1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-14 05:25:06 -05:00
Commit Graph

262 Commits

Author SHA1 Message Date
Steve Holme
b6821dbb91 sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is used
Typically the USE_WINDOWS_SSPI definition would not be used when the
CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build
configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication
data structures and functions would incorrectly be used when they
shouldn't be.

Introduced a new USE_KRB5 definition that takes into account the use of
CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
2014-11-02 00:35:16 +00:00
Daniel Stenberg
ea6c5f03a5 pop3_perform_authentication: fix memory leak
Coverity CID 1215287. There's a potential risk for a memory leak in
here, and moving the free call to be unconditional seems like a cheap
price to remove the risk.
2014-10-02 23:07:06 +02:00
Brandon Casey
6beb0eeea1 Ensure progress.size_dl/progress.size_ul are always >= 0
Historically the default "unknown" value for progress.size_dl and
progress.size_ul has been zero, since these values are initialized
implicitly by the calloc that allocates the curl handle that these
variables are a part of.  Users of curl that install progress
callbacks may expect these values to always be >= 0.

Currently it is possible for progress.size_dl and progress.size_ul
to by set to a value of -1, if Curl_pgrsSetDownloadSize() or
Curl_pgrsSetUploadSize() are passed a "size" of -1 (which a few
places currently do, and a following patch will add more).  So
lets update Curl_pgrsSetDownloadSize() and Curl_pgrsSetUploadSize()
so they make sure that these variables always contain a value that
is >= 0.

Updates test579 and test599.

Signed-off-by: Brandon Casey <drafnel@gmail.com>
2014-09-07 23:23:12 +02:00
Steve Holme
03f368d94c pop3: Added support for GSSAPI (Kerberos V5) authentication via Windows SSPI 2014-08-15 21:39:33 +01:00
Steve Holme
472d1d8e05 email: Introduced the GSSAPI states 2014-08-14 20:20:13 +01:00
Daniel Stenberg
df13f8e8c2 bits.close: introduce connection close tracking
Make all code use connclose() and connkeep() when changing the "close
state" for a connection. These two macros take a string argument with an
explanation, and debug builds of curl will include that in the debug
output. Helps tracking connection re-use/close issues.
2014-05-22 00:34:10 +02:00
Daniel Stenberg
710f14edba handler: make 'protocol' always specified as a single bit
This makes the findprotocol() function work as intended so that libcurl
can properly be restricted to not support HTTP while still supporting
HTTPS - since the HTTPS handler previously set both the HTTP and HTTPS
bits in the protocol field.

This fixes --proto and --proto-redir for most SSL protocols.

This is done by adding a few new convenience defines that groups HTTP
and HTTPS, FTP and FTPS etc that should then be used when the code wants
to check for both protocols at once. PROTO_FAMILY_[protocol] style.

Bug: https://github.com/bagder/curl/pull/97
Reported-by: drizzt
2014-04-23 22:36:01 +02:00
Steve Holme
3a92de5636 sasl: Combined DIGEST-MD5 message decoding and generation 2014-04-05 23:09:04 +01:00
Steve Holme
0c762f1c92 pop3: Fixed auth preference not being honored when CAPA not supported
If a user indicated they preferred to authenticate using APOP or a SASL
mechanism, but neither were supported by the server, curl would always
fall back to clear text when CAPA wasn't supported, even though the
user didn't want to use this.

