* Add new options, CURLOPT_PROXY_SERVICE_NAME and CURLOPT_SERVICE_NAME.
* Add new curl options, --proxy-service-name and --service-name.
.IP "--proxy-ntlm"
Tells curl to use HTTP NTLM authentication when communicating with the given
proxy. Use \fI--ntlm\fP for enabling NTLM with a remote host.
+.IP "--proxy-service-name <servicename>"
+This option allows you to change the service name for proxy negotiation.
+
+Examples: --proxy-negotiate proxy-name \fI--proxy-service-name\fP sockd would use
+sockd/proxy-name. (Added in 7.43.0).
.IP "--proxy1.0 <proxyhost[:port]>"
Use the specified HTTP 1.0 proxy. If the port number is not specified, it is
assumed at port 1080.
.IP "--sasl-ir"
Enable initial response in SASL authentication.
(Added in 7.31.0)
+.IP "--service-name <servicename>"
+This option allows you to change the service name for SPNEGO.
+
+Examples: --negotiate \fI--service-name\fP sockd would use
+sockd/server-name. (Added in 7.43.0).
.IP "-S, --show-error"
When used with \fI-s\fP it makes curl show an error message if it fails.
.IP "--ssl"
Socks5 GSSAPI service name. \fICURLOPT_SOCKS5_GSSAPI_SERVICE(3)\fP
.IP CURLOPT_SOCKS5_GSSAPI_NEC
Socks5 GSSAPI NEC mode. See \fICURLOPT_SOCKS5_GSSAPI_NEC(3)\fP
+.IP CURLOPT_PROXY_SERVICE_NAME
+Proxy service name. \fICURLOPT_PROXY_SERVICE_NAME(3)\fP
+.IP CURLOPT_SERVICE_NAME
+SPNEGO service name. \fICURLOPT_SERVICE_NAME(3)\fP
.IP CURLOPT_INTERFACE
Bind connection locally to this. See \fICURLOPT_INTERFACE(3)\fP
.IP CURLOPT_LOCALPORT
--- /dev/null
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_PROXY_SERVICE_NAME 3 "17 Jun 2015" "libcurl 7.43.0" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_PROXY_SERVICE_NAME \- proxy service name
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SERVICE_NAME, char *name);
+.SH DESCRIPTION
+Pass a char * as parameter to a string holding the \fIname\fP of the
+service. The default service name is "rcmd" (for a SOCKS5 server). This option
+allows you to change it.
+..SH DEFAULT
+See above
+.SH PROTOCOLS
+Most
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.43.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY "(3), " CURLOPT_PROXYTYPE "(3), "
--- /dev/null
+.\" **************************************************************************
+.\" * _ _ ____ _
+.\" * Project ___| | | | _ \| |
+.\" * / __| | | | |_) | |
+.\" * | (__| |_| | _ <| |___
+.\" * \___|\___/|_| \_\_____|
+.\" *
+.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" *
+.\" * This software is licensed as described in the file COPYING, which
+.\" * you should have received as part of this distribution. The terms
+.\" * are also available at http://curl.haxx.se/docs/copyright.html.
+.\" *
+.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
+.\" * copies of the Software, and permit persons to whom the Software is
+.\" * furnished to do so, under the terms of the COPYING file.
+.\" *
+.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
+.\" * KIND, either express or implied.
+.\" *
+.\" **************************************************************************
+.\"
+.TH CURLOPT_SERVICE_NAME 3 "17 Jun 2015" "libcurl 7.43.0" "curl_easy_setopt options"
+.SH NAME
+CURLOPT_SERVICE_NAME \- SPNEGO service name
+.SH SYNOPSIS
+#include <curl/curl.h>
+
+CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SERVICE_NAME, char *name);
+.SH DESCRIPTION
+Pass a char * as parameter to a string holding the \fIname\fP of the
+service. The default service name is "HTTP". This option allows you to
+change it.
