RubyGems - rugged - Versions diffs - 1.1.1 → 1.2.0 - Mend

rugged 1.1.1 → 1.2.0

Files changed (277) hide show

checksums.yaml +4 -4
data/LICENSE +1 -0
data/README.md +1 -1
data/ext/rugged/rugged.c +7 -4
data/ext/rugged/rugged_object.c +1 -1
data/ext/rugged/rugged_repo.c +3 -3
data/lib/rugged/repository.rb +2 -2
data/lib/rugged/version.rb +1 -1
data/vendor/libgit2/CMakeLists.txt +11 -6
data/vendor/libgit2/COPYING +109 -1
data/vendor/libgit2/cmake/Findfutimens.cmake +14 -0
data/vendor/libgit2/cmake/SelectHTTPSBackend.cmake +4 -0
data/vendor/libgit2/cmake/SelectHashes.cmake +1 -0
data/vendor/libgit2/deps/chromium-zlib/CMakeLists.txt +101 -0
data/vendor/libgit2/deps/ntlmclient/CMakeLists.txt +17 -5
data/vendor/libgit2/deps/ntlmclient/crypt.h +14 -9
data/vendor/libgit2/deps/ntlmclient/crypt_commoncrypto.c +20 -20
data/vendor/libgit2/deps/ntlmclient/crypt_commoncrypto.h +3 -3
data/vendor/libgit2/deps/ntlmclient/crypt_mbedtls.c +37 -36
data/vendor/libgit2/deps/ntlmclient/crypt_mbedtls.h +4 -3
data/vendor/libgit2/deps/ntlmclient/crypt_openssl.c +178 -51
data/vendor/libgit2/deps/ntlmclient/crypt_openssl.h +74 -5
data/vendor/libgit2/deps/ntlmclient/ntlm.c +150 -118
data/vendor/libgit2/deps/ntlmclient/ntlm.h +13 -9
data/vendor/libgit2/deps/ntlmclient/ntlmclient.h +16 -3
data/vendor/libgit2/deps/ntlmclient/unicode.h +10 -4
data/vendor/libgit2/deps/ntlmclient/unicode_builtin.c +16 -27
data/vendor/libgit2/deps/ntlmclient/unicode_builtin.h +20 -0
data/vendor/libgit2/deps/ntlmclient/unicode_iconv.c +28 -52
data/vendor/libgit2/deps/ntlmclient/unicode_iconv.h +22 -0
data/vendor/libgit2/include/git2/attr.h +89 -0
data/vendor/libgit2/include/git2/blame.h +93 -42
data/vendor/libgit2/include/git2/blob.h +14 -2
data/vendor/libgit2/include/git2/branch.h +25 -0
data/vendor/libgit2/include/git2/cert.h +42 -5
data/vendor/libgit2/include/git2/checkout.h +28 -12
data/vendor/libgit2/include/git2/commit.h +35 -19
data/vendor/libgit2/include/git2/common.h +14 -4
data/vendor/libgit2/include/git2/deprecated.h +206 -6
data/vendor/libgit2/include/git2/diff.h +34 -19
data/vendor/libgit2/include/git2/errors.h +6 -6
data/vendor/libgit2/include/git2/filter.h +57 -17
data/vendor/libgit2/include/git2/graph.h +20 -2
data/vendor/libgit2/include/git2/index.h +2 -2
data/vendor/libgit2/include/git2/odb.h +29 -0
data/vendor/libgit2/include/git2/patch.h +8 -0
data/vendor/libgit2/include/git2/rebase.h +25 -1
data/vendor/libgit2/include/git2/refs.h +6 -2
data/vendor/libgit2/include/git2/remote.h +59 -6
data/vendor/libgit2/include/git2/revparse.h +5 -5
data/vendor/libgit2/include/git2/status.h +115 -59
data/vendor/libgit2/include/git2/submodule.h +9 -0
data/vendor/libgit2/include/git2/sys/commit_graph.h +174 -0
data/vendor/libgit2/include/git2/sys/filter.h +49 -28
data/vendor/libgit2/include/git2/sys/midx.h +74 -0
data/vendor/libgit2/include/git2/sys/odb_backend.h +7 -0
data/vendor/libgit2/include/git2/sys/transport.h +1 -0
data/vendor/libgit2/include/git2/tag.h +12 -0
data/vendor/libgit2/include/git2/tree.h +0 -14
data/vendor/libgit2/include/git2/types.h +9 -0
data/vendor/libgit2/include/git2/version.h +4 -4
data/vendor/libgit2/include/git2/worktree.h +1 -0
data/vendor/libgit2/src/CMakeLists.txt +25 -4
data/vendor/libgit2/src/alloc.c +21 -8
data/vendor/libgit2/src/allocators/failalloc.c +92 -0
data/vendor/libgit2/src/allocators/failalloc.h +23 -0
data/vendor/libgit2/src/allocators/stdalloc.c +41 -10
data/vendor/libgit2/src/allocators/win32_leakcheck.c +118 -0
data/vendor/libgit2/src/allocators/{win32_crtdbg.h → win32_leakcheck.h} +3 -3
data/vendor/libgit2/src/annotated_commit.c +21 -9
data/vendor/libgit2/src/apply.c +16 -7
data/vendor/libgit2/src/array.h +11 -11
data/vendor/libgit2/src/attr.c +181 -74
data/vendor/libgit2/src/attr_file.c +84 -39
data/vendor/libgit2/src/attr_file.h +32 -11
data/vendor/libgit2/src/attrcache.c +42 -37
data/vendor/libgit2/src/attrcache.h +4 -5
