diff --git a/lib/curl_krb5.h b/lib/curl_krb5.h index f0a6fa69b..3f40f9a6c 100644 --- a/lib/curl_krb5.h +++ b/lib/curl_krb5.h @@ -7,7 +7,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 1998 - 2020, Daniel Stenberg, , et al. + * Copyright (C) 1998 - 2021, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -26,7 +26,7 @@ struct Curl_sec_client_mech { const char *name; size_t size; int (*init)(void *); - int (*auth)(void *, struct connectdata *); + int (*auth)(void *, struct Curl_easy *data, struct connectdata *); void (*end)(void *); int (*check_prot)(void *, int); int (*overhead)(void *, int, int); @@ -39,10 +39,10 @@ struct Curl_sec_client_mech { #define AUTH_ERROR 2 #ifdef HAVE_GSSAPI -int Curl_sec_read_msg(struct connectdata *conn, char *, +int Curl_sec_read_msg(struct Curl_easy *data, struct connectdata *conn, char *, enum protection_level); void Curl_sec_end(struct connectdata *); -CURLcode Curl_sec_login(struct connectdata *); +CURLcode Curl_sec_login(struct Curl_easy *, struct connectdata *); int Curl_sec_request_prot(struct connectdata *conn, const char *level); #else #define Curl_sec_end(x) diff --git a/lib/ftp.c b/lib/ftp.c index c7162e152..ab6685ade 100644 --- a/lib/ftp.c +++ b/lib/ftp.c @@ -561,13 +561,13 @@ static CURLcode ftp_readresp(struct Curl_easy *data, /* handle the security-oriented responses 6xx ***/ switch(code) { case 631: - code = Curl_sec_read_msg(conn, buf, PROT_SAFE); + code = Curl_sec_read_msg(data, conn, buf, PROT_SAFE); break; case 632: - code = Curl_sec_read_msg(conn, buf, PROT_PRIVATE); + code = Curl_sec_read_msg(data, conn, buf, PROT_PRIVATE); break; case 633: - code = Curl_sec_read_msg(conn, buf, PROT_CONFIDENTIAL); + code = Curl_sec_read_msg(data, conn, buf, PROT_CONFIDENTIAL); break; default: /* normal ftp stuff we pass through! */ @@ -2685,7 +2685,7 @@ static CURLcode ftp_statemachine(struct Curl_easy *data, set a valid level */ Curl_sec_request_prot(conn, data->set.str[STRING_KRB_LEVEL]); - if(Curl_sec_login(conn)) + if(Curl_sec_login(data, conn)) infof(data, "Logging in with password in cleartext!\n"); else infof(data, "Authentication successful\n"); diff --git a/lib/http.h b/lib/http.h index 9129a406a..28f9341f6 100644 --- a/lib/http.h +++ b/lib/http.h @@ -288,9 +288,10 @@ CURLcode Curl_http_readwrite_headers(struct Curl_easy *data, /** * Curl_http_output_auth() setups the authentication headers for the * host/proxy and the correct authentication - * method. conn->data->state.authdone is set to TRUE when authentication is + * method. data->state.authdone is set to TRUE when authentication is * done. * + * @param data all information about the current transfer * @param conn all information about the current connection * @param request pointer to the request keyword * @param httpreq is the request type diff --git a/lib/krb5.c b/lib/krb5.c index 898d74144..eb83566d6 100644 --- a/lib/krb5.c +++ b/lib/krb5.c @@ -56,7 +56,8 @@ #include "curl_memory.h" #include "memdebug.h" -static CURLcode ftpsend(struct connectdata *conn, const char *cmd) +static CURLcode ftpsend(struct Curl_easy *data, struct connectdata *conn, + const char *cmd) { ssize_t bytes_written; #define SBUF_SIZE 1024 @@ -80,7 +81,7 @@ static CURLcode ftpsend(struct connectdata *conn, const char *cmd) write_len += 2; bytes_written = 0; - result = Curl_convert_to_network(conn->data, s, write_len); + result = Curl_convert_to_network(data, s, write_len); /* Curl_convert_to_network calls failf if unsuccessful */ if(result) return result; @@ -89,7 +90,7 @@ static CURLcode ftpsend(struct connectdata *conn, const char *cmd) #ifdef HAVE_GSSAPI conn->data_prot = PROT_CMD; #endif - result = Curl_write(conn->data, conn->sock[FIRSTSOCKET], sptr, write_len, + result = Curl_write(data, conn->sock[FIRSTSOCKET], sptr, write_len, &bytes_written); #ifdef HAVE_GSSAPI DEBUGASSERT(data_sec > PROT_NONE && data_sec < PROT_LAST); @@ -99,7 +100,7 @@ static CURLcode ftpsend(struct connectdata *conn, const char *cmd) if(result) break; - Curl_debug(conn->data, CURLINFO_HEADER_OUT, sptr, (size_t)bytes_written); + Curl_debug(data, CURLINFO_HEADER_OUT, sptr, (size_t)bytes_written); if(bytes_written != (ssize_t)write_len) { write_len -= bytes_written; @@ -202,14 +203,13 @@ krb5_encode(void *app_data, const void *from, int length, int level, void **to) } static int -krb5_auth(void *app_data, struct connectdata *conn) +krb5_auth(void *app_data, struct Curl_easy *data, struct connectdata *conn) { int ret = AUTH_OK; char *p; const char *host = conn->host.name; ssize_t nread; curl_socklen_t l = sizeof(conn->local_addr); - struct Curl_easy *data = conn->data; CURLcode result; const char *service = data->set.str[STRING_SERVICE_NAME] ? data->set.str[STRING_SERVICE_NAME] : @@ -242,7 +242,7 @@ krb5_auth(void *app_data, struct connectdata *conn) for(;;) { /* this really shouldn't be repeated here, but can't help it */ if(service == srv_host) { - result = ftpsend(conn, "AUTH GSSAPI"); + result = ftpsend(data, conn, "AUTH GSSAPI"); if(result) return -2; @@ -319,7 +319,7 @@ krb5_auth(void *app_data, struct connectdata *conn) cmd = aprintf("ADAT %s", p); if(cmd) - result = ftpsend(conn, cmd); + result = ftpsend(data, conn, cmd); else result = CURLE_OUT_OF_MEMORY; @@ -454,7 +454,7 @@ static int ftp_send_command(struct Curl_easy *data, const char *message, ...) mvsnprintf(print_buffer, sizeof(print_buffer), message, args); va_end(args); - if(ftpsend(data->conn, print_buffer)) { + if(ftpsend(data, data->conn, print_buffer)) { ftp_code = -1; } else { @@ -495,7 +495,7 @@ socket_read(curl_socket_t fd, void *to, size_t len) CURLcode saying whether an error occurred or CURLE_OK if |len| was written. */ static CURLcode -socket_write(struct connectdata *conn, curl_socket_t fd, const void *to, +socket_write(struct Curl_easy *data, curl_socket_t fd, const void *to, size_t len) { const char *to_p = to; @@ -503,7 +503,7 @@ socket_write(struct connectdata *conn, curl_socket_t fd, const void *to, ssize_t written; while(len > 0) { - result = Curl_write_plain(conn->data, fd, to_p, len, &written); + result = Curl_write_plain(data, fd, to_p, len, &written); if(!result) { len -= written; to_p += written; @@ -598,8 +598,8 @@ static ssize_t sec_recv(struct Curl_easy *data, int sockindex, /* Send |length| bytes from |from| to the |fd| socket taking care of encoding and negotiating with the server. |from| can be NULL. */ -static void do_sec_send(struct connectdata *conn, curl_socket_t fd, - const char *from, int length) +static void do_sec_send(struct Curl_easy *data, struct connectdata *conn, + curl_socket_t fd, const char *from, int length) { int bytes, htonl_bytes; /* 32-bit integers for htonl */ char *buffer = NULL; @@ -623,7 +623,7 @@ static void do_sec_send(struct connectdata *conn, curl_socket_t fd, return; /* error */ if(iscmd) { - error = Curl_base64_encode(conn->data, buffer, curlx_sitouz(bytes), + error = Curl_base64_encode(data, buffer, curlx_sitouz(bytes), &cmd_buffer, &cmd_size); if(error) { free(buffer); @@ -633,27 +633,27 @@ static void do_sec_send(struct connectdata *conn, curl_socket_t fd, static const char *enc = "ENC "; static const char *mic = "MIC "; if(prot_level == PROT_PRIVATE) - socket_write(conn, fd, enc, 4); + socket_write(data, fd, enc, 4); else - socket_write(conn, fd, mic, 4); + socket_write(data, fd, mic, 