vauth: Removed the need for a separate GSS-API based SPN function

diff --git a/lib/vauth/digest.c b/lib/vauth/digest.c
index 4a5fc4c65d25e4f7e184fdd52973f87b60b151b8..d22b3d1c486fee581ae2dcf44c6ee4e28c6f0f94 100644 (file)
--- a/lib/vauth/digest.c
+++ b/lib/vauth/digest.c
@@ -415,7 +415,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct SessionHandle *data,
     snprintf(&HA1_hex[2 * i], 3, "%02x", digest[i]);
 
   /* Generate our SPN */
-  spn = Curl_auth_build_spn(service, realm);
+  spn = Curl_auth_build_spn(service, realm, NULL);
   if(!spn)
     return CURLE_OUT_OF_MEMORY;
 

diff --git a/lib/vauth/digest_sspi.c b/lib/vauth/digest_sspi.c
index a882534f0fcbffb040cdff7c707eafe80a51a4a3..c7ba72eddac2c314d045444602701ecaf540126a 100644 (file)
--- a/lib/vauth/digest_sspi.c
+++ b/lib/vauth/digest_sspi.c
@@ -125,7 +125,7 @@ CURLcode Curl_auth_create_digest_md5_message(struct SessionHandle *data,
   }
 
   /* Generate our SPN */
-  spn = Curl_auth_build_spn(service, data->easy_conn->host.name);
+  spn = Curl_auth_build_spn(service, data->easy_conn->host.name, NULL);
   if(!spn) {
     free(output_token);
     free(input_token);

diff --git a/lib/vauth/krb5_gssapi.c b/lib/vauth/krb5_gssapi.c
index 8e1ea827b78f1fe9bbb72aa1fe8cb8e5d44199d2..29252b038b5fd876c88114b1f6700138d3b071f1 100644 (file)
--- a/lib/vauth/krb5_gssapi.c
+++ b/lib/vauth/krb5_gssapi.c
@@ -90,7 +90,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data,
 
   if(!krb5->spn) {
     /* Generate our SPN */
-    char *spn = Curl_auth_build_gssapi_spn(service, host);
+    char *spn = Curl_auth_build_spn(service, NULL, host);
     if(!spn)
       return CURLE_OUT_OF_MEMORY;
 

diff --git a/lib/vauth/krb5_sspi.c b/lib/vauth/krb5_sspi.c
index 8ba2662225a5db034cac8245fa174940de69d475..0bc3a16f694f512ca476601f0a08510f09a044ce 100644 (file)
--- a/lib/vauth/krb5_sspi.c
+++ b/lib/vauth/krb5_sspi.c
@@ -87,7 +87,7 @@ CURLcode Curl_auth_create_gssapi_user_message(struct SessionHandle *data,
 
   if(!krb5->spn) {
     /* Generate our SPN */
-    krb5->spn = Curl_auth_build_spn(service, host);
+    krb5->spn = Curl_auth_build_spn(service, host, NULL);
     if(!krb5->spn)
       return CURLE_OUT_OF_MEMORY;
   }

diff --git a/lib/vauth/spnego_gssapi.c b/lib/vauth/spnego_gssapi.c
index fd9a0ef7af206a5c4b3c547b40b6713d24e9d8ea..305476072b69ea878f9a76b6e9bbec95f6db4614 100644 (file)
--- a/lib/vauth/spnego_gssapi.c
+++ b/lib/vauth/spnego_gssapi.c
@@ -89,7 +89,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
 
   if(!nego->spn) {
     /* Generate our SPN */
-    char *spn = Curl_auth_build_gssapi_spn(service, host);
+    char *spn = Curl_auth_build_spn(service, NULL, host);
     if(!spn)
       return CURLE_OUT_OF_MEMORY;
 

diff --git a/lib/vauth/spnego_sspi.c b/lib/vauth/spnego_sspi.c
index 3dc5ccaebb3914b808f230fb6e907b9e1cfb66f8..3530ef32033b68b011f94a40a0e4d04963348fcd 100644 (file)
--- a/lib/vauth/spnego_sspi.c
+++ b/lib/vauth/spnego_sspi.c
@@ -90,7 +90,7 @@ CURLcode Curl_auth_decode_spnego_message(struct SessionHandle *data,
 
   if(!nego->spn) {
     /* Generate our SPN */
-    nego->spn = Curl_auth_build_spn(service, host);
+    nego->spn = Curl_auth_build_spn(service, host, NULL);
     if(!nego->spn)
       return CURLE_OUT_OF_MEMORY;
   }

