curl --socks5-{basic,gssapi}: control socks5 auth

Closes https://github.com/curl/curl/pull/1454

docs/cmdline-opts/Makefile.inc

@@ -33,6 +33,7 @@ DPAGES = abstract-unix-socket.d anyauth.d append.d basic.d cacert.d capath.d cer
   remote-name-all.d remote-name.d remote-time.d request.d resolve.d     \
   retry-connrefused.d retry.d retry-delay.d retry-max-time.d sasl-ir.d  \
   service-name.d show-error.d silent.d socks4a.d socks4.d socks5.d      \
+  socks5-basic.d socks5-gssapi.d                                        \
   socks5-gssapi-nec.d socks5-gssapi-service.d socks5-hostname.d         \
   speed-limit.d speed-time.d ssl-allow-beast.d ssl.d ssl-no-revoke.d    \
   ssl-reqd.d sslv2.d sslv3.d stderr.d suppress-connect-headers.d        \

docs/cmdline-opts/socks5-basic.d

@@ -0,0 +1,7 @@
+Long: socks5-basic
+Help: Enable username/password auth for SOCKS5 proxies
+Added: 7.55.0
+---
+Tells curl to use username/password authentication when connecting to a SOCKS5
+proxy.  The username/password authentication is enabled by default.  Use
+--socks5-gssapi to force GSS-API authentication to SOCKS5 proxies.

docs/cmdline-opts/socks5-gssapi.d

@@ -0,0 +1,8 @@
+Long: socks5-gssapi
+Help: Enable GSS-API auth for SOCKS5 proxies
+Added: 7.55.0
+---
+Tells curl to use GSS-API authentication when connecting to a SOCKS5 proxy.
+The GSS-API authentication is enabled by default (if curl is compiled with
+GSS-API support).  Use --socks5-basic to force username/password authentication
+to SOCKS5 proxies.

src/tool_cfgable.h

@@ -189,6 +189,7 @@ struct OperationConfig {
   char *preproxy;
   int socks5_gssapi_nec;    /* The NEC reference server does not protect the
                                encryption type exchange */
+  unsigned long socks5_auth;/* auth bitmask for socks5 proxies */
   char *proxy_service_name; /* set authentication service name for HTTP and
                                SOCKS5 proxies */
   char *service_name;       /* set authentication service name for DIGEST-MD5,

src/tool_getparam.c

@@ -251,6 +251,8 @@ static const struct LongShort aliases[]= {
   {"E7", "proxy-capath",             ARG_STRING},
   {"E8", "proxy-insecure",           ARG_BOOL},
   {"E9", "proxy-tlsv1",              ARG_NONE},
+  {"EA", "socks5-basic",             ARG_BOOL},
+  {"EB", "socks5-gssapi",            ARG_BOOL},
   {"f",  "fail",                     ARG_BOOL},
   {"fa", "fail-early",               ARG_BOOL},
   {"F",  "form",                     ARG_STRING},
@@ -1560,6 +1562,22 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
         config->proxy_ssl_version = CURL_SSLVERSION_TLSv1;
         break;
 
+      case 'A':
+        /* --socks5-basic */
+        if(toggle)
+          config->socks5_auth |= CURLAUTH_BASIC;
+        else
+          config->socks5_auth &= ~CURLAUTH_BASIC;
+        break;
+
+      case 'B':
+        /* --socks5-gssapi */
+        if(toggle)
+          config->socks5_auth |= CURLAUTH_GSSAPI;
+        else
+          config->socks5_auth &= ~CURLAUTH_GSSAPI;
+        break;
+
       default: /* unknown flag */
         return PARAM_OPTION_UNKNOWN;
       }

src/tool_help.c

@@ -378,6 +378,10 @@ static const struct helptxt helptext[] = {
    "SOCKS4a proxy on given host + port"},
   {"    --socks5 <host[:port]>",
    "SOCKS5 proxy on given host + port"},
+  {"    --socks5-basic",
+   "Enable username/password auth for SOCKS5 proxies"},
+  {"    --socks5-gssapi",
+   "Enable GSS-API auth for SOCKS5 proxies"},
   {"    --socks5-gssapi-nec",
    "Compatibility with NEC SOCKS5 server"},
   {"    --socks5-gssapi-service <name>",

src/tool_operate.c

@@ -1343,6 +1343,11 @@ static CURLcode operate_do(struct GlobalConfig *global,
           my_setopt_str(curl, CURLOPT_SOCKS5_GSSAPI_NEC,
                         config->socks5_gssapi_nec);
 
+        /* new in curl 7.55.0 */
+        if(config->socks5_auth)
+          my_setopt_bitmask(curl, CURLOPT_SOCKS5_AUTH,
+                            (long)config->socks5_auth);
+
         /* new in curl 7.43.0 */
         if(config->proxy_service_name)
           my_setopt_str(curl, CURLOPT_PROXY_SERVICE_NAME,

src/tool_setopt.c

@@ -170,6 +170,7 @@ static const NameValue setopt_nv_CURLNONZERODEFAULTS[] = {
   NV1(CURLOPT_TCP_NODELAY, 1),
   NV1(CURLOPT_PROXY_SSL_VERIFYPEER, 1),
   NV1(CURLOPT_PROXY_SSL_VERIFYHOST, 1),
+  NV1(CURLOPT_SOCKS5_AUTH, 1),
   NVEND
 };
 

src/tool_setopt.h

@@ -72,6 +72,7 @@ extern const NameValueUnsigned setopt_nv_CURLAUTH[];
 #define setopt_nv_CURLOPT_REDIR_PROTOCOLS setopt_nv_CURLPROTO
 #define setopt_nv_CURLOPT_PROXYTYPE setopt_nv_CURLPROXY
 #define setopt_nv_CURLOPT_PROXYAUTH setopt_nv_CURLAUTH
+#define setopt_nv_CURLOPT_SOCKS5_AUTH setopt_nv_CURLAUTH
 
 /* Intercept setopt calls for --libcurl */