From ccf7a826050fe33aace329b86d77895bdb7dd4c3 Mon Sep 17 00:00:00 2001 From: Steve Holme Date: Sat, 9 Apr 2016 20:47:05 +0100 Subject: [PATCH] CURLOPT_SOCKS5_GSSAPI_SERVICE: Merged with CURLOPT_PROXY_SERVICE_NAME As these two options provide identical functionality, the former for SOCK5 proxies and the latter for HTTP proxies, merged the two options together. As such CURLOPT_SOCKS5_GSSAPI_SERVICE is marked as deprecated as of 7.49.0. --- .../libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 | 5 +++-- .../opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 | 16 ++++++++------ docs/libcurl/symbols-in-versions | 2 +- include/curl/curl.h | 2 +- lib/socks_gssapi.c | 3 ++- lib/socks_sspi.c | 3 ++- lib/url.c | 22 +++++-------------- lib/url.h | 2 -- lib/urldata.h | 1 - src/tool_cfgable.c | 1 - src/tool_cfgable.h | 10 ++++----- src/tool_getparam.c | 9 ++++---- src/tool_operate.c | 5 ----- 13 files changed, 31 insertions(+), 50 deletions(-) diff --git a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 index 237c60ffb..a010382fd 100644 --- a/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 +++ b/docs/libcurl/opts/CURLOPT_PROXY_SERVICE_NAME.3 @@ -29,7 +29,8 @@ CURLOPT_PROXY_SERVICE_NAME \- proxy authentication service name CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SERVICE_NAME, char *name); .SH DESCRIPTION Pass a char * as parameter to a string holding the \fIname\fP of the -service. The default service name is "HTTP". This option allows you to change it. +service. The default service name is "HTTP" for HTTP based proxies and "rcmd" +for SOCKS5. This option allows you to change it. .SH DEFAULT See above .SH PROTOCOLS @@ -37,7 +38,7 @@ All network protocols .SH EXAMPLE TODO .SH AVAILABILITY -Added in 7.43.0 +Added in 7.43.0 for HTTP proxies, 7.49.0 for SOCKS5 proxies. .SH RETURN VALUE Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. diff --git a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 index 784d16857..3e1544f7e 100644 --- a/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 +++ b/docs/libcurl/opts/CURLOPT_SOCKS5_GSSAPI_SERVICE.3 @@ -5,7 +5,7 @@ .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * -.\" * Copyright (C) 1998 - 2014, Daniel Stenberg, , et al. +.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms @@ -22,23 +22,25 @@ .\" .TH CURLOPT_SOCKS5_GSSAPI_SERVICE 3 "19 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options" .SH NAME -CURLOPT_SOCKS5_GSSAPI_SERVICE \- proxy socks gssapi service name +CURLOPT_SOCKS5_GSSAPI_SERVICE \- SOCKS5 proxy authentication service name .SH SYNOPSIS #include CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SOCKS5_GSSAPI_SERVICE, char *name); .SH DESCRIPTION -Pass a char * as parameter to a string holding the \fIname\fP of the -service. The default service name for a SOCKS5 server is -rcmd/server-fqdn. This option allows you to change it. +Deprecated since 7.49.0. Use \CURLOPT_PROXY_SERVICE_NAME(3)\fP instead. + +Pass a char * as parameter to a string holding the \fIname\fP of the service. +The default service name for a SOCKS5 server is "rcmd". This option allows you +to change it. .SH DEFAULT See above .SH PROTOCOLS -Most +All network protocols .SH EXAMPLE TODO .SH AVAILABILITY -Added in 7.19.4 +Added in 7.19.4, deprecated in 7.49.0 .SH RETURN VALUE Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index f116aca7b..3e64039a4 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -492,7 +492,7 @@ CURLOPT_SHARE 7.10 CURLOPT_SOCKOPTDATA 7.16.0 CURLOPT_SOCKOPTFUNCTION 7.16.0 CURLOPT_SOCKS5_GSSAPI_NEC 7.19.4 -CURLOPT_SOCKS5_GSSAPI_SERVICE 7.19.4 +CURLOPT_SOCKS5_GSSAPI_SERVICE 7.19.4 7.49.0 CURLOPT_SOURCE_HOST 7.12.1 - 7.15.5 CURLOPT_SOURCE_PATH 7.12.1 - 7.15.5 CURLOPT_SOURCE_PORT 7.12.1 - 7.15.5 diff --git a/include/curl/curl.h b/include/curl/curl.h index 954b014df..a8697bb2a 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -1462,7 +1462,7 @@ typedef enum { CINIT(TFTP_BLKSIZE, LONG, 178), /* Socks Service */ - CINIT(SOCKS5_GSSAPI_SERVICE, STRINGPOINT, 179), + CINIT(SOCKS5_GSSAPI_SERVICE, STRINGPOINT, 179), /* DEPRECATED, do not use! */ /* Socks Service */ CINIT(SOCKS5_GSSAPI_NEC, LONG, 180), diff --git a/lib/socks_gssapi.c b/lib/socks_gssapi.c index 09457aecd..e3fc260cb 100644 --- a/lib/socks_gssapi.c +++ b/lib/socks_gssapi.c @@ -120,7 +120,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, unsigned short us_length; char *user=NULL; unsigned char socksreq[4]; /* room for GSS-API exchange header only */ - char *serviceptr = data->set.str[STRING_SOCKS5_GSSAPI_SERVICE]; + const char *serviceptr = data->set.str[STRING_PROXY_SERVICE_NAME] ? + data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd"; /* GSS-API request looks like * +----+------+-----+----------------+ diff --git a/lib/socks_sspi.c b/lib/socks_sspi.c index 5f650be67..c5f25b66f 100644 --- a/lib/socks_sspi.c +++ b/lib/socks_sspi.c @@ -83,7 +83,8 @@ CURLcode Curl_SOCKS5_gssapi_negotiate(int sockindex, unsigned short us_length; unsigned long qop; unsigned char socksreq[4]; /* room for GSS-API exchange header only */ - char *service = data->set.str[STRING_SOCKS5_GSSAPI_SERVICE]; + const char *service = data->set.str[STRING_PROXY_SERVICE_NAME] ? + data->set.str[STRING_PROXY_SERVICE_NAME] : "rcmd"; /* GSS-API request looks like * +----+------+-----+----------------+ diff --git a/lib/url.c b/lib/url.c index 468e14330..b597becb2 100644 --- a/lib/url.c +++ b/lib/url.c @@ -571,11 +571,6 @@ CURLcode Curl_init_userdefined(struct UserDefined *set) * seem not to follow rfc1961 section 4.3/4.4 */ set->socks5_gssapi_nec = FALSE; - /* set default GSS-API service name */ - result = setstropt(&set->str[STRING_SOCKS5_GSSAPI_SERVICE], - CURL_DEFAULT_SOCKS5_GSSAPI_SERVICE); - if(result) - return result; #endif /* This is our preferred CA cert bundle/path since install time */ @@ -1478,28 +1473,21 @@ CURLcode Curl_setopt(struct SessionHandle *data, CURLoption option, #endif /* CURL_DISABLE_PROXY */ #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - case CURLOPT_SOCKS5_GSSAPI_SERVICE: + case CURLOPT_SOCKS5_GSSAPI_NEC: /* - * Set GSS-API service name + * Set flag for NEC SOCK5 support */ - result = setstropt(&data->set.str[STRING_SOCKS5_GSSAPI_SERVICE], - va_arg(param, char *)); + data->set.socks5_gssapi_nec = (0 != va_arg(param, long)) ? TRUE : FALSE; break; + case CURLOPT_SOCKS5_GSSAPI_SERVICE: case CURLOPT_PROXY_SERVICE_NAME: /* - * Set negotiate proxy service name + * Set proxy authentication service name for Kerberos 5 and SPNEGO */ result = setstropt(&data->set.str[STRING_PROXY_SERVICE_NAME], va_arg(param, char *)); break; - - case CURLOPT_SOCKS5_GSSAPI_NEC: - /* - * set flag for nec socks5 support - */ - data->set.socks5_gssapi_nec = (0 != va_arg(param, long)) ? TRUE : FALSE; - break; #endif #if !defined(CURL_DISABLE_CRYPTO_AUTH) || defined(USE_KERBEROS5) || \ diff --git a/lib/url.h b/lib/url.h index e7a9ddf08..2b25731ea 100644 --- a/lib/url.h +++ b/lib/url.h @@ -67,8 +67,6 @@ void Curl_getoff_all_pipelines(struct SessionHandle *data, void Curl_close_connections(struct SessionHandle *data); #define CURL_DEFAULT_PROXY_PORT 1080 /* default proxy port unless specified */ -#define CURL_DEFAULT_SOCKS5_GSSAPI_SERVICE "rcmd" /* default socks5 gssapi - service */ CURLcode Curl_connected_proxy(struct connectdata *conn, int sockindex); diff --git a/lib/urldata.h b/lib/urldata.h index 402a1970d..78593eecc 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -1407,7 +1407,6 @@ enum dupstring { STRING_SSH_KNOWNHOSTS, /* file name of knownhosts file */ #endif #if defined(HAVE_GSSAPI) || defined(USE_WINDOWS_SSPI) - STRING_SOCKS5_GSSAPI_SERVICE, /* GSSAPI service name */ STRING_PROXY_SERVICE_NAME, /* Proxy service name */ #endif #if !defined(CURL_DISABLE_CRYPTO_AUTH) || defined(USE_KERBEROS5) || \ diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c index 6c2aced55..4517714cd 100644 --- a/src/tool_cfgable.c +++ b/src/tool_cfgable.c @@ -137,7 +137,6 @@ static void free_config_fields(struct OperationConfig *config) curl_slist_free_all(config->resolve); Curl_safefree(config->socksproxy); - Curl_safefree(config->socks5_gssapi_service); Curl_safefree(config->proxy_service_name); Curl_safefree(config->service_name); diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h index fba5617ad..ba91062c6 100644 --- a/src/tool_cfgable.h +++ b/src/tool_cfgable.h @@ -165,12 +165,10 @@ struct OperationConfig { char *socksproxy; /* set to server string */ int socksver; /* set to CURLPROXY_SOCKS* define */ - char *socks5_gssapi_service; /* set service name for gssapi principal - * default rcmd */ - char *proxy_service_name; /* set service name for proxy negotiation - * default HTTP */ - int socks5_gssapi_nec ; /* The NEC reference server does not protect - * the encryption type exchange */ + int socks5_gssapi_nec; /* The NEC reference server does not protect the + encryption type exchange */ + char *proxy_service_name; /* set authentication service name for HTTP and + SOCKS5 proxies */ char *service_name; /* set authentication service name for DIGEST-MD5, Kerberos 5 and SPNEGO */ diff --git a/src/tool_getparam.c b/src/tool_getparam.c index cf848c6d7..70290d19e 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -158,7 +158,6 @@ static const struct LongShort aliases[]= { {"$3", "keepalive-time", TRUE}, {"$4", "post302", FALSE}, {"$5", "noproxy", TRUE}, - {"$6", "socks5-gssapi-service", TRUE}, {"$7", "socks5-gssapi-nec", FALSE}, {"$8", "proxy1.0", TRUE}, {"$9", "tftp-blksize", TRUE}, @@ -176,6 +175,9 @@ static const struct LongShort aliases[]= { {"$L", "test-event", FALSE}, {"$M", "unix-socket", TRUE}, {"$N", "path-as-is", FALSE}, + {"$O", "socks5-gssapi-service", TRUE}, + /* 'socks5-gssapi-service' merged with'proxy-service-name' and + deprecated since 7.49.0 */ {"$O", "proxy-service-name", TRUE}, {"$P", "service-name", TRUE}, {"$Q", "proto-default", TRUE}, @@ -901,10 +903,7 @@ ParameterError getparameter(char *flag, /* f or -long-flag */ /* This specifies the noproxy list */ GetStr(&config->noproxy, nextarg); break; - case '6': /* --socks5-gssapi-service */ - GetStr(&config->socks5_gssapi_service, nextarg); - break; - case '7': /* --socks5-gssapi-nec*/ + case '7': /* --socks5-gssapi-nec*/ config->socks5_gssapi_nec = toggle; break; case '8': /* --proxy1.0 */ diff --git a/src/tool_operate.c b/src/tool_operate.c index 0387e9dcf..c8bf12bb2 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -1209,11 +1209,6 @@ static CURLcode operate_do(struct GlobalConfig *global, my_setopt_enum(curl, CURLOPT_FTP_SSL_CCC, (long)config->ftp_ssl_ccc_mode); - /* new in curl 7.19.4 */ - if(config->socks5_gssapi_service) - my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_SERVICE, - config->socks5_gssapi_service); - /* new in curl 7.19.4 */ if(config->socks5_gssapi_nec) my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_NEC,