data/vendor/libgit2/src/blame.c +11 -5
data/vendor/libgit2/src/blob.c +35 -24
data/vendor/libgit2/src/branch.c +69 -17
data/vendor/libgit2/src/buffer.c +334 -25
data/vendor/libgit2/src/buffer.h +153 -2
data/vendor/libgit2/src/cache.c +2 -2
data/vendor/libgit2/src/cache.h +7 -7
data/vendor/libgit2/src/cc-compat.h +10 -2
data/vendor/libgit2/src/checkout.c +48 -26
data/vendor/libgit2/src/cherrypick.c +6 -2
data/vendor/libgit2/src/clone.c +41 -47
data/vendor/libgit2/src/commit.c +41 -28
data/vendor/libgit2/src/commit_graph.c +1209 -0
data/vendor/libgit2/src/commit_graph.h +162 -0
data/vendor/libgit2/src/commit_list.c +46 -0
data/vendor/libgit2/src/commit_list.h +2 -0
data/vendor/libgit2/src/common.h +25 -2
data/vendor/libgit2/src/config.c +37 -15
data/vendor/libgit2/src/config_cache.c +5 -3
data/vendor/libgit2/src/config_file.c +16 -8
data/vendor/libgit2/src/config_parse.c +4 -6
data/vendor/libgit2/src/crlf.c +16 -6
data/vendor/libgit2/src/date.c +4 -3
data/vendor/libgit2/src/delta.c +1 -1
data/vendor/libgit2/src/describe.c +6 -3
data/vendor/libgit2/src/diff.c +11 -8
data/vendor/libgit2/src/diff_driver.c +21 -17
data/vendor/libgit2/src/diff_file.c +2 -6
data/vendor/libgit2/src/diff_generate.c +46 -17
data/vendor/libgit2/src/diff_print.c +19 -6
data/vendor/libgit2/src/diff_stats.c +7 -5
data/vendor/libgit2/src/diff_tform.c +9 -8
data/vendor/libgit2/src/diff_xdiff.c +4 -2
data/vendor/libgit2/src/diff_xdiff.h +1 -1
data/vendor/libgit2/src/errors.c +24 -19
data/vendor/libgit2/src/features.h.in +5 -1
data/vendor/libgit2/src/fetch.c +5 -2
data/vendor/libgit2/src/fetchhead.c +8 -4
data/vendor/libgit2/src/filebuf.c +9 -7
data/vendor/libgit2/src/filter.c +206 -110
data/vendor/libgit2/src/filter.h +24 -5
data/vendor/libgit2/src/futils.c +5 -5
data/vendor/libgit2/src/futils.h +1 -1
data/vendor/libgit2/src/graph.c +64 -9
data/vendor/libgit2/src/hash/sha1/collisiondetect.c +3 -3
data/vendor/libgit2/src/hash/sha1/common_crypto.c +3 -3
data/vendor/libgit2/src/hash/sha1/generic.h +1 -1
data/vendor/libgit2/src/hash/sha1/mbedtls.c +12 -12
data/vendor/libgit2/src/hash/sha1/openssl.c +3 -3
data/vendor/libgit2/src/hash/sha1/sha1dc/sha1.c +0 -2
data/vendor/libgit2/src/hash/sha1/win32.c +15 -11
data/vendor/libgit2/src/hash.c +16 -13
data/vendor/libgit2/src/hash.h +1 -1
data/vendor/libgit2/src/hashsig.c +23 -10
data/vendor/libgit2/src/ident.c +13 -3
data/vendor/libgit2/src/ignore.c +35 -19
data/vendor/libgit2/src/index.c +106 -70
data/vendor/libgit2/src/index.h +1 -1
data/vendor/libgit2/src/indexer.c +31 -29
data/vendor/libgit2/src/integer.h +64 -2
data/vendor/libgit2/src/iterator.c +36 -24
data/vendor/libgit2/src/iterator.h +1 -1
data/vendor/libgit2/src/khash.h +2 -11
data/vendor/libgit2/src/{settings.c → libgit2.c} +117 -50
data/vendor/libgit2/src/libgit2.h +15 -0
data/vendor/libgit2/src/mailmap.c +23 -10
data/vendor/libgit2/src/map.h +3 -3
data/vendor/libgit2/src/merge.c +70 -30
data/vendor/libgit2/src/merge.h +2 -1
data/vendor/libgit2/src/merge_driver.c +19 -13
data/vendor/libgit2/src/merge_file.c +11 -3
data/vendor/libgit2/src/message.c +3 -1
data/vendor/libgit2/src/midx.c +471 -10
data/vendor/libgit2/src/midx.h +28 -1
data/vendor/libgit2/src/mwindow.c +103 -59
data/vendor/libgit2/src/mwindow.h +3 -3
data/vendor/libgit2/src/net.c +127 -3
data/vendor/libgit2/src/net.h +16 -2
data/vendor/libgit2/src/netops.c +6 -4
data/vendor/libgit2/src/netops.h +2 -2
data/vendor/libgit2/src/notes.c +10 -10
data/vendor/libgit2/src/object.c +22 -14
data/vendor/libgit2/src/odb.c +285 -48
data/vendor/libgit2/src/odb.h +16 -2
data/vendor/libgit2/src/odb_loose.c +28 -18
data/vendor/libgit2/src/odb_mempack.c +1 -1
data/vendor/libgit2/src/odb_pack.c +391 -114
data/vendor/libgit2/src/oid.c +5 -4
data/vendor/libgit2/src/pack-objects.c +54 -48
data/vendor/libgit2/src/pack.c +329 -119
data/vendor/libgit2/src/pack.h +25 -7