+..SH DEFAULT
+See above
+.SH PROTOCOLS
+Most
+.SH EXAMPLE
+TODO
+.SH AVAILABILITY
+Added in 7.43.0
+.SH RETURN VALUE
+Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
+CURLE_OUT_OF_MEMORY if there was insufficient heap space.
+.SH "SEE ALSO"
+.BR CURLOPT_PROXY "(3), " CURLOPT_PROXYTYPE "(3), "
CURLOPT_PROXYTYPE 7.10
CURLOPT_PROXYUSERNAME 7.19.1
CURLOPT_PROXYUSERPWD 7.1
+CURLOPT_PROXY_SERVICE_NAME 7.43.0
CURLOPT_PROXY_TRANSFER_MODE 7.18.0
CURLOPT_PUT 7.1
CURLOPT_QUOTE 7.1
CURLOPT_SEEKDATA 7.18.0
CURLOPT_SEEKFUNCTION 7.18.0
CURLOPT_SERVER_RESPONSE_TIMEOUT 7.20.0
+CURLOPT_SERVICE_NAME 7.43.0
CURLOPT_SHARE 7.10
CURLOPT_SOCKOPTDATA 7.16.0
CURLOPT_SOCKOPTFUNCTION 7.16.0
/* Do not squash dot-dot sequences */
CINIT(PATH_AS_IS, LONG, 234),
+ /* Proxy Service Name */
+ CINIT(PROXY_SERVICE_NAME, OBJECTPOINT, 235),
+
+ /* Service Name */
+ CINIT(SERVICE_NAME, OBJECTPOINT, 236),
+
CURLOPT_LASTENTRY /* the last unused */
} CURLoption;
(option) == CURLOPT_DNS_LOCAL_IP4 || \
(option) == CURLOPT_DNS_LOCAL_IP6 || \
(option) == CURLOPT_LOGIN_OPTIONS || \
+ (option) == CURLOPT_PROXY_SERVICE_NAME || \
+ (option) == CURLOPT_SERVICE_NAME || \
0)
/* evaluates to true if option takes a curl_write_callback argument */
if(!neg_ctx->server_name) {
/* Generate our SPN */
- char *spn = Curl_sasl_build_gssapi_spn("HTTP", proxy ? conn->proxy.name :
- conn->host.name);
+ char *spn = Curl_sasl_build_gssapi_spn(
+ proxy ? data->set.str[STRING_PROXY_SERVICE_NAME] :
+ data->set.str[STRING_SERVICE_NAME],
+ proxy ? conn->proxy.name : conn->host.name);
if(!spn)
return CURLE_OUT_OF_MEMORY;
return CURLE_BAD_FUNCTION_ARGUMENT;
/* Generate our SPN */
- neg_ctx->server_name = Curl_sasl_build_spn("HTTP",
- proxy ? conn->proxy.name :
- conn->host.name);
+ neg_ctx->server_name = Curl_sasl_build_spn(
+ proxy ? data->set.str[STRING_PROXY_SERVICE_NAME] :
+ data->set.str[STRING_SERVICE_NAME],
+ proxy ? conn->proxy.name : conn->host.name);
if(!neg_ctx->server_name)
return CURLE_OUT_OF_MEMORY;
}
(char *) CURL_DEFAULT_SOCKS5_GSSAPI_SERVICE);
if(result)
return result;
+
+ /* set default negotiate proxy service name */
+ result = setstropt(&set->str[STRING_PROXY_SERVICE_NAME],
+ (char *) CURL_DEFAULT_PROXY_SERVICE_NAME);
+ if(result)
+ return result;
+
+ /* set default negotiate service name */
+ result = setstropt(&set->str[STRING_SERVICE_NAME],
+ (char *) CURL_DEFAULT_SERVICE_NAME);
+ if(result)
+ return result;
#endif
/* This is our preferred CA cert bundle/path since install time */
va_arg(param, char *));
break;
+ case CURLOPT_PROXY_SERVICE_NAME:
+ /*
+ * Set negotiate proxy service name
+ */
+ result = setstropt(&data->set.str[STRING_PROXY_SERVICE_NAME],
+ va_arg(param, char *));
+ break;
+
case CURLOPT_SOCKS5_GSSAPI_NEC:
/*
* set flag for nec socks5 support
*/
data->set.socks5_gssapi_nec = (0 != va_arg(param, long))?TRUE:FALSE;
