aboutsummaryrefslogtreecommitdiff
path: root/lib/imap.c
AgeCommit message (Collapse)Author
2015-01-20SASL: common URL option and auth capabilities decoders for all protocolsPatrick Monnerat
2015-01-20IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.Patrick Monnerat
2015-01-07ldap/imap: Fixed spelling mistake in comments and variable namesSteve Holme
Reported-by: Michael Osipov
2014-12-16IPV6: address scope != scope idPatrick Monnerat
There was a confusion between these: this commit tries to disambiguate them. - Scope can be computed from the address itself. - Scope id is scope dependent: it is currently defined as 1-based local interface index for link-local scoped addresses, and as a site index(?) for (obsolete) site-local addresses. Linux only supports it for link-local addresses. The URL parser properly parses a scope id as an interface index, but stores it in a field named "scope": confusion. The field has been renamed into "scope_id". Curl_if2ip() used the scope id as it was a scope. This caused failures to bind to an interface. Scope is now computed from the addresses and Curl_if2ip() matches them. If redundantly specified in the URL, scope id is check for mismatch with the interface index. This commit should fix SF bug #1451.
2014-11-16kerberos: Use symbol qualified with _KERBEROS5Michael Osipov
For consistency renamed USE_KRB5 to USE_KERBEROS5.
2014-11-02sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is usedSteve Holme
Typically the USE_WINDOWS_SSPI definition would not be used when the CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication data structures and functions would incorrectly be used when they shouldn't be. Introduced a new USE_KRB5 definition that takes into account the use of CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
2014-10-02imap_perform_authentication: fix memory leakDaniel Stenberg
Coverity CID 1215296. There's a potential risk for a memory leak in here, and moving the free call to be unconditional seems like a cheap price to remove the risk.
2014-09-07Ensure progress.size_dl/progress.size_ul are always >= 0Brandon Casey
Historically the default "unknown" value for progress.size_dl and progress.size_ul has been zero, since these values are initialized implicitly by the calloc that allocates the curl handle that these variables are a part of. Users of curl that install progress callbacks may expect these values to always be >= 0. Currently it is possible for progress.size_dl and progress.size_ul to by set to a value of -1, if Curl_pgrsSetDownloadSize() or Curl_pgrsSetUploadSize() are passed a "size" of -1 (which a few places currently do, and a following patch will add more). So lets update Curl_pgrsSetDownloadSize() and Curl_pgrsSetUploadSize() so they make sure that these variables always contain a value that is >= 0. Updates test579 and test599. Signed-off-by: Brandon Casey <drafnel@gmail.com>
2014-08-15imap: Added support for GSSAPI (Kerberos V5) authentication via Windows SSPISteve Holme
2014-08-14email: Introduced the GSSAPI statesSteve Holme
2014-05-22bits.close: introduce connection close trackingDaniel Stenberg
Make all code use connclose() and connkeep() when changing the "close state" for a connection. These two macros take a string argument with an explanation, and debug builds of curl will include that in the debug output. Helps tracking connection re-use/close issues.
2014-04-26INFILESIZE: fields in UserDefined must not be changed run-timeDaniel Stenberg
set.infilesize in this case was modified in several places, which could lead to repeated requests using the same handle to get unintendent/wrong consequences based on what the previous request did!
2014-04-23handler: make 'protocol' always specified as a single bitDaniel Stenberg
This makes the findprotocol() function work as intended so that libcurl can properly be restricted to not support HTTP while still supporting HTTPS - since the HTTPS handler previously set both the HTTP and HTTPS bits in the protocol field. This fixes --proto and --proto-redir for most SSL protocols. This is done by adding a few new convenience defines that groups HTTP and HTTPS, FTP and FTPS etc that should then be used when the code wants to check for both protocols at once. PROTO_FAMILY_[protocol] style. Bug: https://github.com/bagder/curl/pull/97 Reported-by: drizzt
2014-04-18imap: Extended FETCH support to include PARTIAL URL specifierSteve Holme
2014-04-18imap: Expanded mailbox SEARCH support to use URL query stringsSteve Holme
2014-04-18imap: Added support for parsing URL query stringsSteve Holme
Added support for parsing query strings from the URL as defined by RFC-5092.
2014-04-18imap: Introduced the SEARCH stateSteve Holme
2014-04-18imap: Fixed untagged response detection when no data after commandSteve Holme
Should a command return untagged responses that contained no data then the imap_matchresp() function would not detect them as valid responses, as it wasn't taking the CRLF characters into account at the end of each line.
2014-04-05sasl: Combined DIGEST-MD5 message decoding and generationSteve Holme
2013-12-31imap: Fixed line length warningSteve Holme
2013-12-31mprintf: Replaced internal usage of FORMAT_OFF_T and FORMAT_OFF_TUSteve Holme
Following commit 0aafd77fa4c6f2, replaced the internal usage of FORMAT_OFF_T and FORMAT_OFF_TU with the external versions that we expect API programmers to use. This negates the need for separate definitions which were subtly different under different platforms/compilers.
2013-12-24imap: Fixed auth preference not being honored when CAPABILITY not supportedSteve Holme
If a user indicated they preferred to authenticate using a SASL mechanism, but SASL authentication wasn't supported by the server, curl would always fall back to clear text when CAPABILITY wasn't supported, even though the user didn't want to use this.
