1
0
mirror of https://github.com/moparisthebest/curl synced 2024-11-17 23:15:08 -05:00
Commit Graph

15237 Commits

Author SHA1 Message Date
Steve Holme
8c0bfd3e0c pop3: Added support for sasl cram-md5 authentication 2012-06-03 19:13:16 +01:00
Daniel Stenberg
24f127027b Curl_sasl_create_plain_message: remove TAB 2012-06-03 19:42:47 +02:00
Steve Holme
2b9ca12edf sasl: Small code tidy up
Added some comments and removed an unreferenced variable.
2012-06-03 18:24:35 +01:00
Steve Holme
3b8cf5bd14 pop3.c: Added conditional compilation for NTLM function calls
Added USE_NTLM condition compilation around the NTLM functions called
from pop3_statemach_act() introduced in commit 69f7156ad9.
2012-06-03 17:40:05 +01:00
Steve Holme
c12a414b21 sasl: Moved cram-md5 authentication message creation from smtp.c
Moved the cram-md5 message creation from smtp.c into the sasl module
to allow for use by other modules such as pop3.
2012-06-03 17:21:49 +01:00
Steve Holme
b5bb61ee69 pop3: Fixed an issue with changes introduced in commit c267c53017
Because pop3_endofresp() is called for each line of data yet is not
passed the line and line length, so we have to use the data pointed to
by pp->linestart_resp which contains the whole packet, the mechanisms
were being detected in one call yet the function would be called for
each line of data.

Using curl with verbose mode enabled would show that one line of data
would be received in response to the AUTH command, before the AUTH
<mechanism> command was sent to the server and then the next few lines
of the original AUTH command would be displayed before the response from
the AUTH <mechanism> command. This would then cause problems when
parsing the CRAM-MD5 challenge data as extra data was contained in the
buffer.

Changed the parsing so that each line is checked for the mechanisms
and the function returns FALSE until the whole of the AUTH response has
been processed.
2012-06-03 17:06:48 +01:00
Daniel Stenberg
69f01ec2d1 version: bump to 7.27.0 for next release
Due to new features
2012-06-03 13:52:25 +02:00
Daniel Stenberg
4cff10af69 RELEASE-NOTES: synced with c4e3578e4b
Also bumped the contributor number and next release is to become 7.27.0
2012-06-03 13:51:54 +02:00
Daniel Stenberg
c4e3578e4b THANKS: 16 new contributors from the 7.26.0 release 2012-06-03 13:43:44 +02:00
Steve Holme
797315044d DOCS: Fixed list in Section 18.2 not displaying correctly on web site 2012-06-03 01:17:21 +01:00
Steve Holme
08c128bd93 DOCS: Corrected missed heading renumbering from commit 530675a1ad 2012-06-03 01:13:36 +01:00
Steve Holme
530675a1ad DOCS: Added IMAP and LDAP sections
Added new sections 11. IMAP and 12. LDAP to document adding SASL based
authentication.

Renumbered current sections 11 to 17 as 13 to 19.

Additionally added 19.10 Add CURLOPT_MAIL_CLIENT option.
2012-06-03 01:00:45 +01:00
Steve Holme
273e9afcc8 sasl.c: Fix to avoid warnings introduced in commit d9ca9e9869
Applied a fix to avoid warnings on systems where Curl_ntlm_sspi_cleanup()
is just a nop.
2012-06-03 00:00:34 +01:00
Steve Holme
9c7016f560 pop3.c:Corrected typo in commit 69ba0da827 2012-06-02 23:12:07 +01:00
Steve Holme
69ba0da827 pop3: Fixed the issue of having to supply the user name for all requests
Previously it wasn't possible to connect to POP3 and not specify the
user name as a CURLE_ACCESS_DENIED error would be returned. This error
occurred because USER would be sent to the server with a blank user name
if no mailbox user was specified as the server would reply with -ERR.

This wasn't a problem prior to the 7.26.0 release but with the
introduction of custom commands the user and/or application developer
might want to issue a CAPA command without having to log in as a
specific mailbox user.

Additionally this fix won't send the newly introduced AUTH command if no
user name is specified.
2012-06-02 22:11:37 +01:00
Steve Holme
1fa2af5136 pop3.c: Small code tidy up
Corrected lines exceeding 78 characters.

Repositioned some comments and added extra clarity.
2012-06-02 21:38:55 +01:00
Steve Holme
cfa81b8fb0 sasl: Corrected variable names in comments and parameters 2012-06-02 14:03:55 +01:00
Steve Holme
69f7156ad9 pop3: Added support for sasl ntlm authentication 2012-06-02 11:55:58 +01:00
Steve Holme
6f964e4f06 sasl: Small comment style tidy up following ntlm commit 2012-06-02 11:09:59 +01:00
Steve Holme
d9ca9e9869 sasl: Moved ntlm authentication message handling from smtp.c
Moved the ntlm message creation and decoding from smtp.c into the sasl
module to allow for use by other modules such as pop3.
2012-06-02 11:07:58 +01:00
Steve Holme
2df6e6d9f8 pop3: Added support for sasl login authentication 2012-06-01 15:59:29 +01:00
Yang Tse
379efd62aa tests 1334 to 1345: several -O -J -i -D combinations with HTTP protocol 2012-06-01 05:48:26 +02:00
Yang Tse
00dd45720e tests: support test definitions with up to 5 file checks in <verify> section
This is done introducing tags <file1> to <file4> besides existing <file> one,
as well as corresponding <stripfile1> to <stripfile4> ones, that can be used
in the <verify> section in the same way as the non-numbered ones.
2012-06-01 05:37:00 +02:00
Steve Holme
54d484e136 sasl: Moved login authentication message creation from smtp.c
Moved the login message creation from smtp.c into the sasl module
to allow for use by other modules such as pop3.
2012-05-31 23:11:54 +01:00
Steve Holme
cb3d0ce2cb smtp.c: Reworked message encoding in smtp_state_authpasswd_resp()
Rather than encoding the password message itself the
smtp_state_authpasswd_resp() function now delegates the work to the same
function that smtp_state_authlogin_resp() and smtp_authenticate() use
when constructing the encoded user name.
2012-05-31 22:58:07 +01:00
Steve Holme
f86432b119 smtp.c: Re-factored smtp_auth_login_user() for use with passwords
In preparation for moving to the SASL module re-factored the
smtp_auth_login_user() function to smtp_auth_login() so that it can be
used for both user names and passwords as sending both of these under
the login authentication mechanism is the same.
2012-05-31 22:49:14 +01:00
Steve Holme
2c6d32b864 pop3: Added support for sasl plain text authentication 2012-05-31 20:45:53 +01:00
Steve Holme
3c14c524c5 curl_ntlm_msgs.c: Corrected small spelling mistake in comments 2012-05-30 20:56:37 +01:00
Steve Holme
8e860c1662 sasl: Moved plain text authentication message creation from smtp.c
Moved the plain text message creation from smtp.c into the sasl module
to allow for use by other modules such as pop3.
2012-05-30 20:52:52 +01:00
Yang Tse
c90acaa77a configure: fix LDAPS disabling related misplaced closing parenthesis 2012-05-30 17:40:13 +02:00
Yang Tse
b420f60a06 pop3 test server: allow pop3 test server verification to succeed again
Introduce SUPPORTCAPA and SUPPORTAUTH config commands to allow further
pop3 test server expansion for tests that require CAPA or AUTH support,
although this will need some extra work to make it fully functional.
2012-05-30 17:39:14 +02:00
Steve Holme
7291c1f565 pop3: Introduced the continue response in pop3_endofresp() 2012-05-28 21:29:01 +01:00
Steve Holme
3fa0fbb816 pop3: Changed response code from O and E to + and -
The POP3 protocol doesn't really have the concept of error codes and
uses +, +OK and -ERR in response to commands to indicate continue,
success and error.

The AUTH command is one of those commands that requires multiple pieces
of data to be sent to the server where the server will respond with + as
part of the handshaking. This meant changing the values before
continuing with the next stage of adding authentication support.
2012-05-28 20:59:10 +01:00
Steve Holme
a9d798c4d5 pop3: Small code tidy up following authentication work so far
Changed the order of the state machine to match the order of actual
events.

Reworked some comments and function parameter positioning that I missed
the other day.
2012-05-28 20:21:52 +01:00
Kamil Dudka
72f4b534c4 nss: use human-readable error messages provided by NSS
Bug: http://lists.baseurl.org/pipermail/yum-devel/2012-January/009002.html
2012-05-28 11:24:24 +02:00
Daniel Stenberg
a03100c357 test1013.pl: filter out Metalink
Since it isn't a feature supported by curl-config we can't compare that
with the --version output
2012-05-27 23:43:23 +02:00
Daniel Stenberg
a7731673d0 pop3: remove variable-not-used warnings 2012-05-27 23:29:15 +02:00
Steve Holme
3124a8df93 DOCS: Corrected the "Added in" version number for CURLOPT_MAIL_AUTH
Additionally corrected another RFC link that I missed yesterday.
2012-05-27 20:04:36 +01:00
Steve Holme
c267c53017 pop3: Added support for SASL based authentication mechanism detection
Added support for detecting the supported SASL authentication mechanisms
via the AUTH command. There are two ways of detecting them, either by
using the AUTH command, that will return -ERR if not supported or by
using the CAPA command which will return SASL and the list of mechanisms
if supported, not include SASL if SASL authentication is not supported
or -ERR if the CAPA command is not supported. As such it seems simpler
to use the AUTH command and fallback to normal clear text authentication
if the the command is not supported.

Additionally updated the test cases to return -ERR when the AUTH command
is encountered. Additional test cases will be added when support for the
individual authentication mechanisms is added.
2012-05-27 19:09:38 +01:00
Daniel Stenberg
dc454bd16b pop3: remove trailing whitespace 2012-05-27 14:08:46 +02:00
Steve Holme
c6495bccbf pop3: Code tidy up before the introduction of authentication code
Moved EOB definition into header file.

Switched the logic around in pop3_endofresp() to allow for the
introduction of auth-mechanism detection.

Repositioned second and third function variables where they will fit
within the 78 character line limit.

Tidied up some comments.
2012-05-27 10:54:13 +01:00
Guenter Knauf
f95f19e854 Enabled OpenSSL static linkage. 2012-05-27 07:26:48 +02:00
Guenter Knauf
ca8b4e9742 Enabled OpenSSL static linkage. 2012-05-27 07:16:45 +02:00
Guenter Knauf
cd4cf989bb Try to detect OpenSSL build type automatically. 2012-05-27 03:28:43 +02:00
Daniel Stenberg
6015b71c4e metalink: fix build errors when disabled 2012-05-26 23:20:23 +02:00
Tatsuhiro Tsujikawa
1bfd750f3f Reduced #ifdef HAVE_METALINK 2012-05-26 23:12:09 +02:00
Tatsuhiro Tsujikawa
7bdb9fba95 Disable hash check if neither OpenSSL nor GNUTLS is installed. 2012-05-26 23:12:02 +02:00
Tatsuhiro Tsujikawa
6927153703 Format GETOUT_METALINK nicely 2012-05-26 23:11:58 +02:00
Tatsuhiro Tsujikawa
6a655ca192 Minimize usage of structs from libmetalink 2012-05-26 23:11:52 +02:00
Tatsuhiro Tsujikawa
9f7f7925da Check checksum of downloaded file if checksum is available
Metalink file contains several hash types of checksums, such as
md5, sha-1, sha-256, etc. To deal with these checksums, I created
abstraction layer based on lib/curl_md5.h and
lib/md5.c. Basically, they are almost the same but I changed the
code so that it is not hash type dependent. Currently,
GNUTLS(nettle or gcrypt) and OpenSSL functions are supported.

Checksum checking is done by reopening download file.  If there
is an I/O error, the current implementation just prints error
message and does not try next resource.

In this patch, the supported hash types are: md5, sha-1 and sha-256.
2012-05-26 23:11:46 +02:00