Curl_cleanup_negotiate(struct SessionHandle *data)

static void cleanup(struct negotiatedata *neg_ctx)

{

  OM_uint32 minor_status;

  struct negotiatedata *neg_ctx = &data->state.negotiate;

  if(neg_ctx->context != GSS_C_NO_CONTEXT)

    gss_delete_sec_context(&minor_status, &neg_ctx->context, GSS_C_NO_BUFFER);

  memset(neg_ctx, 0, sizeof(*neg_ctx));

}

void Curl_cleanup_negotiate(struct SessionHandle *data)

{

  cleanup(&data->state.negotiate);

  cleanup(&data->state.proxyneg);

}

#endif

#endif

  struct digestdata proxydigest; /* state data for proxy Digest auth */

#ifdef HAVE_GSSAPI

  struct negotiatedata negotiate; /* state data for Negotiate auth */

  struct negotiatedata negotiate; /* state data for host Negotiate auth */

  struct negotiatedata proxyneg; /* state data for proxy Negotiate auth */

#endif

  struct auth authhost;  /* auth details for host */