This also fixes the auto build failure caused by commit 6f2d5f0562.
2013-12-24 22:49:36 +00:00
Steve Holme
6f2d5f0562 pop3: Fixed APOP being determined by CAPA response rather than by timestamp
This commit replaces that of 9f260b5d66 because according to RFC-2449,
section 6, there is no APOP capability "...even though APOP is an
optional command in [POP3].  Clients discover server support of APOP by
the presence in the greeting banner of an initial challenge enclosed in
angle brackets."
2013-12-24 16:34:55 +00:00
Steve Holme
cf2051764c email: Fixed segfault introduced in commit 195b63f99c 2013-12-22 00:16:52 +00:00
Daniel Stenberg
3ce2a3991b code police: fix indent level to silence checksrc complaints 2013-12-22 01:01:19 +01:00
Steve Holme
195b63f99c email: Extended the login options to support multiple auth mechanisms 2013-12-21 23:49:37 +00:00
Steve Holme
ca4506b46a Revert "pop3: Added debug information to assist with test864 failure"
This reverts commit 727d798d68.
2013-12-21 12:50:59 +00:00
Steve Holme
727d798d68 pop3: Added debug information to assist with test864 failure 2013-12-21 11:17:30 +00:00
Steve Holme
812c5ace75 pop3: Fixed APOP timestamp detection from commit 1cfb436a2f 2013-12-20 20:17:59 +00:00
Daniel Stenberg
11e8066ef9 vtls: renamed sslgen.[ch] to vtls.[ch] 2013-12-20 17:12:42 +01:00
Daniel Stenberg
eccf4fb7ee vtls: created subdir, moved sslgen.[ch] there, updated all include lines 2013-12-20 17:12:42 +01:00
Steve Holme
9f260b5d66 pop3: Fixed selection of APOP when server replies with an invalid timestamp
Although highlighted by a bug in commit 1cfb436a2f, APOP
authentication could be chosen if the server was to reply with an empty
or missing timestamp in the server greeting and APOP was given in the
capability list by the server.
2013-12-20 14:51:45 +00:00
Steve Holme
0452976711 pop3: Fixed processing of more than one response when sent in same packet
Added a loop to pop3_statemach_act() in which Curl_pp_readresp() is
called until the cache is drained. Without this multiple responses
received in a single packet could result in a hang or delay.
2013-12-20 07:20:49 +00:00
Steve Holme
94d820b4cb pop3: Moved CAPA response handling to pop3_state_capa_resp()
Similar to the processing of untagged CAPABILITY responses in IMAP and
multi-line EHLO responses in SMTP, moved the processing of multi-line
CAPA responses to pop3_state_capa_resp().
2013-12-19 23:06:42 +00:00
Steve Holme
1cfb436a2f pop3: Moved APOP detection into pop3_state_servergreet_resp()
In an effort to reduce what pop3_endofresp() does and bring the POP3
source back inline with the IMAP and SMTP protocols, moved the APOP
detection into pop3_state_servergreet_resp().
2013-12-19 23:06:33 +00:00
Steve Holme
48043f87b6 imap/pop3/smtp: Added support for SASL authentication downgrades
Added support for downgrading the SASL authentication mechanism when the
decoding of CRAM-MD5, DIGEST-MD5 and NTLM messages fails. This enhances
the previously added support for graceful cancellation by allowing the
client to retry a lesser SASL mechanism such as LOGIN or PLAIN, or even
APOP / clear text (in the case of POP3 and IMAP) when supported by the
server.
2013-12-18 20:45:17 +00:00
Steve Holme
c93bd31336 pop3: Moved the calculation of SASL login details into a separate function 2013-12-18 12:43:57 +00:00
Steve Holme
367648d24a pop3: Moved the sending of the AUTH command into a separate function 2013-12-18 00:11:13 +00:00
Steve Holme
c0245cc591 email: Renamed *_perform_authenticate() functions
In preparation for the upcoming SASL downgrade feature renamed the
imap__perform_authenticate(), pop3__perform_authenticate() and
smtp__perform_authenticate() functions.
2013-12-17 23:08:32 +00:00
Steve Holme
2c0ecac9d3 imap/pop3: Post graceful cancellation consistency changes 2013-12-04 20:19:36 +00:00
Steve Holme
cfdfdcdd9d email: Corrected a couple of typos from commit aa0eaef483 2013-10-30 21:25:15 +00:00
Steve Holme
43400b4086 email: Post graceful SASL authentication cancellation tidy up 2013-10-30 20:58:24 +00:00
Steve Holme
f68559c086 email: Added support for cancelling NTLM authentication 2013-10-27 22:25:18 +00:00
Steve Holme
b87ba2c942 email: Added support for cancelling DIGEST-MD5 authentication 2013-10-27 16:27:38 +00:00
Steve Holme
e7a2ba41e3 email: Corrected a couple of typos from 1e39b95682 2013-10-27 16:24:03 +00:00
Steve Holme
1e39b95682 email: Added support for canceling CRAM-MD5 authentication 2013-10-27 12:42:30 +00:00
Steve Holme
7de4cc35f8 email: Added initial support for cancelling authentication
Should a client application fail to decode an authentication message
received from a server, or not support any of the parameters given by
the server in the message, then the authentication phrase should be
cancelled gracefully by the client rather than simply terminating the
connection.