data/vendor/libgit2/src/patch.c +14 -7
data/vendor/libgit2/src/patch_generate.c +2 -2
data/vendor/libgit2/src/patch_parse.c +2 -1
data/vendor/libgit2/src/path.c +98 -53
data/vendor/libgit2/src/path.h +79 -6
data/vendor/libgit2/src/pathspec.c +8 -8
data/vendor/libgit2/src/pool.c +13 -7
data/vendor/libgit2/src/posix.c +11 -3
data/vendor/libgit2/src/reader.c +10 -6
data/vendor/libgit2/src/rebase.c +93 -49
data/vendor/libgit2/src/refdb.c +30 -13
data/vendor/libgit2/src/refdb_fs.c +121 -69
data/vendor/libgit2/src/reflog.c +19 -14
data/vendor/libgit2/src/refs.c +76 -41
data/vendor/libgit2/src/refspec.c +32 -12
data/vendor/libgit2/src/remote.c +272 -102
data/vendor/libgit2/src/remote.h +2 -1
data/vendor/libgit2/src/repository.c +176 -103
data/vendor/libgit2/src/repository.h +12 -1
data/vendor/libgit2/src/reset.c +7 -6
data/vendor/libgit2/src/revert.c +6 -2
data/vendor/libgit2/src/revparse.c +14 -9
data/vendor/libgit2/src/revwalk.c +32 -15
data/vendor/libgit2/src/runtime.c +162 -0
data/vendor/libgit2/src/runtime.h +62 -0
data/vendor/libgit2/src/settings.h +11 -0
data/vendor/libgit2/src/signature.c +6 -5
data/vendor/libgit2/src/sortedcache.h +10 -8
data/vendor/libgit2/src/stash.c +3 -1
data/vendor/libgit2/src/status.c +7 -4
data/vendor/libgit2/src/strarray.c +2 -1
data/vendor/libgit2/src/streams/mbedtls.c +14 -17
data/vendor/libgit2/src/streams/mbedtls.h +1 -1
data/vendor/libgit2/src/streams/openssl.c +101 -201
data/vendor/libgit2/src/streams/openssl.h +9 -1
data/vendor/libgit2/src/streams/openssl_dynamic.c +309 -0
data/vendor/libgit2/src/streams/openssl_dynamic.h +348 -0
data/vendor/libgit2/src/streams/openssl_legacy.c +203 -0
data/vendor/libgit2/src/streams/openssl_legacy.h +63 -0
data/vendor/libgit2/src/streams/registry.c +5 -6
data/vendor/libgit2/src/streams/socket.c +6 -2
data/vendor/libgit2/src/streams/stransport.c +6 -3
data/vendor/libgit2/src/streams/tls.c +5 -3
data/vendor/libgit2/src/submodule.c +128 -62
data/vendor/libgit2/src/submodule.h +9 -9
data/vendor/libgit2/src/sysdir.c +4 -6
data/vendor/libgit2/src/tag.c +47 -11
data/vendor/libgit2/src/thread.c +140 -0
data/vendor/libgit2/src/thread.h +479 -0
data/vendor/libgit2/src/threadstate.c +83 -0
data/vendor/libgit2/src/threadstate.h +24 -0
data/vendor/libgit2/src/trace.c +2 -2
data/vendor/libgit2/src/trace.h +17 -13
data/vendor/libgit2/src/transaction.c +19 -8
data/vendor/libgit2/src/transport.c +3 -3
data/vendor/libgit2/src/transports/auth.c +1 -1
data/vendor/libgit2/src/transports/auth_negotiate.c +11 -4
data/vendor/libgit2/src/transports/auth_ntlm.c +10 -6
data/vendor/libgit2/src/transports/credential.c +15 -7
data/vendor/libgit2/src/transports/git.c +1 -3
data/vendor/libgit2/src/transports/http.c +19 -17
data/vendor/libgit2/src/transports/http.h +1 -0
data/vendor/libgit2/src/transports/httpclient.c +53 -26
data/vendor/libgit2/src/transports/httpclient.h +1 -1
data/vendor/libgit2/src/transports/local.c +3 -3
data/vendor/libgit2/src/transports/smart.c +12 -7
data/vendor/libgit2/src/transports/smart.h +1 -1
data/vendor/libgit2/src/transports/smart_protocol.c +11 -5
data/vendor/libgit2/src/transports/ssh.c +51 -17
data/vendor/libgit2/src/transports/winhttp.c +41 -31
data/vendor/libgit2/src/tree.c +100 -77
data/vendor/libgit2/src/tree.h +1 -0
data/vendor/libgit2/src/tsort.c +0 -2
data/vendor/libgit2/src/unix/map.c +3 -1
data/vendor/libgit2/src/unix/pthread.h +2 -1
data/vendor/libgit2/src/utf8.c +150 -0
data/vendor/libgit2/src/utf8.h +52 -0
data/vendor/libgit2/src/util.c +53 -129
data/vendor/libgit2/src/util.h +33 -39
data/vendor/libgit2/src/vector.c +23 -19
data/vendor/libgit2/src/vector.h +4 -2
data/vendor/libgit2/src/win32/findfile.c +4 -2
data/vendor/libgit2/src/win32/map.c +1 -1
data/vendor/libgit2/src/win32/msvc-compat.h +9 -1
data/vendor/libgit2/src/win32/path_w32.c +22 -24
data/vendor/libgit2/src/win32/path_w32.h +0 -1
data/vendor/libgit2/src/win32/posix_w32.c +7 -1
