mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
curl --socks5-{basic,gssapi}: control socks5 auth
Closes https://github.com/curl/curl/pull/1454
This commit is contained in:
parent
8924f58c37
commit
ce2c3ebda2
@ -33,6 +33,7 @@ DPAGES = abstract-unix-socket.d anyauth.d append.d basic.d cacert.d capath.d cer
|
|||||||
remote-name-all.d remote-name.d remote-time.d request.d resolve.d \
|
remote-name-all.d remote-name.d remote-time.d request.d resolve.d \
|
||||||
retry-connrefused.d retry.d retry-delay.d retry-max-time.d sasl-ir.d \
|
retry-connrefused.d retry.d retry-delay.d retry-max-time.d sasl-ir.d \
|
||||||
service-name.d show-error.d silent.d socks4a.d socks4.d socks5.d \
|
service-name.d show-error.d silent.d socks4a.d socks4.d socks5.d \
|
||||||
|
socks5-basic.d socks5-gssapi.d \
|
||||||
socks5-gssapi-nec.d socks5-gssapi-service.d socks5-hostname.d \
|
socks5-gssapi-nec.d socks5-gssapi-service.d socks5-hostname.d \
|
||||||
speed-limit.d speed-time.d ssl-allow-beast.d ssl.d ssl-no-revoke.d \
|
speed-limit.d speed-time.d ssl-allow-beast.d ssl.d ssl-no-revoke.d \
|
||||||
ssl-reqd.d sslv2.d sslv3.d stderr.d suppress-connect-headers.d \
|
ssl-reqd.d sslv2.d sslv3.d stderr.d suppress-connect-headers.d \
|
||||||
|
7
docs/cmdline-opts/socks5-basic.d
Normal file
7
docs/cmdline-opts/socks5-basic.d
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
Long: socks5-basic
|
||||||
|
Help: Enable username/password auth for SOCKS5 proxies
|
||||||
|
Added: 7.55.0
|
||||||
|
---
|
||||||
|
Tells curl to use username/password authentication when connecting to a SOCKS5
|
||||||
|
proxy. The username/password authentication is enabled by default. Use
|
||||||
|
--socks5-gssapi to force GSS-API authentication to SOCKS5 proxies.
|
8
docs/cmdline-opts/socks5-gssapi.d
Normal file
8
docs/cmdline-opts/socks5-gssapi.d
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
Long: socks5-gssapi
|
||||||
|
Help: Enable GSS-API auth for SOCKS5 proxies
|
||||||
|
Added: 7.55.0
|
||||||
|
---
|
||||||
|
Tells curl to use GSS-API authentication when connecting to a SOCKS5 proxy.
|
||||||
|
The GSS-API authentication is enabled by default (if curl is compiled with
|
||||||
|
GSS-API support). Use --socks5-basic to force username/password authentication
|
||||||
|
to SOCKS5 proxies.
|
@ -189,6 +189,7 @@ struct OperationConfig {
|
|||||||
char *preproxy;
|
char *preproxy;
|
||||||
int socks5_gssapi_nec; /* The NEC reference server does not protect the
|
int socks5_gssapi_nec; /* The NEC reference server does not protect the
|
||||||
encryption type exchange */
|
encryption type exchange */
|
||||||
|
unsigned long socks5_auth;/* auth bitmask for socks5 proxies */
|
||||||
char *proxy_service_name; /* set authentication service name for HTTP and
|
char *proxy_service_name; /* set authentication service name for HTTP and
|
||||||
SOCKS5 proxies */
|
SOCKS5 proxies */
|
||||||
char *service_name; /* set authentication service name for DIGEST-MD5,
|
char *service_name; /* set authentication service name for DIGEST-MD5,
|
||||||
|
@ -251,6 +251,8 @@ static const struct LongShort aliases[]= {
|
|||||||
{"E7", "proxy-capath", ARG_STRING},
|
{"E7", "proxy-capath", ARG_STRING},
|
||||||
{"E8", "proxy-insecure", ARG_BOOL},
|
{"E8", "proxy-insecure", ARG_BOOL},
|
||||||
{"E9", "proxy-tlsv1", ARG_NONE},
|
{"E9", "proxy-tlsv1", ARG_NONE},
|
||||||
|
{"EA", "socks5-basic", ARG_BOOL},
|
||||||
|
{"EB", "socks5-gssapi", ARG_BOOL},
|
||||||
{"f", "fail", ARG_BOOL},
|
{"f", "fail", ARG_BOOL},
|
||||||