The authentication phrase should be cancelled by simply sending a '*'
to the server, in response to erroneous data being received, as per
RFC-3501, RFC-4954 and RFC-5034.

This patch adds the necessary state machine constants and appropriate
response handlers in order to add this functionality for the CRAM-MD5,
DIGEST-MD5 and NTLM authentication mechanisms.
2013-10-27 09:17:03 +00:00
Steve Holme
aa0eaef483 email: Moved authentication message parsing into a separate function
...in preparation for upcoming modifications.
2013-10-27 09:04:59 +00:00
Steve Holme
0adad07690 email: Added references to SASL LOGIN authentication draft proposal 2013-10-26 14:35:27 +01:00
Steve Holme
ce61510127 email: Fixed QUIT / LOGOUT being sent when SSL connect fails 2013-10-18 19:28:20 +01:00
Steve Holme
733a4419d0 sasl: Centralised the authentication mechanism strings
Moved the standard SASL mechanism strings into curl_sasl.h rather than
hard coding the same values over and over again in the protocols that
use SASL authentication.

For more information about the mechanism strings see:

http://www.iana.org/assignments/sasl-mechanisms
2013-09-24 20:12:50 +01:00
Steve Holme
18db743851 pop3: Added basic SASL XOAUTH2 support
Added the ability to use an XOAUTH2 bearer token [RFC6750] with POP3 for
authentication using RFC6749 "OAuth 2.0 Authorization Framework".

The bearer token is expected to be valid for the user specified in
conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has
an advertised auth mechanism of "XOAUTH2", the user and access token are
formatted as a base64 encoded string and sent to the server as
"AUTH XOAUTH2 <bearer token>".
2013-09-20 21:56:30 +01:00
Jiri Hruska
5c14a7f068 imap/pop3/smtp: Speed up SSL connection initialization
Don't wait for the next callback call (usually 1 second) before
continuing with protocol specific connection initialization.
2013-09-10 19:47:54 +01:00
Daniel Stenberg
e79535bc5e SessionHandle: the protocol specific pointer is now a void *
All protocol handler structs are now opaque (void *) in the
SessionHandle struct and moved in the request-specific sub-struct
'SingleRequest'. The intension is to keep the protocol specific
knowledge in their own dedicated source files [protocol].c etc.

There's some "leakage" where this policy is violated, to be addressed at
a later point in time.
2013-08-12 13:17:57 +02:00
Daniel Stenberg
4ad8e142da urldata: clean up the use of the protocol specific structs
1 - always allocate the struct in protocol->setup_connection. Some
protocol handlers had to get this function added.