data/vendor/libgit2/src/win32/precompiled.h +0 -1
data/vendor/libgit2/src/win32/reparse.h +4 -4
data/vendor/libgit2/src/win32/thread.c +24 -15
data/vendor/libgit2/src/win32/thread.h +1 -1
data/vendor/libgit2/src/win32/w32_buffer.c +3 -3
data/vendor/libgit2/src/win32/w32_common.h +18 -9
data/vendor/libgit2/src/win32/{w32_crtdbg_stacktrace.c → w32_leakcheck.c} +269 -33
data/vendor/libgit2/src/win32/w32_leakcheck.h +222 -0
data/vendor/libgit2/src/win32/w32_util.h +6 -6
data/vendor/libgit2/src/worktree.c +27 -16
data/vendor/libgit2/src/zstream.c +1 -1
metadata +32 -16
data/vendor/libgit2/src/allocators/win32_crtdbg.c +0 -118
data/vendor/libgit2/src/buf_text.c +0 -316
data/vendor/libgit2/src/buf_text.h +0 -122
data/vendor/libgit2/src/global.c +0 -363
data/vendor/libgit2/src/global.h +0 -41
data/vendor/libgit2/src/thread-utils.c +0 -58
data/vendor/libgit2/src/thread-utils.h +0 -369
data/vendor/libgit2/src/win32/w32_crtdbg_stacktrace.h +0 -127
data/vendor/libgit2/src/win32/w32_stack.c +0 -188
data/vendor/libgit2/src/win32/w32_stack.h +0 -140

data/vendor/libgit2/deps/ntlmclient/crypt_openssl.h CHANGED Viewed

@@ -9,13 +9,82 @@
 #ifndef PRIVATE_CRYPT_OPENSSL_H__
 #define PRIVATE_CRYPT_OPENSSL_H__
-#include <openssl/hmac.h>
+#ifndef CRYPT_OPENSSL_DYNAMIC
+# include <openssl/des.h>
+# include <openssl/hmac.h>
+#endif
 /* OpenSSL 1.1.0 uses opaque structs, we'll reuse these. */
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
-typedef struct hmac_ctx_st ntlm_hmac_ctx;
-#else
-# define ntlm_hmac_ctx HMAC_CTX
+#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER < 0x10100000L
+# define HMAC_CTX struct hmac_ctx_st
+#endif
+#ifdef CRYPT_OPENSSL_DYNAMIC
+typedef unsigned char DES_cblock[8];
+typedef unsigned char const_DES_cblock[8];
+typedef unsigned long DES_LONG;
+typedef struct DES_ks {
+    union {
+        DES_cblock cblock;
+        DES_LONG deslong[2];
+    } ks[16];
+} DES_key_schedule;
+#define DES_ENCRYPT 1
+typedef void EVP_MD;
+typedef void ENGINE;
+typedef void EVP_PKEY_CTX;
+#define HMAC_MAX_MD_CBLOCK 128
+typedef struct env_md_ctx_st EVP_MD_CTX;
+struct env_md_ctx_st {
+    const EVP_MD *digest;
+    ENGINE *engine;
+    unsigned long flags;
+    void *md_data;
+    EVP_PKEY_CTX *pctx;
+    int (*update) (EVP_MD_CTX *ctx, const void *data, size_t count);
+};
+typedef struct hmac_ctx_st {
+    const EVP_MD *md;
+    EVP_MD_CTX md_ctx;
+    EVP_MD_CTX i_ctx;
+    EVP_MD_CTX o_ctx;
+    unsigned int key_length;
+    unsigned char key[HMAC_MAX_MD_CBLOCK];
+} HMAC_CTX;
 #endif
+struct ntlm_crypt_ctx {
+	HMAC_CTX *hmac;
+	void *openssl_handle;
+	void (*des_ecb_encrypt_fn)(const_DES_cblock *input, DES_cblock *output, DES_key_schedule *ks, int enc);
+	int (*des_set_key_fn)(const_DES_cblock *key, DES_key_schedule *schedule);
+	unsigned long (*err_get_error_fn)(void);
+	const char *(*err_lib_error_string_fn)(unsigned long e);
+	const EVP_MD *(*evp_md5_fn)(void);
+	HMAC_CTX *(*hmac_ctx_new_fn)(void);
+	int (*hmac_ctx_reset_fn)(HMAC_CTX *ctx);
+	void (*hmac_ctx_free_fn)(HMAC_CTX *ctx);
+	void (*hmac_ctx_cleanup_fn)(HMAC_CTX *ctx);
+	int (*hmac_init_ex_fn)(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md, ENGINE *impl);
+	int (*hmac_update_fn)(HMAC_CTX *ctx, const unsigned char *data, size_t len);
+	int (*hmac_final_fn)(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);
+	unsigned char *(*md4_fn)(const unsigned char *d, size_t n, unsigned char *md);
+	int (*rand_bytes_fn)(unsigned char *buf, int num);
+};
 #endif /* PRIVATE_CRYPT_OPENSSL_H__ */

data/vendor/libgit2/deps/ntlmclient/ntlm.c CHANGED Viewed

@@ -9,7 +9,6 @@
 #include <stdlib.h>
 #include <stdint.h>
 #include <string.h>
-#include <assert.h>
 #include <errno.h>
 #include <ctype.h>
 #include <unistd.h>
@@ -24,6 +23,18 @@
 #include "compat.h"
 #include "util.h"
+#define NTLM_ASSERT_ARG(expr) do { \
+		if (!(expr)) \
