aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2016-04-08 18:59:33 +0100
committerSteve Holme <steve_holme@hotmail.com>2016-04-08 18:59:33 +0100
commit9d89a038729b6b393784bea54cc90fd635fe2885 (patch)
tree4ddaf00a4ce990f141e813f44eaab11c7cb94e27
parent39d68b47e19c9dc42d578a923cb842f061eac165 (diff)
ftp/imap/pop3/smtp: Allow the service name to be overridden
Allow the service name to be overridden for DIGIST-MD5 and Kerberos 5 authentication in FTP, IMAP, POP3 and SMTP.
-rw-r--r--docs/libcurl/opts/CURLOPT_SERVICE_NAME.313
-rw-r--r--lib/curl_sasl.c12
-rw-r--r--lib/krb5.c7
3 files changed, 21 insertions, 11 deletions
diff --git a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3 b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
index d7ef500e9..964c4f87b 100644
--- a/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
+++ b/docs/libcurl/opts/CURLOPT_SERVICE_NAME.3
@@ -5,7 +5,7 @@
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
+.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
@@ -22,15 +22,16 @@
.\"
.TH CURLOPT_SERVICE_NAME 3 "17 Jun 2015" "libcurl 7.43.0" "curl_easy_setopt options"
.SH NAME
-CURLOPT_SERVICE_NAME \- SPNEGO service name
+CURLOPT_SERVICE_NAME \- authentication service name
.SH SYNOPSIS
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SERVICE_NAME, char *name);
.SH DESCRIPTION
-Pass a char * as parameter to a string holding the \fIname\fP of the
-service. The default service name is "HTTP". This option allows you to
-change it.
+Pass a char * as parameter to a string holding the \fIname\fP of the service
+for DIGEST-MD5, SPNEGO and Kerberos 5 authentication mechanisms. The default
+service names are "ftp", "HTTP", "imap", "pop" and "smtp". This option allows
+you to change them.
.SH DEFAULT
See above
.SH PROTOCOLS
@@ -38,7 +39,7 @@ Most
.SH EXAMPLE
TODO
.SH AVAILABILITY
-Added in 7.43.0
+Added in 7.43.0 for HTTP, 7.49.0 for FTP, IMAP, POP3 and SMTP.
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
CURLE_OUT_OF_MEMORY if there was insufficient heap space.
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index 13cf4e954..08beda2b9 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -265,6 +265,9 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
size_t len = 0;
saslstate state1 = SASL_STOP;
saslstate state2 = SASL_FINAL;
+ const char* service = data->set.str[STRING_SERVICE_NAME] ?
+ data->set.str[STRING_SERVICE_NAME] :
+ sasl->params->service;
sasl->force_ir = force_ir; /* Latch for future use */
sasl->authused = 0; /* No mechanism used yet */
@@ -294,7 +297,7 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
if(force_ir || data->set.sasl_ir)
result = Curl_auth_create_gssapi_user_message(data, conn->user,
conn->passwd,
- sasl->params->service,
+ service,
data->easy_conn->
host.name,
sasl->mutual_auth,
@@ -410,6 +413,9 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
size_t chlglen = 0;
#endif
size_t len = 0;
+ const char *service = data->set.str[STRING_SERVICE_NAME] ?
+ data->set.str[STRING_SERVICE_NAME] :
+ sasl->params->service;
*progress = SASL_INPROGRESS;
@@ -461,7 +467,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
sasl->params->getmessage(data->state.buffer, &serverdata);
result = Curl_auth_create_digest_md5_message(data, serverdata,
conn->user, conn->passwd,
- sasl->params->service,
+ service,
&resp, &len);
newstate = SASL_DIGESTMD5_RESP;
break;
@@ -495,7 +501,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
case SASL_GSSAPI:
result = Curl_auth_create_gssapi_user_message(data, conn->user,
conn->passwd,
- sasl->params->service,
+ service,
data->easy_conn->host.name,
sasl->mutual_auth, NULL,
&conn->krb5,
diff --git a/lib/krb5.c b/lib/krb5.c
index 65869c99d..992da5456 100644
--- a/lib/krb5.c
+++ b/lib/krb5.c
@@ -152,7 +152,10 @@ krb5_auth(void *app_data, struct connectdata *conn)
curl_socklen_t l = sizeof(conn->local_addr);
struct SessionHandle *data = conn->data;
CURLcode result;
- const char *service = "ftp", *srv_host = "host";
+ const char *service = data->set.str[STRING_SERVICE_NAME] ?
+ data->set.str[STRING_SERVICE_NAME] :
+ "ftp";
+ const char *srv_host = "host";
gss_buffer_desc input_buffer, output_buffer, _gssresp, *gssresp;
OM_uint32 maj, min;
gss_name_t gssname;
@@ -180,9 +183,9 @@ krb5_auth(void *app_data, struct connectdata *conn)
/* this really shouldn't be repeated here, but can't help it */
if(service == srv_host) {
result = Curl_ftpsendf(conn, "AUTH GSSAPI");
-
if(result)
return -2;
+
if(Curl_GetFTPResponse(&nread, conn, NULL))
return -1;