4); - socket_write(conn, fd, cmd_buffer, cmd_size); - socket_write(conn, fd, "\r\n", 2); - infof(conn->data, "Send: %s%s\n", prot_level == PROT_PRIVATE?enc:mic, + socket_write(data, fd, cmd_buffer, cmd_size); + socket_write(data, fd, "\r\n", 2); + infof(data, "Send: %s%s\n", prot_level == PROT_PRIVATE?enc:mic, cmd_buffer); free(cmd_buffer); } } else { htonl_bytes = htonl(bytes); - socket_write(conn, fd, &htonl_bytes, sizeof(htonl_bytes)); - socket_write(conn, fd, buffer, curlx_sitouz(bytes)); + socket_write(data, fd, &htonl_bytes, sizeof(htonl_bytes)); + socket_write(data, fd, buffer, curlx_sitouz(bytes)); } free(buffer); } -static ssize_t sec_write(struct connectdata *conn, curl_socket_t fd, - const char *buffer, size_t length) +static ssize_t sec_write(struct Curl_easy *data, struct connectdata *conn, + curl_socket_t fd, const char *buffer, size_t length) { ssize_t tx = 0, len = conn->buffer_size; @@ -665,7 +665,7 @@ static ssize_t sec_write(struct connectdata *conn, curl_socket_t fd, if(length < (size_t)len) len = length; - do_sec_send(conn, fd, buffer, curlx_sztosi(len)); + do_sec_send(data, conn, fd, buffer, curlx_sztosi(len)); length -= len; buffer += len; tx += len; @@ -680,11 +680,11 @@ static ssize_t sec_send(struct Curl_easy *data, int sockindex, struct connectdata *conn = data->conn; curl_socket_t fd = conn->sock[sockindex]; *err = CURLE_OK; - return sec_write(conn, fd, buffer, len); + return sec_write(data, conn, fd, buffer, len); } -int Curl_sec_read_msg(struct connectdata *conn, char *buffer, - enum protection_level level) +int Curl_sec_read_msg(struct Curl_easy *data, struct connectdata *conn, + char *buffer, enum protection_level level) { /* decoded_len should be size_t or ssize_t but conn->mech->decode returns an int */ @@ -694,6 +694,8 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer, size_t decoded_sz = 0; CURLcode error; + (void) data; + if(!conn->mech) /* not inititalized, return error */ return -1; @@ -719,7 +721,7 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer, { buf[decoded_len] = '\n'; - Curl_debug(conn->data, CURLINFO_HEADER_IN, buf, decoded_len + 1); + Curl_debug(data, CURLINFO_HEADER_IN, buf, decoded_len + 1); } buf[decoded_len] = '\0'; @@ -747,8 +749,8 @@ static int sec_set_protection_level(struct Curl_easy *data) DEBUGASSERT(level > PROT_NONE && level < PROT_LAST); if(!conn->sec_complete) { - infof(conn->data, "Trying to change the protection level after the" - " completion of the data exchange.\n"); + infof(data, "Trying to change the protection level after the" + " completion of the data exchange.\n"); return -1; } @@ -765,7 +767,7 @@ static int sec_set_protection_level(struct Curl_easy *data) return -1; if(code/100 != 2) { - failf(conn->data, "Failed to set the protection's buffer size."); + failf(data, "Failed to set the protection's buffer size."); return -1; } conn->buffer_size = buffer_size; @@ -786,7 +788,7 @@ static int sec_set_protection_level(struct Curl_easy *data) return -1; if(code/100 != 2) { - failf(conn->data, "Failed to set the protection level."); + failf(data, "Failed to set the protection level."); return -1; } @@ -808,10 +810,9 @@ Curl_sec_request_prot(struct connectdata *conn, const char *level) return 0; } -static CURLcode choose_mech(struct connectdata *conn) +static CURLcode choose_mech(struct Curl_easy *data, struct connectdata *conn) { int ret; - struct Curl_easy *data = conn->data; void *tmp_allocation; const struct Curl_sec_client_mech *mech = &Curl_krb5_client_mech; @@ -858,7 +859,7 @@ static CURLcode choose_mech(struct connectdata *conn) } /* Authenticate */ - ret = mech->auth(conn->app_data, conn); + ret = mech->auth(conn->app_data, data, conn); if(ret != AUTH_CONTINUE) { if(ret != AUTH_OK) { @@ -883,9 +884,9 @@ static CURLcode choose_mech(struct connectdata *conn) } CURLcode -Curl_sec_login(struct connectdata *conn) +Curl_sec_login(struct Curl_easy *data, struct connectdata *conn) { - return choose_mech(conn); + return choose_mech(data, conn); } diff --git a/lib/ldap.c b/lib/ldap.c index 9808ac132..307ebebaf 100644 --- a/lib/ldap.c +++ b/lib/ldap.c @@ -100,7 +100,8 @@ struct ldap_urldesc { #undef LDAPURLDesc #define LDAPURLDesc struct ldap_urldesc -static int _ldap_url_parse(const struct connectdata *conn, +static int _ldap_url_parse(struct Curl_easy *data, + const struct connectdata *conn, LDAPURLDesc **ludp); static void _ldap_free_urldesc(LDAPURLDesc *ludp); @@ -232,7 +233,7 @@ static int ldap_win_bind_auth(LDAP *server, const char *user, } #endif /* #if defined(USE_WINDOWS_SSPI) */ -static int ldap_win_bind(struct connectdata *conn, LDAP *server, +static int ldap_win_bind(struct Curl_easy *data, LDAP *server, const char *user, const char *passwd) { int rc = LDAP_INVALID_CREDENTIALS; @@ -240,7 +241,7 @@ static int ldap_win_bind(struct connectdata *conn, LDAP *server, PTCHAR inuser = NULL; PTCHAR inpass = NULL; - if(user && passwd && (conn->data->set.httpauth & CURLAUTH_BASIC)) { + if(user && passwd && (data->set.httpauth & CURLAUTH_BASIC)) { inuser = curlx_convert_UTF8_to_tchar((char *) user); inpass = curlx_convert_UTF8_to_tchar((char *) passwd); @@ -251,7 +252,7 @@ static int ldap_win_bind(struct connectdata *conn, LDAP *server, } #if defined(USE_WINDOWS_SSPI) else { - rc = ldap_win_bind_auth(server, user, passwd, conn->data->set.httpauth); + rc = ldap_win_bind_auth(server, user, passwd, data->set.httpauth); } #endif @@ -300,7 +301,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) #ifdef HAVE_LDAP_URL_PARSE rc = ldap_url_parse(data->change.url, &ludp); #else - rc = _ldap_url_parse(conn, &ludp); + rc = _ldap_url_parse(data, conn, &ludp); #endif if(rc != 0) { failf(data, "LDAP local: %s", ldap_err2string(rc)); @@ -472,7 +473,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) } #ifdef USE_WIN32_LDAP ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto); - rc = ldap_win_bind(conn, server, user, passwd); + rc = ldap_win_bind(data, server, user, passwd); #else rc = ldap_simple_bind_s(server, user, passwd); #endif @@ -480,7 +481,7 @@ static CURLcode ldap_do(struct Curl_easy *data, bool *done) ldap_proto = LDAP_VERSION2; ldap_set_option(server, LDAP_OPT_PROTOCOL_VERSION, &ldap_proto); #ifdef USE_WIN32_LDAP - rc = ldap_win_bind(conn, server, user, passwd); + rc = ldap_win_bind(data, server, user, passwd); #else rc = ldap_simple_bind_s(server, user, passwd); #endif @@ -812,14 +813,15 @@ static bool split_str(char *str, char ***out, size_t *count) * * already known from 'conn->host.name'. * already known from 'conn->remote_port'. - * extract the rest from 'conn->data->state.path+1'. All fields are optional. + * extract the rest from 'data->state.path+1'. All fields are optional. * e.g. * ldap://:/??? * yields ludp->lud_dn = "". * * Defined in RFC4516 section 2. */ -static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp) +static int _ldap_url_parse2(struct Curl_easy *data, + const struct connectdata *conn, LDAPURLDesc *ludp) { int rc = LDAP_SUCCESS; char *p; @@ -828,10 +830,10 @@ static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp) char *query = NULL; size_t i; - if(!conn->data || - !conn->data->state.up.path || - conn->data->state.up.path[0] != '/' || - !strncasecompare("LDAP", conn->data->state.up.scheme, 4)) + if(!data || + !data->state.up.path || + data->state.up.path[0] != '/' || + !strncasecompare("LDAP", data->state.up.scheme, 