+			return NTLM_CLIENT_ERROR_INVALID_INPUT; \
+	} while(0)
+#define NTLM_ASSERT(ntlm, expr) do { \
+		if (!(expr)) { \
+			ntlm_client_set_errmsg(ntlm, "internal error: " #expr); \
+			return -1; \
+		} \
+	} while(0)
 unsigned char ntlm_client_signature[] = NTLM_SIGNATURE;
 static bool supports_unicode(ntlm_client *ntlm)
@@ -52,17 +63,20 @@ ntlm_client *ntlm_client_init(ntlm_client_flags flags)
 	ntlm->flags = flags;
-	if ((ntlm->hmac_ctx = ntlm_hmac_ctx_init()) == NULL ||
-		(ntlm->unicode_ctx = ntlm_unicode_ctx_init(ntlm)) == NULL) {
-		ntlm_hmac_ctx_free(ntlm->hmac_ctx);
-		ntlm_unicode_ctx_free(ntlm->unicode_ctx);
-		free(ntlm);
-		return NULL;
-	}
 	return ntlm;
 }
+#define ENSURE_INITIALIZED(ntlm) \
+	do { \
+		if (!(ntlm)->unicode_initialized) \
+			(ntlm)->unicode_initialized = ntlm_unicode_init((ntlm)); \
+		if (!(ntlm)->crypt_initialized) \
+			(ntlm)->crypt_initialized = ntlm_crypt_init((ntlm)); \
+		if (!(ntlm)->unicode_initialized || \
+		    !(ntlm)->crypt_initialized) \
+			return -1; \
+	} while(0)
 void ntlm_client_set_errmsg(ntlm_client *ntlm, const char *errmsg)
 {
 	ntlm->state = NTLM_STATE_ERROR;
@@ -71,7 +85,9 @@ void ntlm_client_set_errmsg(ntlm_client *ntlm, const char *errmsg)
 const char *ntlm_client_errmsg(ntlm_client *ntlm)
 {
-	assert(ntlm);
+	if (!ntlm)
+		return "internal error";
 	return ntlm->errmsg ? ntlm->errmsg : "no error";
 }
@@ -81,7 +97,7 @@ int ntlm_client_set_version(
 	uint8_t minor,
 	uint16_t build)
 {
-	assert(ntlm);
+	NTLM_ASSERT_ARG(ntlm);
 	ntlm->host_version.major = major;
 	ntlm->host_version.minor = minor;
@@ -93,20 +109,25 @@ int ntlm_client_set_version(
 	return 0;
 }
+#define reset(ptr) do { free(ptr); ptr = NULL; } while(0)
+static void free_hostname(ntlm_client *ntlm)
+{
+	reset(ntlm->hostname);
+	reset(ntlm->hostdomain);
+	reset(ntlm->hostname_utf16);
+	ntlm->hostname_utf16_len = 0;
+}
 int ntlm_client_set_hostname(
 	ntlm_client *ntlm,
 	const char *hostname,
 	const char *domain)
 {
-	assert(ntlm);
+	NTLM_ASSERT_ARG(ntlm);
+	ENSURE_INITIALIZED(ntlm);
-	free(ntlm->hostname);
-	free(ntlm->hostdomain);
-	free(ntlm->hostname_utf16);
-	ntlm->hostname = NULL;
-	ntlm->hostdomain = NULL;
-	ntlm->hostname_utf16 = NULL;
+	free_hostname(ntlm);
 	if (hostname && (ntlm->hostname = strdup(hostname)) == NULL) {
 		ntlm_client_set_errmsg(ntlm, "out of memory");
@@ -121,7 +142,7 @@ int ntlm_client_set_hostname(
 	if (hostname && supports_unicode(ntlm) && !ntlm_unicode_utf8_to_16(
 			&ntlm->hostname_utf16,
 			&ntlm->hostname_utf16_len,
-			ntlm->unicode_ctx,
+			ntlm,
 			hostname,
 			strlen(hostname)))
 		return -1;
@@ -137,25 +158,20 @@ static void free_credentials(ntlm_client *ntlm)
 	if (ntlm->password_utf16)
 		ntlm_memzero(ntlm->password_utf16, ntlm->password_utf16_len);
-	free(ntlm->username);
-	free(ntlm->username_upper);
-	free(ntlm->userdomain);
-	free(ntlm->password);
-	free(ntlm->username_utf16);
-	free(ntlm->username_upper_utf16);
-	free(ntlm->userdomain_utf16);
-	free(ntlm->password_utf16);
-	ntlm->username = NULL;
-	ntlm->username_upper = NULL;
-	ntlm->userdomain = NULL;
-	ntlm->password = NULL;
-	ntlm->username_utf16 = NULL;
-	ntlm->username_upper_utf16 = NULL;
-	ntlm->userdomain_utf16 = NULL;
-	ntlm->password_utf16 = NULL;
+	reset(ntlm->username);
+	reset(ntlm->username_upper);
+	reset(ntlm->userdomain);
+	reset(ntlm->password);
+	reset(ntlm->username_utf16);
+	reset(ntlm->username_upper_utf16);
+	reset(ntlm->userdomain_utf16);
+	reset(ntlm->password_utf16);
+	ntlm->username_utf16_len = 0;
+	ntlm->username_upper_utf16_len = 0;
+	ntlm->userdomain_utf16_len = 0;
+	ntlm->password_utf16_len = 0;
 }
 int ntlm_client_set_credentials(
@@ -164,7 +180,8 @@ int ntlm_client_set_credentials(
 	const char *domain,
 	const char *password)
 {
-	assert(ntlm);
+	NTLM_ASSERT_ARG(ntlm);
+	ENSURE_INITIALIZED(ntlm);
 	free_credentials(ntlm);
@@ -185,7 +202,7 @@ int ntlm_client_set_credentials(