2 - always free at the end of a request. This is also an attempt to keep
less memory in the handle after it is completed.
2013-08-12 13:17:57 +02:00
Daniel Stenberg
2af0b10c95 comments: remove old and wrong multi/easy interface statements 2013-08-09 23:39:09 +02:00
Yang Tse
ca89a0a092 string formatting: fix zero-length printf format string 2013-07-24 17:05:02 +02:00
Yang Tse
de052ca6fc string formatting: fix 25+ printf-style format strings 2013-07-24 01:21:26 +02:00
Steve Holme
9ea5145952 email: Tidy up of *_perform_authenticate()
Removed the hard returns from imap and pop3 by using the same style for
sending the authentication string as smtp. Moved the "Other mechanisms
not supported" check in smtp to match that of imap and pop3 to provide
consistency between the three email protocols.
2013-04-28 12:57:42 +01:00
Steve Holme
18bfc8f2d7 pop3: Added 255 octet limit check when sending initial response
Added 255 octet limit check as per Section 4. Paragraph 8 of RFC-5034.
2013-04-28 12:26:11 +01:00
Steve Holme
7cb6c31370 pop3: Added support for enabling the SASL initial response
Allowed the user to specify whether to send the client's intial response
in the AUTH command via CURLOPT_SASL_IR.
2013-04-27 12:07:39 +01:00
Steve Holme
552ba67bb1 pop3: Added missing comment for pop3_state_apop_resp() 2013-04-15 20:27:49 +01:00
Steve Holme
26bdafcbf9 pop3: Updated the coding style of pop3_state_servergreet_resp()
Updated the coding style, in this function, to be consistent with other
response functions rather then performing a hard return on failure.
2013-04-15 20:27:45 +01:00
Steve Holme
02dc9e788f pop3: Re-factored all perform based functions
Standardised the naming of all perform based functions to be in the form
pop3_perform_something() following the changes made to IMAP.
2013-04-14 10:06:10 +01:00
Steve Holme
e11c6e9961 pop3: Added description comments to all perform based functions 2013-04-14 10:06:08 +01:00
Steve Holme
e4eaa92728 pop3: Moved pop3_quit() to be with the other perform functions 2013-04-14 10:06:07 +01:00
Steve Holme
577f8e5ac6 pop3: Moved pop3_command() to be with the other perform functions
Started to apply the same tidy up to the POP3 code as applied to the
IMAP code in the 7.30.0 release.
2013-04-14 10:06:05 +01:00
Steve Holme
b3a01be2f3 pop3: Added support for ;auth=<mech> in the URL
Added support for specifying the preferred authentication type and SASL
mechanism in the URL as per RFC-2384.
2013-04-13 16:16:21 +01:00
Steve Holme
c01735865f pop3: Reworked the function description for Curl_pop3_write() 2013-04-12 20:22:14 +01:00
Steve Holme
ca46c5dbe2 pop3: Added function description to pop3_parse_custom_request() 2013-04-12 20:22:12 +01:00
Steve Holme
2da127abb5 pop3: Moved utility functions to end of pop3.c 2013-04-12 20:22:10 +01:00
Steve Holme
ac890cd5f2 pop3: Removed unnecessary transfer cancellation
Following commit e450f66a02 and the changes in the multi interface
being used internally, from 7.29.0, the transfer cancellation in
pop3_dophase_done() is no longer required.
2013-03-13 20:19:43 +00:00
Steve Holme
e450f66a02 pop3: Fixed continuous wait when using --ftp-list
Don't initiate a transfer when using --ftp-list.
2013-03-12 14:10:25 +00:00
Steve Holme
059647f398 email: Removed hard returns from init functions 2013-03-09 22:25:40 +00:00
Steve Holme
b482417ac4 email: Updated the function descriptions for the logout / quit functions
Updated the function description comments following commit 4838d196fd.
2013-03-09 12:10:01 +00:00
Steve Holme
4838d196fd email: Simplified the logout / quit functions
Moved the blocking state machine to the disconnect functions so that the
logout / quit functions are only responsible for sending the actual
command needed to logout or quit.

