aboutsummaryrefslogtreecommitdiff
path: root/lib/imap.c
AgeCommit message (Collapse)Author
2017-10-22imap: if a FETCH response has no size, don't call write callbackDaniel Stenberg
CVE-2017-1000257 Reported-by: Brian Carpenter and 0xd34db347 Also detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3586
2017-09-22imap: quote atoms properly when escaping charactersDaniel Stenberg
Updates test 800 to verify Fixes #1902 Closes #1903
2017-09-02mime: new MIME API.Patrick Monnerat
Available in HTTP, SMTP and IMAP. Deprecates the FORM API. See CURLOPT_MIMEPOST. Lib code and associated documentation.
2017-08-24imap: use defined names for response codesDaniel Stenberg
When working on this code I found the previous setup a bit weird while using proper defines increases readability. Closes #1824
2017-08-23imap: support PREAUTHDaniel Stenberg
It is a defined possible greeting at server startup that means the connection is already authenticated. See https://tools.ietf.org/html/rfc3501#section-7.1.4 Test 846 added to verify. Fixes #1818 Closes #1820
2017-08-14strtoofft: reduce integer overflow risks globallyDaniel Stenberg
... make sure we bail out on overflows. Reported-by: Brian Carpenter Closes #1758
2017-06-30handler: refactor connection checkingMax Dymond
Add a new type of callback to Curl_handler which performs checks on the connection. Alter RTSP so that it uses this callback to do its own check on connection health.
2017-06-15http-proxy: only attempt FTP over HTTP proxyDaniel Stenberg
... all other non-HTTP protocol schemes are now defaulting to "tunnel trough" mode if a HTTP proxy is specified. In reality there are no HTTP proxies out there that allow those other schemes. Assisted-by: Ray Satiro, Michael Kaufmann Closes #1505
2017-03-26spelling fixesklemens
Closes #1356
2017-02-10URL: only accept ";options" in SMTP/POP3/IMAP URL schemesDaniel Stenberg
Fixes #1252
2017-01-12STARTTLS: Don't print response character in denied messagesJay Satiro
Both IMAP and POP3 response characters are used internally, but when appended to the STARTTLS denial message likely could confuse the user. Closes https://github.com/curl/curl/pull/1203
2016-11-24checksrc: white space edits to comply to stricter checksrcDaniel Stenberg
2016-11-24checksrc: code style: use 'char *name' styleDaniel Stenberg
2016-10-31strcasecompare: all case insensitive string compares ignore locale nowDaniel Stenberg
We had some confusions on when each function was used. We should not act differently on different locales anyway.
2016-10-31strcasecompare: is the new name for strequal()Daniel Stenberg
... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-").
2016-09-07errors: new alias CURLE_WEIRD_SERVER_REPLY (8)Jay Satiro
Since we're using CURLE_FTP_WEIRD_SERVER_REPLY in imap, pop3 and smtp as more of a generic "failed to parse" introduce an alias without FTP in the name. Closes https://github.com/curl/curl/pull/975
2016-06-22internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg
2016-04-29lib: include curl_printf.h as one of the last headersDaniel Stenberg
curl_printf.h defines printf to curl_mprintf, etc. This can cause problems with external headers which may use __attribute__((format(printf, ...))) markers etc. To avoid that they cause problems with system includes, we include curl_printf.h after any system headers. That makes the three last headers to always be, and we keep them in this order: curl_printf.h curl_memory.h memdebug.h None of them include system headers, they all do funny #defines. Reported-by: David Benjamin Fixes #743
2016-04-19imap: inlined checksrc disable instead of whitelist editDaniel Stenberg
2016-04-01IMAP: check pointer before dereferencing itehlertjd@gmail.com
may be null in the CURLOPT_CONNECT_ONLY case Fixes #747
2016-03-31imap: remove duplicated functionDaniel Stenberg
The list and search response functions were identical! Merged into one now. Detected by PVS Studio. Reported-by: Alexis La Goutte
2016-03-30multi: turn Curl_done into file local multi_doneDaniel Stenberg
... as it now is used by multi.c only.
2016-03-19ftp/imap/pop3/smtp: Fixed compilation warning when /Wall enabledSteve Holme
warning C4706: assignment within conditional expression
2016-03-19imap.c: Fixed compilation warning with /Wall enabledSteve Holme
warning C4701: potentially uninitialized local variable 'size' used Technically this can't happen, as the usage of 'size' is protected by 'if(parsed)' and 'parsed' is only set after 'size' has been parsed. Anyway, lets keep the compiler happy.