 		if (!ntlm_unicode_utf8_to_16(
 				&ntlm->username_utf16,
 				&ntlm->username_utf16_len,
-				ntlm->unicode_ctx,
+				ntlm,
 				ntlm->username,
 				strlen(ntlm->username)))
 			return -1;
@@ -193,7 +210,7 @@ int ntlm_client_set_credentials(
 		if (!ntlm_unicode_utf8_to_16(
 				&ntlm->username_upper_utf16,
 				&ntlm->username_upper_utf16_len,
-				ntlm->unicode_ctx,
+				ntlm,
 				ntlm->username_upper,
 				strlen(ntlm->username_upper)))
 			return -1;
@@ -202,7 +219,7 @@ int ntlm_client_set_credentials(
 	if (domain && supports_unicode(ntlm) && !ntlm_unicode_utf8_to_16(
 			&ntlm->userdomain_utf16,
 			&ntlm->userdomain_utf16_len,
-			ntlm->unicode_ctx,
+			ntlm,
 			ntlm->userdomain,
 			strlen(ntlm->userdomain)))
 		return -1;
@@ -212,7 +229,8 @@ int ntlm_client_set_credentials(
 int ntlm_client_set_target(ntlm_client *ntlm, const char *target)
 {
-	assert(ntlm);
+	NTLM_ASSERT_ARG(ntlm);
+	ENSURE_INITIALIZED(ntlm);
 	free(ntlm->target);
 	free(ntlm->target_utf16);
@@ -229,7 +247,7 @@ int ntlm_client_set_target(ntlm_client *ntlm, const char *target)
 		if (supports_unicode(ntlm) && !ntlm_unicode_utf8_to_16(
 				&ntlm->target_utf16,
 				&ntlm->target_utf16_len,
-				ntlm->unicode_ctx,
+				ntlm,
 				ntlm->target,
 				strlen(ntlm->target)))
 			return -1;
@@ -240,14 +258,16 @@ int ntlm_client_set_target(ntlm_client *ntlm, const char *target)
 int ntlm_client_set_nonce(ntlm_client *ntlm, uint64_t nonce)
 {
-	assert(ntlm);
+	NTLM_ASSERT_ARG(ntlm);
 	ntlm->nonce = nonce;
 	return 0;
 }
 int ntlm_client_set_timestamp(ntlm_client *ntlm, uint64_t timestamp)
 {
-	assert(ntlm);
+	NTLM_ASSERT_ARG(ntlm);
 	ntlm->timestamp = timestamp;
 	return 0;
 }
@@ -475,7 +495,7 @@ static inline bool read_string_unicode(
 	size_t out_len;
 	int ret = ntlm_unicode_utf16_to_8(out,
 		&out_len,
-		ntlm->unicode_ctx,
+		ntlm,
 		(char *)&message->buf[message->pos],
 		string_len);
@@ -593,7 +613,9 @@ int ntlm_client_negotiate(
 	size_t hostname_offset = 0;
 	uint32_t flags = 0;
-	assert(out && out_len && ntlm);
+	NTLM_ASSERT_ARG(out);
+	NTLM_ASSERT_ARG(out_len);
+	NTLM_ASSERT_ARG(ntlm);
 	*out = NULL;
 	*out_len = 0;
@@ -676,20 +698,22 @@ int ntlm_client_negotiate(
 		return -1;
 	if (hostname_len > 0) {
-		assert(hostname_offset == ntlm->negotiate.pos);
+		NTLM_ASSERT(ntlm, hostname_offset == ntlm->negotiate.pos);
 		if (!write_buf(ntlm, &ntlm->negotiate,
 			(const unsigned char *)ntlm->hostname, hostname_len))
 			return -1;
 	}
 	if (domain_len > 0) {
-		assert(domain_offset == ntlm->negotiate.pos);
+		NTLM_ASSERT(ntlm, domain_offset == ntlm->negotiate.pos);
 		if (!write_buf(ntlm, &ntlm->negotiate,
 			(const unsigned char *)ntlm->hostdomain, domain_len))
 			return -1;
 	}
-	assert(ntlm->negotiate.pos == ntlm->negotiate.len);
+	NTLM_ASSERT(ntlm, ntlm->negotiate.pos == ntlm->negotiate.len);
 	ntlm->state = NTLM_STATE_CHALLENGE;
@@ -711,7 +735,10 @@ int ntlm_client_set_challenge(
 	uint32_t name_offset, info_offset = 0;
 	bool unicode, has_target_info = false;
-	assert(ntlm && (challenge_msg || !challenge_msg_len));
+	NTLM_ASSERT_ARG(ntlm);
+	NTLM_ASSERT_ARG(challenge_msg || !challenge_msg_len);
+	ENSURE_INITIALIZED(ntlm);
 	if (ntlm->state != NTLM_STATE_NEGOTIATE &&
 		ntlm->state != NTLM_STATE_CHALLENGE) {
@@ -940,6 +967,7 @@ static void des_key_from_password(
 static inline bool generate_lm_hash(
 	ntlm_des_block out[2],
+	ntlm_client *ntlm,
 	const char *password)
 {
 	/* LM encrypts this known plaintext using the password as a key */
@@ -968,8 +996,8 @@ static inline bool generate_lm_hash(
 	des_key_from_password(&key1, keystr1, keystr1_len);
 	des_key_from_password(&key2, keystr2, keystr2_len);
-	return ntlm_des_encrypt(&out[0], &plaintext, &key1) &&
-		ntlm_des_encrypt(&out[1], &plaintext, &key2);
+	return ntlm_des_encrypt(&out[0], ntlm, &plaintext, &key1) &&
+		ntlm_des_encrypt(&out[1], ntlm, &plaintext, &key2);