4)) return LDAP_INVALID_SYNTAX; ludp->lud_scope = LDAP_SCOPE_BASE; @@ -839,13 +841,13 @@ static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp) ludp->lud_host = conn->host.name; /* Duplicate the path */ - p = path = strdup(conn->data->state.up.path + 1); + p = path = strdup(data->state.up.path + 1); if(!path) return LDAP_NO_MEMORY; /* Duplicate the query if present */ - if(conn->data->state.up.query) { - q = query = strdup(conn->data->state.up.query); + if(data->state.up.query) { + q = query = strdup(data->state.up.query); if(!query) { free(path); return LDAP_NO_MEMORY; @@ -861,7 +863,7 @@ static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp) LDAP_TRACE(("DN '%s'\n", dn)); /* Unescape the DN */ - result = Curl_urldecode(conn->data, dn, 0, &unescaped, NULL, REJECT_ZERO); + result = Curl_urldecode(data, dn, 0, &unescaped, NULL, REJECT_ZERO); if(result) { rc = LDAP_NO_MEMORY; @@ -926,7 +928,7 @@ static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp) LDAP_TRACE(("attr[%zu] '%s'\n", i, attributes[i])); /* Unescape the attribute */ - result = Curl_urldecode(conn->data, attributes[i], 0, &unescaped, NULL, + result = Curl_urldecode(data, attributes[i], 0, &unescaped, NULL, REJECT_ZERO); if(result) { free(attributes); @@ -996,8 +998,7 @@ static int _ldap_url_parse2(const struct connectdata *conn, LDAPURLDesc *ludp) LDAP_TRACE(("filter '%s'\n", filter)); /* Unescape the filter */ - result = Curl_urldecode(conn->data, filter, 0, &unescaped, NULL, - REJECT_ZERO); + result = Curl_urldecode(data, filter, 0, &unescaped, NULL, REJECT_ZERO); if(result) { rc = LDAP_NO_MEMORY; @@ -1035,7 +1036,8 @@ quit: return rc; } -static int _ldap_url_parse(const struct connectdata *conn, +static int _ldap_url_parse(struct Curl_easy *data, + const struct connectdata *conn, LDAPURLDesc **ludpp) { LDAPURLDesc *ludp = calloc(1, sizeof(*ludp)); @@ -1045,7 +1047,7 @@ static int _ldap_url_parse(const struct connectdata *conn, if(!ludp) return LDAP_NO_MEMORY; - rc = _ldap_url_parse2(conn, ludp); + rc = _ldap_url_parse2(data, conn, ludp); if(rc != LDAP_SUCCESS) { _ldap_free_urldesc(ludp); ludp = NULL; diff --git a/lib/sendf.c b/lib/sendf.c index 5075c5439..b3c7fe33d 100644 --- a/lib/sendf.c +++ b/lib/sendf.c @@ -142,7 +142,8 @@ bool Curl_recv_has_postponed_data(struct connectdata *conn, int sockindex) psnd->recv_size > psnd->recv_processed; } -static CURLcode pre_receive_plain(struct connectdata *conn, int num) +static CURLcode pre_receive_plain(struct Curl_easy *data, + struct connectdata *conn, int num) { const curl_socket_t sockfd = conn->sock[num]; struct postponed_data * const psnd = &(conn->postponed[num]); @@ -161,7 +162,7 @@ static CURLcode pre_receive_plain(struct connectdata *conn, int num) /* Have some incoming data */ if(!psnd->buffer) { /* Use buffer double default size for intermediate buffer */ - psnd->allocated_size = 2 * conn->data->set.buffer_size; + psnd->allocated_size = 2 * data->set.buffer_size; psnd->buffer = malloc(psnd->allocated_size); if(!psnd->buffer) return CURLE_OUT_OF_MEMORY; @@ -230,7 +231,7 @@ bool Curl_recv_has_postponed_data(struct connectdata *conn, int sockindex) (void)sockindex; return false; } -#define pre_receive_plain(c,n) CURLE_OK +#define pre_receive_plain(d,c,n) CURLE_OK #define get_pre_recved(c,n,b,l) 0 #endif /* ! USE_RECV_BEFORE_SEND_WORKAROUND */ @@ -347,7 +348,7 @@ ssize_t Curl_send_plain(struct Curl_easy *data, int num, To avoid lossage of received data, recv() must be performed before every send() if any incoming data is available. */ - if(pre_receive_plain(conn, num)) { + if(pre_receive_plain(data, conn, num)) { *code = CURLE_OUT_OF_MEMORY; return -1; }