Additionally removed the hard return on failure.
2013-03-09 11:55:48 +00:00
Steve Holme
f691f9609c email: Tidied up the *_regular_transfer() functions
Added comments and simplified convoluted dophase_done comparison.
2013-03-08 23:25:04 +00:00
Steve Holme
e5bb4e86ac email: Simplified nesting of if statements in *_doing() functions 2013-03-08 23:02:20 +00:00
Steve Holme
cc890906b1 email: Minor code tidy up following recent changes
Removed unwanted braces and added variable initialisation.
2013-03-07 22:44:10 +00:00
Steve Holme
67b6fa5f95 email: Optimised block_statemach() functions
Optimised the result test in each of the block_statemach() functions.
2013-03-07 18:21:58 +00:00
Steve Holme
757aa7b09d pop3: Updated the coding style for state changes after a send operation
Some state changes would be performed after a failure test that
performed a hard return, whilst others would be performed within a test
for success. Updated the code, for consistency, so all instances are
performed within a success test.
2013-03-03 13:36:12 +00:00
Steve Holme
711065e4df pop3: Fixed unnecessary parent structure reference
Updated pop3 code following recent imap changes.
2013-03-03 11:10:24 +00:00
Steve Holme
b4eb08e7fb pop3 / smtp: Small comment tidy up
Small tidy up to keep some comments consistant across each of the email
protocols.
2013-02-28 22:27:10 +00:00
Steve Holme
d9235e74ed pop3: Small tidy up of function arguments 2013-02-28 21:22:49 +00:00
Steve Holme
4cef525992 pop3: Corrected debug message for POP3_AUTH_FINAL constant
Following commit afad1ce753 corrected the debug message in state()
from AUTH to AUTH_FINAL.
2013-02-28 21:10:11 +00:00
Steve Holme
afad1ce753 pop3: Re-factored the final POP3_AUTH constant
Changed the final POP3_AUTH constant to POP3_AUTH_FINAL for consistency
with the response function.
2013-02-27 21:20:11 +00:00
Steve Holme
764b818934 email: Small tidy up following recent changes 2013-02-25 23:00:08 +00:00
Steve Holme
a390454728 pop3: Removed bytecountp from the per-request structure
Removed this pointer to a downloaded bytes counter because it was set in
pop3_init() to point to the same variable the transfer functions keep
the count in (k->bytecount), effectively making the code in transfer.c
"*k->bytecountp = k->bytecount" a no-op.
2013-02-25 22:43:45 +00:00
Steve Holme
e0cbfe825d pop3: Refactored the mailbox variable as it didn't reflect it's purpose
Updated the mailbox variable to correctly reflect it's purpose. The
name mailbox was a leftover from when IMAP and POP3 support was
initially added to curl.
2013-02-23 21:43:59 +00:00
Steve Holme
7f6c7331b2 email: Additional tidy up of comments following recent changes 2013-02-23 20:02:05 +00:00
Daniel Stenberg
539ed6f02a pop3: fix compiler warning
error: declaration of 'pop3' shadows a previous local
2013-02-23 19:44:00 +01:00
Steve Holme
0ee79114ef pop3: Removed some FTP heritage leftovers
Removed user and passwd from the POP3 struct as these cannot be set on
a per-request basis and are leftover from legacy FTP code.

Changed some comments still using FTP terminology.
2013-02-23 16:27:17 +00:00
Steve Holme
29a4a16db8 pop3: Moved the per-request variables to the per-request data structure
Moved the mailbox and custom request variables from the per-connection
struct pop3_conn to the new per-request struct and fixed references
accordingly.
2013-02-23 16:15:38 +00:00
Steve Holme
e2201dc849 pop3: Introduced a custom POP3 structure for per-request data
Created a new POP3 structure and changed the type of the pop3 proto
variable in connectdata from FTP* to POP*.
2013-02-23 16:06:54 +00:00
Steve Holme
d415327bd7 email: Minor tidy up following IMAP changes 2013-02-23 11:34:52 +00:00
Steve Holme
3906353b41 pop3: Updated do phrase clean-up comment
Following commit 65644b8335 for the IMAP module updated the clean-up
comment in POP3.
2013-02-22 23:31:13 +00:00
Steve Holme
e52fc1e297 email: Tidied up result code variables
Tidied up result variables to be consistent in name, declaration order
and default values.
2013-02-16 23:37:50 +00:00
Steve Holme
39b79c6b75 email: Removed unnecessary forward declaration
Due to the reordering of functions in commit 586f5d3614 the forward
declaration to state_upgrade_tls() are no longer required.
2013-02-16 10:28:32 +00:00
Steve Holme
b0e0f44934 pop3.c: Added reference to RFC-5034 2013-02-16 10:18:01 +00:00
Steve Holme
2dbeaf7dad pop3: Removed unnecessary state changes on failure 2013-02-15 18:33:28 +00:00
Daniel Stenberg
c25383ae13 rename "easy" statemachines: call them block instead
... since they're not used by the easy interface really, I wanted to
remove the association. Also, I unified the pingpong statemachine driver
into a single function with a 'wait' argument: Curl_pp_statemach.
2013-02-15 11:10:18 +01:00
Steve Holme
92a537a2bb pop3: Fixed blocking SSL connect when connecting via POP3S
A call to Curl_ssl_connect() was accidentally left in when the SSL/TLS
connection layer was reworked in 7.29. Not only would this cause the
connection to block but had the additional overhead of calling the
non-blocking connect a little bit later.
2013-02-14 18:20:52 +00:00
Steve Holme
d09d08dc1f email: Tidy up before additional IMAP work
Replaced two explicit comparisons of CURLE_OK with boolean alternatives.