 }
 static void des_keys_from_lm_hash(ntlm_des_block out[3], ntlm_des_block lm_hash[2])
@@ -994,16 +1022,16 @@ static bool generate_lm_response(ntlm_client *ntlm)
 	ntlm_des_block *challenge = (ntlm_des_block *)&ntlm->challenge.nonce;
 	/* Generate the LM hash from the password */
-	if (!generate_lm_hash(lm_hash, ntlm->password))
+	if (!generate_lm_hash(lm_hash, ntlm, ntlm->password))
 		return false;
 	/* Convert that LM hash to three DES keys */
 	des_keys_from_lm_hash(key, lm_hash);
 	/* Finally, encrypt the challenge with each of these keys */
-	if (!ntlm_des_encrypt(&lm_response[0], challenge, &key[0]) ||
-		!ntlm_des_encrypt(&lm_response[1], challenge, &key[1]) ||
-		!ntlm_des_encrypt(&lm_response[2], challenge, &key[2]))
+	if (!ntlm_des_encrypt(&lm_response[0], ntlm, challenge, &key[0]) ||
+		!ntlm_des_encrypt(&lm_response[1], ntlm, challenge, &key[1]) ||
+		!ntlm_des_encrypt(&lm_response[2], ntlm, challenge, &key[2]))
 		return false;
 	memcpy(&ntlm->lm_response[0], lm_response[0], 8);
@@ -1022,12 +1050,13 @@ static bool generate_ntlm_hash(
 	if (ntlm->password && !ntlm_unicode_utf8_to_16(
 			&ntlm->password_utf16,
 			&ntlm->password_utf16_len,
-			ntlm->unicode_ctx,
+			ntlm,
 			ntlm->password,
 			strlen(ntlm->password)))
 		return false;
 	return ntlm_md4_digest(out,
+		ntlm,
 		(const unsigned char *)ntlm->password_utf16,
 		ntlm->password_utf16_len);
 }
@@ -1048,9 +1077,9 @@ static bool generate_ntlm_response(ntlm_client *ntlm)
 	des_key_from_password(&key[2], &ntlm_hash[14], 2);
 	/* Finally, encrypt the challenge with each of these keys */
-	if (!ntlm_des_encrypt(&ntlm_response[0], challenge, &key[0]) ||
-		!ntlm_des_encrypt(&ntlm_response[1], challenge, &key[1]) ||
-		!ntlm_des_encrypt(&ntlm_response[2], challenge, &key[2]))
+	if (!ntlm_des_encrypt(&ntlm_response[0], ntlm, challenge, &key[0]) ||
+		!ntlm_des_encrypt(&ntlm_response[1], ntlm, challenge, &key[1]) ||
+		!ntlm_des_encrypt(&ntlm_response[2], ntlm, challenge, &key[2]))
 		return false;
 	memcpy(&ntlm->ntlm_response[0], ntlm_response[0], 8);
@@ -1081,16 +1110,15 @@ static bool generate_ntlm2_hash(
 		target_len = ntlm->target_utf16_len;
 	}
-	if (!ntlm_hmac_ctx_reset(ntlm->hmac_ctx) ||
-		!ntlm_hmac_md5_init(ntlm->hmac_ctx, ntlm_hash, sizeof(ntlm_hash)) ||
-		!ntlm_hmac_md5_update(ntlm->hmac_ctx, username, username_len) ||
-		!ntlm_hmac_md5_update(ntlm->hmac_ctx, target, target_len) ||
-		!ntlm_hmac_md5_final(out, &out_len, ntlm->hmac_ctx)) {
+	if (!ntlm_hmac_md5_init(ntlm, ntlm_hash, sizeof(ntlm_hash)) ||
+		!ntlm_hmac_md5_update(ntlm, username, username_len) ||
+		!ntlm_hmac_md5_update(ntlm, target, target_len) ||
+		!ntlm_hmac_md5_final(out, &out_len, ntlm)) {
 		ntlm_client_set_errmsg(ntlm, "failed to create HMAC-MD5");
 		return false;
 	}
-	assert(out_len == NTLM_NTLM2_HASH_LEN);
+	NTLM_ASSERT(ntlm, out_len == NTLM_NTLM2_HASH_LEN);
 	return true;
 }
@@ -1103,18 +1131,15 @@ static bool generate_ntlm2_challengehash(
 {
 	size_t out_len = 16;
-	if (!ntlm_hmac_ctx_reset(ntlm->hmac_ctx) ||
-		!ntlm_hmac_md5_init(ntlm->hmac_ctx,
-			ntlm2_hash, NTLM_NTLM2_HASH_LEN) ||
-		!ntlm_hmac_md5_update(ntlm->hmac_ctx,
-			(const unsigned char *)&ntlm->challenge.nonce, 8) ||
-		!ntlm_hmac_md5_update(ntlm->hmac_ctx, blob, blob_len) ||
-		!ntlm_hmac_md5_final(out, &out_len, ntlm->hmac_ctx)) {
+	if (!ntlm_hmac_md5_init(ntlm, ntlm2_hash, NTLM_NTLM2_HASH_LEN) ||
+		!ntlm_hmac_md5_update(ntlm, (const unsigned char *)&ntlm->challenge.nonce, 8) ||
+		!ntlm_hmac_md5_update(ntlm, blob, blob_len) ||
+		!ntlm_hmac_md5_final(out, &out_len, ntlm)) {
 		ntlm_client_set_errmsg(ntlm, "failed to create HMAC-MD5");
 		return false;
 	}
-	assert(out_len == 16);
+	NTLM_ASSERT(ntlm, out_len == 16);
 	return true;
 }
@@ -1127,19 +1152,15 @@ static bool generate_lm2_response(ntlm_client *ntlm,
 	local_nonce = ntlm_htonll(ntlm->nonce);
-	if (!ntlm_hmac_ctx_reset(ntlm->hmac_ctx) ||
-		!ntlm_hmac_md5_init(ntlm->hmac_ctx,
-			ntlm2_hash, NTLM_NTLM2_HASH_LEN) ||
-		!ntlm_hmac_md5_update(ntlm->hmac_ctx,
-			(const unsigned char *)&ntlm->challenge.nonce, 8) ||
-		!ntlm_hmac_md5_update(ntlm->hmac_ctx,
-			(const unsigned char *)&local_nonce, 8) ||
-		!ntlm_hmac_md5_final(lm2_challengehash, &lm2_len, ntlm->hmac_ctx)) {
+	if (!ntlm_hmac_md5_init(ntlm, ntlm2_hash, NTLM_NTLM2_HASH_LEN) ||
+		!ntlm_hmac_md5_update(ntlm, (const unsigned char *)&ntlm->challenge.nonce, 8) ||
+		!ntlm_hmac_md5_update(ntlm, (const unsigned char *)&local_nonce, 8) ||
+		!ntlm_hmac_md5_final(lm2_challengehash, &lm2_len, ntlm)) {
 		ntlm_client_set_errmsg(ntlm, "failed to create HMAC-MD5");
 		return false;
 	}
-	assert(lm2_len == 16);
+	NTLM_ASSERT(ntlm, lm2_len == 16);
 	memcpy(&ntlm->lm_response[0], lm2_challengehash, 16);
 	memcpy(&ntlm->lm_response[16], &local_nonce, 8);
@@ -1163,7 +1184,7 @@ static bool generate_nonce(ntlm_client *ntlm)
 	if (ntlm->nonce)
 		return true;
-	if (!ntlm_random_bytes(ntlm, buf, 8))
+	if (!ntlm_random_bytes(buf, ntlm, 8))
 		return false;
 	memcpy(&ntlm->nonce, buf, sizeof(uint64_t));
@@ -1233,7 +1254,11 @@ int ntlm_client_response(
 	uint32_t flags = 0;
 	bool unicode;
-	assert(out && out_len && ntlm);
+	NTLM_ASSERT_ARG(out);
+	NTLM_ASSERT_ARG(out_len);
+	NTLM_ASSERT_ARG(ntlm);
+	ENSURE_INITIALIZED(ntlm);
 	*out = NULL;
 	*out_len = 0;
@@ -1356,7 +1381,7 @@ int ntlm_client_response(
 		!write_buf(ntlm, &ntlm->response, session, session_len))
 		return -1;
-	assert(ntlm->response.pos == ntlm->response.len);
+	NTLM_ASSERT(ntlm, ntlm->response.pos == ntlm->response.len);
 	ntlm->state = NTLM_STATE_COMPLETE;
@@ -1368,41 +1393,48 @@ int ntlm_client_response(
 void ntlm_client_reset(ntlm_client *ntlm)
 {
-	ntlm_client_flags flags;
-	ntlm_hmac_ctx *hmac_ctx;
-	ntlm_unicode_ctx *unicode_ctx;
-	assert(ntlm);
+	if (!ntlm)
+		return;
-	free(ntlm->negotiate.buf);
-	free(ntlm->challenge.target_info);
-	free(ntlm->challenge.target);
-	free(ntlm->challenge.target_domain);
-	free(ntlm->challenge.target_domain_dns);
-	free(ntlm->challenge.target_server);
-	free(ntlm->challenge.target_server_dns);
-	free(ntlm->response.buf);
+	ntlm->state = NTLM_STATE_NEGOTIATE;
-	free(ntlm->hostname);
-	free(ntlm->hostname_utf16);
-	free(ntlm->hostdomain);
+	free_hostname(ntlm);
-	free(ntlm->target);
-	free(ntlm->target_utf16);
+	memset(&ntlm->host_version, 0, sizeof(ntlm_version));
-	free(ntlm->ntlm2_response);
+	reset(ntlm->target);
+	reset(ntlm->target_utf16);
+	ntlm->target_utf16_len = 0;
 	free_credentials(ntlm);
-	flags = ntlm->flags;
-	hmac_ctx = ntlm->hmac_ctx;
-	unicode_ctx = ntlm->unicode_ctx;
+	ntlm->nonce = 0;
+	ntlm->timestamp = 0;
-	memset(ntlm, 0, sizeof(struct ntlm_client));
+	memset(ntlm->lm_response, 0, NTLM_LM_RESPONSE_LEN);
+	ntlm->lm_response_len = 0;
-	ntlm->flags = flags;
-	ntlm->hmac_ctx = hmac_ctx;
-	ntlm->unicode_ctx = unicode_ctx;
+	memset(ntlm->ntlm_response, 0, NTLM_NTLM_RESPONSE_LEN);
+	ntlm->ntlm_response_len = 0;
+	reset(ntlm->ntlm2_response);
+	ntlm->ntlm2_response_len = 0;
+	reset(ntlm->negotiate.buf);
+	ntlm->negotiate.pos = 0;
+	ntlm->negotiate.len = 0;
+	reset(ntlm->response.buf);
+	ntlm->response.pos = 0;
+	ntlm->response.len = 0;
+	free(ntlm->challenge.target_info);
+	free(ntlm->challenge.target);
+	free(ntlm->challenge.target_domain);
+	free(ntlm->challenge.target_domain_dns);
+	free(ntlm->challenge.target_server);
+	free(ntlm->challenge.target_server_dns);
+	memset(&ntlm->challenge, 0, sizeof(ntlm_challenge));
 }
 void ntlm_client_free(ntlm_client *ntlm)
@@ -1410,10 +1442,10 @@ void ntlm_client_free(ntlm_client *ntlm)
 	if (!ntlm)
 		return;
-	ntlm_client_reset(ntlm);
+	ntlm_crypt_shutdown(ntlm);
+	ntlm_unicode_shutdown(ntlm);
-	ntlm_hmac_ctx_free(ntlm->hmac_ctx);
-	ntlm_unicode_ctx_free(ntlm->unicode_ctx);
+	ntlm_client_reset(ntlm);
 	free(ntlm);
 }