2013-12-22email: Fixed segfault introduced in commit 195b63f99c2fe3Steve Holme
2013-12-22code police: fix indent level to silence checksrc complaintsDaniel Stenberg
2013-12-21email: Extended the login options to support multiple auth mechanismsSteve Holme
2013-12-20vtls: renamed sslgen.[ch] to vtls.[ch]Daniel Stenberg
2013-12-20vtls: created subdir, moved sslgen.[ch] there, updated all include linesDaniel Stenberg
2013-12-18imap/pop3/smtp: Added support for SASL authentication downgradesSteve Holme
Added support for downgrading the SASL authentication mechanism when the decoding of CRAM-MD5, DIGEST-MD5 and NTLM messages fails. This enhances the previously added support for graceful cancellation by allowing the client to retry a lesser SASL mechanism such as LOGIN or PLAIN, or even APOP / clear text (in the case of POP3 and IMAP) when supported by the server.
2013-12-18imap: Moved the calculation of SASL login details into a separate functionSteve Holme
2013-12-18imap: Moved the sending of the AUTHENICATE command into a separate functionSteve Holme
2013-12-17email: Renamed *_perform_authenticate() functionsSteve Holme
In preparation for the upcoming SASL downgrade feature renamed the imap__perform_authenticate(), pop3__perform_authenticate() and smtp__perform_authenticate() functions.
2013-12-14imap: Fixed exclude of clear text when using auth=* in commit 75cd7fd66762bbSteve Holme
It is not 100% clear whether * should include clear text LOGIN or not from RFC-5092, however, including it is then consistent with current POP3 behaviour where clear text, APOP or SASL may be chosen.
2013-12-13imap: Fixed incorrect fallback to clear text authenticationSteve Holme
If a specific SASL authentication mechanism was requested by the user as part of the login options but wasn't supported by the server then curl would fallback to clear text, when it shouldn't, rather than reporting "No known authentication mechanisms supported" as the POP3 and SMTP protocols do.
2013-12-04imap/pop3: Post graceful cancellation consistency changesSteve Holme
2013-10-30email: Post graceful SASL authentication cancellation tidy upSteve Holme
2013-10-27email: Added support for cancelling NTLM authenticationSteve Holme
2013-10-27email: Added support for cancelling DIGEST-MD5 authenticationSteve Holme
2013-10-27email: Added support for canceling CRAM-MD5 authenticationSteve Holme
2013-10-27email: Added initial support for cancelling authenticationSteve Holme
Should a client application fail to decode an authentication message received from a server, or not support any of the parameters given by the server in the message, then the authentication phrase should be cancelled gracefully by the client rather than simply terminating the connection. The authentication phrase should be cancelled by simply sending a '*' to the server, in response to erroneous data being received, as per RFC-3501, RFC-4954 and RFC-5034. This patch adds the necessary state machine constants and appropriate response handlers in order to add this functionality for the CRAM-MD5, DIGEST-MD5 and NTLM authentication mechanisms.
2013-10-27email: Moved authentication message parsing into a separate functionSteve Holme
...in preparation for upcoming modifications.
2013-10-26email: Added references to SASL LOGIN authentication draft proposalSteve Holme
2013-10-18email: Fixed QUIT / LOGOUT being sent when SSL connect failsSteve Holme
2013-09-25imap: Added clarification to the code about odd continuation responsesSteve Holme
2013-09-24sasl: Centralised the authentication mechanism stringsSteve Holme
Moved the standard SASL mechanism strings into curl_sasl.h rather than hard coding the same values over and over again in the protocols that use SASL authentication. For more information about the mechanism strings see: http://www.iana.org/assignments/sasl-mechanisms
2013-09-14imap: Fixed response check for NOOP commandSteve Holme
2013-09-11imap: Fixed response check for LSUB and UID commandsSteve Holme
2013-09-10imap/pop3/smtp: Speed up SSL connection initializationJiri Hruska
Don't wait for the next callback call (usually 1 second) before continuing with protocol specific connection initialization.
2013-09-09imap: Fixed calculation of transfer when partial FETCH receivedSteve Holme
The transfer size would be calculated incorrectly if the email contained within the FETCH response, had been partially received by the pingpong layer. As such the following, example output, would be seen if the amount remaining was smaller than the amount received: * Excess found in a non pipelined read: excess = 1394, size = 262, maxdownload = 262, bytecount = 1374 * transfer closed with -1112 bytes remaining to read Bug: http://curl.haxx.se/mail/lib-2013-08/0170.html Reported-by: John Dunn
2013-09-04SASL: fix compiler warningsDaniel Stenberg
comparison between signed and unsigned integer expressions suggest parentheses around '&&' within '||' (twice)
2013-09-04imap/smtp: Fixed incorrect SASL mechanism selection with XOAUTH2 serversSteve Holme
XOAUTH2 would be selected in preference to LOGIN and PLAIN if the IMAP or SMTP server advertised support for it even though a user's password was supplied but bearer token wasn't. Modified the selection logic so that XOAUTH2 will only be selected if the server supports it and A) The curl user/libcurl programmer has specifically asked for XOAUTH via the ;AUTH=XOAUTH login option or 2) The bearer token is specified. Obviously if XOAUTH is asked for via the login option but no token is specified the user will receive a authentication failure which makes more sense than no known authentication mechanisms supported!