break;
+
+ case CURLOPT_SERVICE_NAME:
+ /*
+ * Set negotiate service identity
+ */
+ result = setstropt(&data->set.str[STRING_SERVICE_NAME],
+ va_arg(param, char *));
+ break;
+
#endif
case CURLOPT_HEADERDATA:
#define CURL_DEFAULT_PROXY_PORT 1080 /* default proxy port unless specified */
#define CURL_DEFAULT_SOCKS5_GSSAPI_SERVICE "rcmd" /* default socks5 gssapi
service */
+#define CURL_DEFAULT_PROXY_SERVICE_NAME "HTTP" /* default negotiate proxy
+ service */
+#define CURL_DEFAULT_SERVICE_NAME "HTTP" /* default negotiate service */
CURLcode Curl_connected_proxy(struct connectdata *conn, int sockindex);
#endif
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
STRING_SOCKS5_GSSAPI_SERVICE, /* GSSAPI service name */
+ STRING_PROXY_SERVICE_NAME, /* Proxy service name */
+ STRING_SERVICE_NAME, /* Service name */
#endif
STRING_MAIL_FROM,
STRING_MAIL_AUTH,
case CURLOPT_USERNAME:
case CURLOPT_USERPWD:
case CURLOPT_XOAUTH2_BEARER:
+ case CURLOPT_PROXY_SERVICE_NAME:
+ case CURLOPT_SERVICE_NAME:
s = va_arg(arg, char *);
ccsid = va_arg(arg, unsigned int);
Curl_safefree(config->socksproxy);
Curl_safefree(config->socks5_gssapi_service);
+ Curl_safefree(config->proxy_service_name);
+ Curl_safefree(config->service_name);
Curl_safefree(config->ftp_account);
Curl_safefree(config->ftp_alternative_to_user);
int socksver; /* set to CURLPROXY_SOCKS* define */
char *socks5_gssapi_service; /* set service name for gssapi principal
* default rcmd */
+ char *proxy_service_name; /* set service name for proxy negotiation
+ * default HTTP */
int socks5_gssapi_nec ; /* The NEC reference server does not protect
* the encryption type exchange */
+ char *service_name; /* set negotiation service name
+ * default HTTP */
bool tcp_nodelay;
long req_retry; /* number of retries */
#if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI)
{"$6", "socks5-gssapi-service", TRUE},
{"$7", "socks5-gssapi-nec", FALSE},
+ {"$O", "proxy-service-name", TRUE},
+ {"$P", "service-name", TRUE},
#endif
{"$8", "proxy1.0", TRUE},
{"$9", "tftp-blksize", TRUE},
case '7': /* --socks5-gssapi-nec*/
config->socks5_gssapi_nec = toggle;
break;
+ case 'O': /* --proxy-service-name */
+ GetStr(&config->proxy_service_name, nextarg);
+ break;
+ case 'P': /* --service-name */
+ GetStr(&config->service_name, nextarg);
+ break;
#endif
case '8': /* --proxy1.0 */
/* http 1.0 proxy */
if(config->socks5_gssapi_nec)
my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_NEC,
config->socks5_gssapi_nec);
+
+ /* new in curl 7.43.0 */
+ if(config->proxy_service_name)
+ my_setopt_str(curl, CURLOPT_PROXY_SERVICE_NAME,
+ config->proxy_service_name);
+
+ /* new in curl 7.43.0 */
+ if(config->service_name)
+ my_setopt_str(curl, CURLOPT_SERVICE_NAME,
+ config->service_name);
+
}
#endif
/* curl 7.13.0 */
projects / curl / commitdiff