From: xenclient <xenclient@xenclient-build.eng.citrite.net>
Date: Tue, 19 Jan 2010 10:06:37 +0000 (+0000)
Subject: Added patch file for CURL so it can pick up NT password hash from a file
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=1497627f079b7210ad2efc56605bd783eb189e4a;p=xenclient%2Fbuild.git

Added patch file for CURL so it can pick up NT password hash from a file
---

diff --git a/package/libcurl/libcurl-7.19.6-certdata_url.patch b/package/libcurl/libcurl-7.19.6-certdata_url.patch
deleted file mode 100644
index 6e78c08..0000000
--- a/package/libcurl/libcurl-7.19.6-certdata_url.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-diff --git a/lib/mk-ca-bundle.pl b/lib/mk-ca-bundle.pl
-index c964efe..1a0465b 100755
---- a/lib/mk-ca-bundle.pl
-+++ b/lib/mk-ca-bundle.pl
-@@ -37,7 +37,9 @@ use LWP::UserAgent;
- use strict;
- use vars qw($opt_b $opt_h $opt_i $opt_l $opt_n $opt_q $opt_t $opt_u $opt_v);  
- 
--my $url = 'http://mxr.mozilla.org/seamonkey/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1';
-+#Firefox 3.5 Certificates as of Oct 23 2009
-+my $url = 'http://hg.mozilla.org/releases/mozilla-1.9.1/raw-file/0be7c0bfe443/security/nss/lib/ckfw/builtins/certdata.txt';
-+
- # If the OpenSSL commandline is not in search path you can configure it here!
- my $openssl = 'openssl';
- 
diff --git a/package/libcurl/libcurl-7.19.7-certdata_url.patch b/package/libcurl/libcurl-7.19.7-certdata_url.patch
new file mode 100644
index 0000000..6e78c08
--- /dev/null
+++ b/package/libcurl/libcurl-7.19.7-certdata_url.patch
@@ -0,0 +1,15 @@
+diff --git a/lib/mk-ca-bundle.pl b/lib/mk-ca-bundle.pl
+index c964efe..1a0465b 100755
+--- a/lib/mk-ca-bundle.pl
++++ b/lib/mk-ca-bundle.pl
+@@ -37,7 +37,9 @@ use LWP::UserAgent;
+ use strict;
+ use vars qw($opt_b $opt_h $opt_i $opt_l $opt_n $opt_q $opt_t $opt_u $opt_v);  
+ 
+-my $url = 'http://mxr.mozilla.org/seamonkey/source/security/nss/lib/ckfw/builtins/certdata.txt?raw=1';
++#Firefox 3.5 Certificates as of Oct 23 2009
++my $url = 'http://hg.mozilla.org/releases/mozilla-1.9.1/raw-file/0be7c0bfe443/security/nss/lib/ckfw/builtins/certdata.txt';
++
+ # If the OpenSSL commandline is not in search path you can configure it here!
+ my $openssl = 'openssl';
+ 
diff --git a/package/libcurl/libcurl-7.19.7-nthash.patch b/package/libcurl/libcurl-7.19.7-nthash.patch
new file mode 100644
index 0000000..566fd05
--- /dev/null
+++ b/package/libcurl/libcurl-7.19.7-nthash.patch
@@ -0,0 +1,135 @@
+diff -ru curl-7.19.7.orig/include/curl/curl.h curl-7.19.7/include/curl/curl.h
+--- curl-7.19.7.orig/include/curl/curl.h	2009-10-17 19:31:50.000000000 +0100
++++ curl-7.19.7/include/curl/curl.h	2009-11-18 13:46:20.000000000 +0000
+@@ -1280,6 +1280,9 @@
+   /* set the SSH host key callback custom pointer */
+   CINIT(SSH_KEYDATA, OBJECTPOINT, 185),
+ 
++  /* location of NT hash file to use when doing NTLM. */
++  CINIT(NT_HASH_FILE, OBJECTPOINT, 186),
++
+   CURLOPT_LASTENTRY /* the last unused */
+ } CURLoption;
+ 
+diff -ru curl-7.19.7.orig/include/curl/typecheck-gcc.h curl-7.19.7/include/curl/typecheck-gcc.h
+--- curl-7.19.7.orig/include/curl/typecheck-gcc.h	2009-01-25 23:26:31.000000000 +0000
++++ curl-7.19.7/include/curl/typecheck-gcc.h	2009-11-18 13:47:32.000000000 +0000
+@@ -231,6 +231,7 @@
+    (option) == CURLOPT_SSH_PRIVATE_KEYFILE ||                                 \
+    (option) == CURLOPT_CRLFILE ||                                             \
+    (option) == CURLOPT_ISSUERCERT ||                                          \
++   (option) == CURLOPT_NT_HASH_FILE ||                                        \
+    0)
+ 
+ /* evaluates to true if option takes a curl_write_callback argument */
+diff -ru curl-7.19.7.orig/lib/http_ntlm.c curl-7.19.7/lib/http_ntlm.c
+--- curl-7.19.7.orig/lib/http_ntlm.c	2009-04-23 12:51:08.000000000 +0100
++++ curl-7.19.7/lib/http_ntlm.c	2009-11-18 15:38:40.000000000 +0000
