ftp/imap/pop3/smtp: Allow the service name to be overridden

Allow the service name to be overridden for DIGIST-MD5 and Kerberos 5
authentication in FTP, IMAP, POP3 and SMTP.

3 files changed, 21 insertions, 11 deletions

diff --git a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3 b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
index d7ef500e9..964c4f87b 100644
--- a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
+++ b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
@@ -5,7 +5,7 @@
 .\" *                            | (__| |_| |  _ <| |___
 .\" *                             \___|\___/|_| \_\_____|
 .\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
 .\" *
 .\" * This software is licensed as described in the file COPYING, which
 .\" * you should have received as part of this distribution. The terms
@@ -22,15 +22,16 @@
 .\"
 .TH CURLOPT_SERVICE_NAME 3 "17 Jun 2015" "libcurl 7.43.0" "curl_easy_setopt options"
 .SH NAME
-CURLOPT_SERVICE_NAME \- SPNEGO service name
+CURLOPT_SERVICE_NAME \- authentication service name
 .SH SYNOPSIS
 #include <curl/curl.h>
 
 CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SERVICE_NAME, char *name);
 .SH DESCRIPTION
-Pass a char * as parameter to a string holding the \fIname\fP of the
-service. The default service name is "HTTP". This option allows you to
-change it.
+Pass a char * as parameter to a string holding the \fIname\fP of the service
+for DIGEST-MD5, SPNEGO and Kerberos 5 authentication mechanisms. The default
+service names are "ftp", "HTTP", "imap", "pop" and "smtp". This option allows
+you to change them.
 .SH DEFAULT
 See above
 .SH PROTOCOLS
@@ -38,7 +39,7 @@ Most
 .SH EXAMPLE
 TODO
 .SH AVAILABILITY
-Added in 7.43.0
+Added in 7.43.0 for HTTP, 7.49.0 for FTP, IMAP, POP3 and SMTP.
 .SH RETURN VALUE
 Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
 CURLE_OUT_OF_MEMORY if there was insufficient heap space.
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index 13cf4e954..08beda2b9 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -265,6 +265,9 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
   size_t len = 0;
   saslstate state1 = SASL_STOP;
   saslstate state2 = SASL_FINAL;
+  const char* service = data->set.str[STRING_SERVICE_NAME] ?
+                        data->set.str[STRING_SERVICE_NAME] :
+                        sasl->params->service;
 
   sasl->force_ir = force_ir;    /* Latch for future use */
   sasl->authused = 0;           /* No mechanism used yet */
@@ -294,7 +297,7 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
       if(force_ir || data->set.sasl_ir)
         result = Curl_auth_create_gssapi_user_message(data, conn->user,
                                                       conn->passwd,
-                                                      sasl->params->service,
+                                                      service,
                                                       data->easy_conn->
                                                             host.name,
                                                       sasl->mutual_auth,
@@ -410,6 +413,9 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
   size_t chlglen = 0;
 #endif
   size_t len = 0;
+  const char *service = data->set.str[STRING_SERVICE_NAME] ?
+                        data->set.str[STRING_SERVICE_NAME] :
+                        sasl->params->service;
 
   *progress = SASL_INPROGRESS;
 
@@ -461,7 +467,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
     sasl->params->getmessage(data->state.buffer, &serverdata);
     result = Curl_auth_create_digest_md5_message(data, serverdata,
                                                  conn->user, conn->passwd,
-                                                 sasl->params->service,
+                                                 service,
                                                  &resp, &len);
     newstate = SASL_DIGESTMD5_RESP;
     break;
@@ -495,7 +501,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
   case SASL_GSSAPI:
     result = Curl_auth_create_gssapi_user_message(data, conn->user,
                                                   conn->passwd,
-                                                  sasl->params->service,
+                                                  service,
                                                   data->easy_conn->host.name,
                                                   sasl->mutual_auth, NULL,
                                                   &conn->krb5,
diff --git a/lib/krb5.c b/lib/krb5.c
index 65869c99d..992da5456 100644
--- a/lib/krb5.c
+++ b/lib/krb5.c
@@ -152,7 +152,10 @@ krb5_auth(void *app_data, struct connectdata *conn)
   curl_socklen_t l = sizeof(conn->local_addr);
   struct SessionHandle *data = conn->data;
   CURLcode result;
-  const char *service = "ftp", *srv_host = "host";
+  const char *service = data->set.str[STRING_SERVICE_NAME] ?
+                        data->set.str[STRING_SERVICE_NAME] :
+                        "ftp";
+  const char *srv_host = "host";
   gss_buffer_desc input_buffer, output_buffer, _gssresp, *gssresp;
   OM_uint32 maj, min;
   gss_name_t gssname;
@@ -180,9 +183,9 @@ krb5_auth(void *app_data, struct connectdata *conn)
     /* this really shouldn't be repeated here, but can't help it */
     if(service == srv_host) {
       result = Curl_ftpsendf(conn, "AUTH GSSAPI");
-
       if(result)
         return -2;
+
       if(Curl_GetFTPResponse(&nread, conn, NULL))
         return -1;