2016-03-08imap/pop3/smtp: Fixed connections upgraded with TLS are not reusedSteve Holme
Regression since commit 710f14edba. Bug: https://github.com/curl/curl/issues/422 Reported-by: Justin Ehlert
2016-02-03URLs: change all http:// URLs to https://Daniel Stenberg
2015-11-24Revert "cleanup: general removal of TODO (and similar) comments"Daniel Stenberg
This reverts commit 64e959ffe37c436503f9fed1ce2d6ee6ae50bd9a. Feedback-by: Dan Fandrich URL: http://curl.haxx.se/mail/lib-2015-11/0062.html
2015-11-13cleanup: general removal of TODO (and similar) commentsDaniel Stenberg
They tend to never get updated anyway so they're frequently inaccurate and we never go back to revisit them anyway. We document issues to work on properly in KNOWN_BUGS and TODO instead.
2015-11-09imap: avoid freeing constant stringDaniel Stenberg
The fix in 1a614c6c3 was wrong and would leed to free() of a fixed string. Pointed-out-by: Kamil Dudka
2015-11-08imap: Don't check for continuation when executing a CUSTOMREQUESTJustin Ehlert
Bug: https://github.com/bagder/curl/issues/486 Closes https://github.com/bagder/curl/pull/487
2015-11-07imap: checksrc: remove space after while before parenDaniel Stenberg
2015-11-07imap: Quote other 'atom-specials' and not just the space characterSteve Holme
Closes #517
2015-11-07imap: Fixed double quote in LIST command when mailbox contains spacesSteve Holme
2015-11-06imap: fix compiler warningDaniel Stenberg
imap.c:657:13: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
2015-11-06imap: Don't call imap_atom() when no mailbox specified in LIST commandSteve Holme
2015-03-16free: instead of Curl_safefree()Daniel Stenberg
Since we just started make use of free(NULL) in order to simplify code, this change takes it a step further and: - converts lots of Curl_safefree() calls to good old free() - makes Curl_safefree() not check the pointer before free() The (new) rule of thumb is: if you really want a function call that frees a pointer and then assigns it to NULL, then use Curl_safefree(). But we will prefer just using free() from now on.
2015-03-03mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg
... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
2015-01-27imap: remove automatic password setting: it breaks external sasl authenticationPatrick Monnerat
2015-01-27sasl: implement EXTERNAL authentication mechanism.Patrick Monnerat
Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and by not setting the password.
2015-01-20SASL: common state engine for imap/pop3/smtpPatrick Monnerat
2015-01-20SASL: common URL option and auth capabilities decoders for all protocolsPatrick Monnerat
2015-01-20IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.Patrick Monnerat
2015-01-07ldap/imap: Fixed spelling mistake in comments and variable namesSteve Holme
Reported-by: Michael Osipov
2014-12-16IPV6: address scope != scope idPatrick Monnerat
There was a confusion between these: this commit tries to disambiguate them. - Scope can be computed from the address itself. - Scope id is scope dependent: it is currently defined as 1-based local interface index for link-local scoped addresses, and as a site index(?) for (obsolete) site-local addresses. Linux only supports it for link-local addresses. The URL parser properly parses a scope id as an interface index, but stores it in a field named "scope": confusion. The field has been renamed into "scope_id". Curl_if2ip() used the scope id as it was a scope. This caused failures to bind to an interface. Scope is now computed from the addresses and Curl_if2ip() matches them. If redundantly specified in the URL, scope id is check for mismatch with the interface index. This commit should fix SF bug #1451.
2014-11-16kerberos: Use symbol qualified with _KERBEROS5Michael Osipov
For consistency renamed USE_KRB5 to USE_KERBEROS5.
2014-11-02sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is usedSteve Holme
Typically the USE_WINDOWS_SSPI definition would not be used when the CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication data structures and functions would incorrectly be used when they shouldn't be. Introduced a new USE_KRB5 definition that takes into account the use of CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
2014-10-02imap_perform_authentication: fix memory leakDaniel Stenberg
Coverity CID 1215296. There's a potential risk for a memory leak in here, and moving the free call to be unconditional seems like a cheap price to remove the risk.
2014-09-07Ensure progress.size_dl/progress.size_ul are always >= 0Brandon Casey
Historically the default "unknown" value for progress.size_dl and progress.size_ul has been zero, since these values are initialized implicitly by the calloc that allocates the curl handle that these variables are a part of. Users of curl that install progress callbacks may expect these values to always be >= 0. Currently it is possible for progress.size_dl and progress.size_ul to by set to a value of -1, if Curl_pgrsSetDownloadSize() or Curl_pgrsSetUploadSize() are passed a "size" of -1 (which a few places currently do, and a following patch will add more). So lets update Curl_pgrsSetDownloadSize() and Curl_pgrsSetUploadSize() so they make sure that these variables always contain a value that is >= 0. Updates test579 and test599. Signed-off-by: Brandon Casey <drafnel@gmail.com>
2014-08-15imap: Added support for GSSAPI (Kerberos V5) authentication via Windows SSPISteve Holme
2014-08-14email: Introduced the GSSAPI statesSteve Holme