{"fa", "fail-early", ARG_BOOL},
|
{"fa", "fail-early", ARG_BOOL},
|
||||||
{"F", "form", ARG_STRING},
|
{"F", "form", ARG_STRING},
|
||||||
@ -1560,6 +1562,22 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
|
|||||||
config->proxy_ssl_version = CURL_SSLVERSION_TLSv1;
|
config->proxy_ssl_version = CURL_SSLVERSION_TLSv1;
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case 'A':
|
||||||
|
/* --socks5-basic */
|
||||||
|
if(toggle)
|
||||||
|
config->socks5_auth |= CURLAUTH_BASIC;
|
||||||
|
else
|
||||||
|
config->socks5_auth &= ~CURLAUTH_BASIC;
|
||||||
|
break;
|
||||||
|
|
||||||
|
case 'B':
|
||||||
|
/* --socks5-gssapi */
|
||||||
|
if(toggle)
|
||||||
|
config->socks5_auth |= CURLAUTH_GSSAPI;
|
||||||
|
else
|
||||||
|
config->socks5_auth &= ~CURLAUTH_GSSAPI;
|
||||||
|
break;
|
||||||
|
|
||||||
default: /* unknown flag */
|
default: /* unknown flag */
|
||||||
return PARAM_OPTION_UNKNOWN;
|
return PARAM_OPTION_UNKNOWN;
|
||||||
}
|
}
|
||||||
|
@ -378,6 +378,10 @@ static const struct helptxt helptext[] = {
|
|||||||
"SOCKS4a proxy on given host + port"},
|
"SOCKS4a proxy on given host + port"},
|
||||||
{" --socks5 <host[:port]>",
|
{" --socks5 <host[:port]>",
|
||||||
"SOCKS5 proxy on given host + port"},
|
"SOCKS5 proxy on given host + port"},
|
||||||
|
{" --socks5-basic",
|
||||||
|
"Enable username/password auth for SOCKS5 proxies"},
|
||||||
|
{" --socks5-gssapi",
|
||||||
|
"Enable GSS-API auth for SOCKS5 proxies"},
|
||||||
{" --socks5-gssapi-nec",
|
{" --socks5-gssapi-nec",
|
||||||
"Compatibility with NEC SOCKS5 server"},
|
"Compatibility with NEC SOCKS5 server"},
|
||||||
{" --socks5-gssapi-service <name>",
|
{" --socks5-gssapi-service <name>",
|
||||||
|
@ -1343,6 +1343,11 @@ static CURLcode operate_do(struct GlobalConfig *global,
|
|||||||
my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_NEC,
|
my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_NEC,
|
||||||
config->socks5_gssapi_nec);
|
config->socks5_gssapi_nec);
|
||||||
|
|
||||||
|
/* new in curl 7.55.0 */
|
||||||
|
if(config->socks5_auth)
|
||||||
|
my_setopt_bitmask(curl, CURLOPT_SOCKS5_AUTH,
|
||||||
|
(long)config->socks5_auth);
|
||||||
|
|
||||||
/* new in curl 7.43.0 */
|
/* new in curl 7.43.0 */
|
||||||
if(config->proxy_service_name)
|
if(config->proxy_service_name)
|
||||||
my_setopt_str(curl, CURLOPT_PROXY_SERVICE_NAME,
|
my_setopt_str(curl, CURLOPT_PROXY_SERVICE_NAME,
|
||||||
|
@ -170,6 +170,7 @@ static const NameValue setopt_nv_CURLNONZERODEFAULTS[] = {
|
|||||||
NV1(CURLOPT_TCP_NODELAY, 1),
|
NV1(CURLOPT_TCP_NODELAY, 1),
|
||||||
NV1(CURLOPT_PROXY_SSL_VERIFYPEER, 1),
|
NV1(CURLOPT_PROXY_SSL_VERIFYPEER, 1),
|
||||||
NV1(CURLOPT_PROXY_SSL_VERIFYHOST, 1),
|
NV1(CURLOPT_PROXY_SSL_VERIFYHOST, 1),
|
||||||
|
NV1(CURLOPT_SOCKS5_AUTH, 1),
|
||||||
NVEND
|
NVEND
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -72,6 +72,7 @@ extern const NameValueUnsigned setopt_nv_CURLAUTH[];
|
|||||||
#define setopt_nv_CURLOPT_REDIR_PROTOCOLS setopt_nv_CURLPROTO
|
#define setopt_nv_CURLOPT_REDIR_PROTOCOLS setopt_nv_CURLPROTO
|
||||||
#define setopt_nv_CURLOPT_PROXYTYPE setopt_nv_CURLPROXY
|
#define setopt_nv_CURLOPT_PROXYTYPE setopt_nv_CURLPROXY
|
||||||
#define setopt_nv_CURLOPT_PROXYAUTH setopt_nv_CURLAUTH
|
#define setopt_nv_CURLOPT_PROXYAUTH setopt_nv_CURLAUTH
|
||||||
|
#define setopt_nv_CURLOPT_SOCKS5_AUTH setopt_nv_CURLAUTH
|
||||||
|
|
||||||
/* Intercept setopt calls for --libcurl */
|
/* Intercept setopt calls for --libcurl */
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user