General tidy up of comments.
2013-02-13 20:12:21 +00:00
Steve Holme
508cdf4da4 email: Another post optimisation of endofresp() tidy up 2013-02-12 23:00:34 +00:00
Steve Holme
52281a10aa email: Post optimisation of endofresp() tidy up
Removed unnecessary end of line check and return.
2013-02-12 21:01:50 +00:00
Steve Holme
b56c9eb48e pingpong: Optimised the endofresp() function
Reworked the pp->endofresp() function so that the conndata, line and
line length are passed down to it just as with Curl_client_write()
rather than each implementation of the function having to query
these values.

Additionally changed the int return type to bool as this is more
representative of the function's usage.
2013-02-12 18:08:48 +00:00
Steve Holme
586f5d3614 email: Post STARTLS capability code tidy up (Part Three)
Corrected the order of the upgrade_tls() functions and moved the handler
upgrade and getsock() functions out from the middle of the state related
functions.
2013-02-11 23:13:50 +00:00
Steve Holme
de492b31c5 email: Post STARTLS capability code tidy up (Part Two)
Corrected the order of the pop3_state_capa() / imap_state_capability()
and the pop3_state_capa_resp() / imap_state_capability_resp() functions
to match the execution order.
2013-02-11 22:41:08 +00:00
Steve Holme
85a2e9ec82 email: Post STARTLS capability code tidy up (Part One)
Corrected the order of the CAPA / CAPABILITY state machine constants to
match the execution order.
2013-02-10 21:18:30 +00:00
Steve Holme
e0f4af4032 pop3: Added support for the STLS capability (Part Three)
Added honoring of the tls_supported flag when starting a TLS upgrade
rather than unconditionally attempting it. If the use_ssl flag is set
to CURLUSESSL_TRY and the server doesn't support TLS upgrades then the
connection will continue to authenticate. If this flag is set to
CURLUSESSL_ALL then the connection will complete with a failure as it
did previously.
2013-02-10 19:56:54 +00:00
Steve Holme
2e0a295e3b pop3: Added support for the STLS capability (Part Two)
Added sending of initial CAPA command before STLS is sent. This allows
for the detection of the capability before trying to upgrade the
connection.
2013-02-10 15:45:01 +00:00
Steve Holme
2f66ca11c1 pop3: Added support for the STLS capability (Part One)
Introduced detection of the STLS capability, in order to add support
for TLS upgrades without unconditionally sending the STLS command.
2013-02-10 12:16:27 +00:00
Steve Holme
fd52530b50 pop3: Fixed SASL authentication capability detection
Fixed the SASL capability detection to include the space character
before the authentication mechanism list. Otherwise a capability such
as SASLSOMETHING would be interpreted as enabling SASL and potentially
trying to identify SOMETHING as a mechanism.
2013-02-09 17:17:02 +00:00