+@@ -483,6 +483,33 @@
+                            const char *password,
+                            unsigned char *ntbuffer /* 21 bytes */)
+ {
++  char *hash_file = data->set.str[STRING_NT_HASH_FILE];
++
++  if (hash_file)
++  {
++    FILE *f = fopen(hash_file, "r");
++
++    if (f)
++    {
++      int n = fread(ntbuffer, 1, 21, f);
++      fclose(f);
++      if (n == 21)
++      {
++        return CURLE_OK;
++      }
++      else
++      {
++        fprintf(stderr, "failed to read NT hash from file '%s'\n", hash_file);
++      }
++    }
++    else
++    {
++      fprintf(stderr, "failed to open NT hash file '%s'\n", hash_file);
++    }
++
++    return CURLE_READ_ERROR;
++  }
++
+   size_t len = strlen(password);
+   unsigned char *pw = malloc(len*2);
+   if(!pw)
+diff -ru curl-7.19.7.orig/lib/url.c curl-7.19.7/lib/url.c
+--- curl-7.19.7.orig/lib/url.c	2009-10-17 19:31:50.000000000 +0100
++++ curl-7.19.7/lib/url.c	2009-11-18 14:02:36.000000000 +0000
+@@ -1666,6 +1666,13 @@
+     result = setstropt(&data->set.str[STRING_PASSWORD],
+                        va_arg(param, char *));
+     break;
++  case CURLOPT_NT_HASH_FILE:
++    /*
++     * file containing pre-calculated NT password hash
++     */
++    result = setstropt(&data->set.str[STRING_NT_HASH_FILE],
++                       va_arg(param, char*));
++    break;
+   case CURLOPT_POSTQUOTE:
+     /*
+      * List of RAW FTP commands to use after a transfer
+diff -ru curl-7.19.7.orig/lib/urldata.h curl-7.19.7/lib/urldata.h
+--- curl-7.19.7.orig/lib/urldata.h	2009-10-29 21:26:30.000000000 +0000
++++ curl-7.19.7/lib/urldata.h	2009-11-18 14:03:02.000000000 +0000
+@@ -1395,6 +1395,7 @@
+   STRING_PASSWORD,        /* <password>, if used */
+   STRING_PROXYUSERNAME,   /* Proxy <username>, if used */
+   STRING_PROXYPASSWORD,   /* Proxy <password>, if used */
++  STRING_NT_HASH_FILE,    /* File containing NT password hash, if used */
+   STRING_NOPROXY,         /* List of hosts which should not use the proxy, if
+                              used */
+ #ifdef USE_LIBSSH2
+diff -ru curl-7.19.7.orig/src/main.c curl-7.19.7/src/main.c
+--- curl-7.19.7.orig/src/main.c	2009-10-28 20:21:58.000000000 +0000
++++ curl-7.19.7/src/main.c	2009-11-18 14:44:43.000000000 +0000
+@@ -497,6 +497,7 @@
+   bool showerror;
+   char *userpwd;
+   char *proxyuserpwd;
++  char *nt_hash_file;
+   char *proxy;
+   int proxyver;     /* set to CURLPROXY_HTTP* define */
+   char *noproxy;
+@@ -833,6 +834,7 @@
+     "    --no-sessionid  Disable SSL session-ID reusing (SSL)",
+     "    --noproxy       Comma-separated list of hosts which do not use proxy",
+     "    --ntlm          Use HTTP NTLM authentication (H)",
++    "    --nt-hash-file <file> Read NT password hash from file",
+     " -o/--output <file> Write output to <file> instead of stdout",
+     "    --pass  <pass>  Pass phrase for the private key (SSL/SSH)",
+     "    --post301       Do not switch to GET after following a 301 redirect (H)",
+@@ -1737,6 +1739,7 @@
+     {"$7", "socks5-gssapi-nec",  FALSE},
+ #endif
+     {"$8", "proxy1.0",   TRUE},
++    {"$9", "nt-hash-file", TRUE},
+ 
+     {"0", "http1.0",     FALSE},
+     {"1", "tlsv1",       FALSE},
+@@ -2264,6 +2267,10 @@
+         GetStr(&config->proxy, nextarg);
+         config->proxyver = CURLPROXY_HTTP_1_0;
+         break;
++      case '9': /* --nt-hash-file */
++        /* file containing NT password hash */
++        GetStr(&config->nt_hash_file, nextarg);
++        break;
+       }
+       break;
+     case '#': /* --progress-bar */
+@@ -4716,6 +4723,7 @@
+         my_setopt_str(curl, CURLOPT_RANGE, config->range);
+         my_setopt(curl, CURLOPT_ERRORBUFFER, errorbuffer);
+         my_setopt(curl, CURLOPT_TIMEOUT, config->timeout);
++	my_setopt_str(curl, CURLOPT_NT_HASH_FILE, config->nt_hash_file);
+ 
+         switch(config->httpreq) {
+         case HTTPREQ_SIMPLEPOST: