luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ftp/imap/pop3/smtp: Allow the service name to be overridden

Browse Source 
Allow the service name to be overridden for DIGIST-MD5 and Kerberos 5
authentication in FTP, IMAP, POP3 and SMTP.
This commit is contained in:
Steve Holme 2016-04-08 18:59:33 +01:00
parent 39d68b47e1
commit 9d89a03872
3 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
View File

@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___ .\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____| .\" * \___|\___/|_| \_\_____|
.\" * .\" *
.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al. .\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" * .\" *
.\" * This software is licensed as described in the file COPYING, which .\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms .\" * you should have received as part of this distribution. The terms
@ -22,15 +22,16 @@
.\" .\"
.TH CURLOPT_SERVICE_NAME 3 "17 Jun 2015" "libcurl 7.43.0" "curl_easy_setopt options" .TH CURLOPT_SERVICE_NAME 3 "17 Jun 2015" "libcurl 7.43.0" "curl_easy_setopt options"
.SH NAME .SH NAME
CURLOPT_SERVICE_NAME \- SPNEGO service name CURLOPT_SERVICE_NAME \- authentication service name
.SH SYNOPSIS .SH SYNOPSIS
#include <curl/curl.h> #include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SERVICE_NAME, char *name); CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SERVICE_NAME, char *name);
.SH DESCRIPTION .SH DESCRIPTION
Pass a char * as parameter to a string holding the \fIname\fP of the Pass a char * as parameter to a string holding the \fIname\fP of the service
service. The default service name is "HTTP". This option allows you to for DIGEST-MD5, SPNEGO and Kerberos 5 authentication mechanisms. The default
change it. service names are "ftp", "HTTP", "imap", "pop" and "smtp". This option allows
you to change them.
.SH DEFAULT .SH DEFAULT
See above See above
.SH PROTOCOLS .SH PROTOCOLS
@ -38,7 +39,7 @@ Most
.SH EXAMPLE .SH EXAMPLE
TODO TODO
.SH AVAILABILITY .SH AVAILABILITY
Added in 7.43.0 Added in 7.43.0 for HTTP, 7.49.0 for FTP, IMAP, POP3 and SMTP.
.SH RETURN VALUE .SH RETURN VALUE
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
CURLE_OUT_OF_MEMORY if there was insufficient heap space. CURLE_OUT_OF_MEMORY if there was insufficient heap space.

12
lib/curl_sasl.c
View File

@ -265,6 +265,9 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
size_t len = 0; size_t len = 0;
saslstate state1 = SASL_STOP; saslstate state1 = SASL_STOP;
saslstate state2 = SASL_FINAL; saslstate state2 = SASL_FINAL;
const char* service = data->set.str[STRING_SERVICE_NAME] ?
data->set.str[STRING_SERVICE_NAME] :
sasl->params->service;
sasl->force_ir = force_ir; /* Latch for future use */ sasl->force_ir = force_ir; /* Latch for future use */
sasl->authused = 0; /* No mechanism used yet */ sasl->authused = 0; /* No mechanism used yet */
@ -294,7 +297,7 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
if(force_ir || data->set.sasl_ir) if(force_ir || data->set.sasl_ir)
result = Curl_auth_create_gssapi_user_message(data, conn->user, result = Curl_auth_create_gssapi_user_message(data, conn->user,
conn->passwd, conn->passwd,
sasl->params->service, service,
data->easy_conn-> data->easy_conn->
host.name, host.name,
sasl->mutual_auth, sasl->mutual_auth,
@ -410,6 +413,9 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
size_t chlglen = 0; size_t chlglen = 0;
#endif #endif
size_t len = 0; size_t len = 0;
const char *service = data->set.str[STRING_SERVICE_NAME] ?
data->set.str[STRING_SERVICE_NAME] :
sasl->params->service;
*progress = SASL_INPROGRESS; *progress = SASL_INPROGRESS;
@ -461,7 +467,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
sasl->params->getmessage(data->state.buffer, &serverdata); sasl->params->getmessage(data->state.buffer, &serverdata);
result = Curl_auth_create_digest_md5_message(data, serverdata, result = Curl_auth_create_digest_md5_message(data, serverdata,
conn->user, conn->passwd, conn->user, conn->passwd,
sasl->params->service, service,
&resp, &len); &resp, &len);
newstate = SASL_DIGESTMD5_RESP; newstate = SASL_DIGESTMD5_RESP;
break; break;
@ -495,7 +501,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
case SASL_GSSAPI: case SASL_GSSAPI:
result = Curl_auth_create_gssapi_user_message(data, conn->user, result = Curl_auth_create_gssapi_user_message(data, conn->user,
conn->passwd, conn->passwd,
sasl->params->service, service,
data->easy_conn->host.name, data->easy_conn->host.name,
sasl->mutual_auth, NULL, sasl->mutual_auth, NULL,
&conn->krb5, &conn->krb5,

7
lib/krb5.c
View File

@ -152,7 +152,10 @@ krb5_auth(void *app_data, struct connectdata *conn)
curl_socklen_t l = sizeof(conn->local_addr); curl_socklen_t l = sizeof(conn->local_addr);
struct SessionHandle *data = conn->data; struct SessionHandle *data = conn->data;
CURLcode result; CURLcode result;
const char *service = "ftp", *srv_host = "host"; const char *service = data->set.str[STRING_SERVICE_NAME] ?
data->set.str[STRING_SERVICE_NAME] :
"ftp";
const char *srv_host = "host";
gss_buffer_desc input_buffer, output_buffer, _gssresp, *gssresp; gss_buffer_desc input_buffer, output_buffer, _gssresp, *gssresp;
OM_uint32 maj, min; OM_uint32 maj, min;
gss_name_t gssname; gss_name_t gssname;
@ -180,9 +183,9 @@ krb5_auth(void *app_data, struct connectdata *conn)
/* this really shouldn't be repeated here, but can't help it */ /* this really shouldn't be repeated here, but can't help it */
if(service == srv_host) { if(service == srv_host) {
result = Curl_ftpsendf(conn, "AUTH GSSAPI"); result = Curl_ftpsendf(conn, "AUTH GSSAPI");
if(result) if(result)
return -2; return -2;
if(Curl_GetFTPResponse(&nread, conn, NULL)) if(Curl_GetFTPResponse(&nread, conn, NULL))
return -1; return -1;