diff --git a/lib/vauth/vauth.c b/lib/vauth/vauth.c
index 7ed60b11d5516e3bc3f87479b67e5aad9ddc7ea5..c74005fc22671ce3b7b01e68e60166a44906e63b 100644 (file)
--- a/lib/vauth/vauth.c
+++ b/lib/vauth/vauth.c
@@ -35,27 +35,46 @@
 /*
  * Curl_auth_build_spn()
  *
- * This is used to build a SPN string in the format service/instance.
+ * This is used to build a SPN string in the following formats:
+ *
+ * service/host@realm (Not currently used)
+ * service/host       (Not used by GSS-API)
+ * service@realm      (Not used by Windows SSPI)
  *
  * Parameters:
  *
  * service  [in] - The service type such as www, smtp, pop or imap.
- * instance [in] - The host name or realm.
+ * host     [in] - The host name.
+ * realm    [in] - The realm.
  *
  * Returns a pointer to the newly allocated SPN.
  */
 #if !defined(USE_WINDOWS_SSPI)
-char *Curl_auth_build_spn(const char *service, const char *instance)
+char *Curl_auth_build_spn(const char *service, const char *host,
+                          const char *realm)
 {
-  /* Generate and return our SPN */
-  return aprintf("%s/%s", service, instance);
+  char *spn = NULL;
+
+  /* Generate our SPN */
+  if(host && realm)
+    spn = aprintf("%s/%s@%s", service, host, realm);
+  else if(host)
+    spn = aprintf("%s/%s", service, host);
+  else if(realm)
+    spn = aprintf("%s@%s", service, realm);
+
+  /* Return our newly allocated SPN */
+  return spn;
 }
 #else
-TCHAR *Curl_auth_build_spn(const char *service, const char *instance)
+TCHAR *Curl_auth_build_spn(const char *service, const char *host,
+                           const char *realm)
 {
   char *utf8_spn = NULL;
   TCHAR *tchar_spn = NULL;
 
+  (void) realm;
+
   /* Note: We could use DsMakeSPN() or DsClientMakeSpnForTargetServer() rather
      than doing this ourselves but the first is only available in Windows XP
      and Windows Server 2003 and the latter is only available in Windows 2000
@@ -63,8 +82,8 @@ TCHAR *Curl_auth_build_spn(const char *service, const char *instance)
      Client Extensions are installed. As such it is far simpler for us to
      formulate the SPN instead. */
 
-  /* Allocate our UTF8 based SPN */
-  utf8_spn = aprintf("%s/%s", service, instance);
+  /* Generate our UTF8 based SPN */
+  utf8_spn = aprintf("%s/%s", service, host);
   if(!utf8_spn) {
     return NULL;
   }
@@ -85,22 +104,3 @@ TCHAR *Curl_auth_build_spn(const char *service, const char *instance)
 }
 #endif /* USE_WINDOWS_SSPI */
 
-#if defined(HAVE_GSSAPI)
-/*
- * Curl_auth_build_gssapi_spn()
- *
- * This is used to build a SPN string in the format service@instance.
- *
- * Parameters:
- *
- * service  [in] - The service type such as www, smtp, pop or imap.
- * instance [in] - The host name or realm.
- *
- * Returns a pointer to the newly allocated SPN.
- */
-char *Curl_auth_build_gssapi_spn(const char *service, const char *instance)
-{
-  /* Generate and return our SPN */
-  return aprintf("%s@%s", service, instance);
-}
-#endif /* HAVE_GSSAPI */

diff --git a/lib/vauth/vauth.h b/lib/vauth/vauth.h
index 0047b3cf77a445c9c78baeed338cebcc06bbb056..d3900fbc19e6c9c83be97db065517fd26b9eca64 100644 (file)
--- a/lib/vauth/vauth.h
+++ b/lib/vauth/vauth.h
@@ -48,13 +48,11 @@ struct negotiatedata;
 
 /* This is used to build a SPN string */
 #if !defined(USE_WINDOWS_SSPI)
-char *Curl_auth_build_spn(const char *service, const char *instance);
+char *Curl_auth_build_spn(const char *service, const char *host,
+                          const char *realm);
 #else
-TCHAR *Curl_auth_build_spn(const char *service, const char *instance);
-#endif
-
-#if defined(HAVE_GSSAPI)
-char *Curl_auth_build_gssapi_spn(const char *service, const char *instance);
+TCHAR *Curl_auth_build_spn(const char *service, const char *host,
+                           const char *realm);
 #endif
 
 /* This is used to generate a base64 encoded PLAIN cleartext message */