summaryrefslogtreecommitdiff
path: root/lib/imap.c
Commit message (Collapse)AuthorAgeFilesLines
* imap: deal with commands case insensitivelyDaniel Stenberg2017-11-091-11/+11
| | | | | | | As documented in RFC 3501 section 9: https://tools.ietf.org/html/rfc3501#section-9 Closes #2061
* imap: if a FETCH response has no size, don't call write callbackDaniel Stenberg2017-10-221-0/+5
| | | | | | | CVE-2017-1000257 Reported-by: Brian Carpenter and 0xd34db347 Also detected by OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3586
* imap: quote atoms properly when escaping charactersDaniel Stenberg2017-09-221-2/+2
| | | | | | | Updates test 800 to verify Fixes #1902 Closes #1903
* mime: new MIME API.Patrick Monnerat2017-09-021-8/+40
| | | | | | | Available in HTTP, SMTP and IMAP. Deprecates the FORM API. See CURLOPT_MIMEPOST. Lib code and associated documentation.
* imap: use defined names for response codesDaniel Stenberg2017-08-241-20/+18
| | | | | | | When working on this code I found the previous setup a bit weird while using proper defines increases readability. Closes #1824
* imap: support PREAUTHDaniel Stenberg2017-08-231-10/+15
| | | | | | | | | | | It is a defined possible greeting at server startup that means the connection is already authenticated. See https://tools.ietf.org/html/rfc3501#section-7.1.4 Test 846 added to verify. Fixes #1818 Closes #1820
* strtoofft: reduce integer overflow risks globallyDaniel Stenberg2017-08-141-4/+5
| | | | | | | ... make sure we bail out on overflows. Reported-by: Brian Carpenter Closes #1758
* handler: refactor connection checkingMax Dymond2017-06-301-0/+2
| | | | | | Add a new type of callback to Curl_handler which performs checks on the connection. Alter RTSP so that it uses this callback to do its own check on connection health.
* http-proxy: only attempt FTP over HTTP proxyDaniel Stenberg2017-06-151-77/+0
| | | | | | | | | | ... all other non-HTTP protocol schemes are now defaulting to "tunnel trough" mode if a HTTP proxy is specified. In reality there are no HTTP proxies out there that allow those other schemes. Assisted-by: Ray Satiro, Michael Kaufmann Closes #1505
* spelling fixesklemens2017-03-261-1/+1
| | | | Closes #1356
* URL: only accept ";options" in SMTP/POP3/IMAP URL schemesDaniel Stenberg2017-02-101-2/+3
| | | | Fixes #1252
* STARTTLS: Don't print response character in denied messagesJay Satiro2017-01-121-1/+1
| | | | | | | Both IMAP and POP3 response characters are used internally, but when appended to the STARTTLS denial message likely could confuse the user. Closes https://github.com/curl/curl/pull/1203
* checksrc: white space edits to comply to stricter checksrcDaniel Stenberg2016-11-241-2/+2
|
* checksrc: code style: use 'char *name' styleDaniel Stenberg2016-11-241-1/+1
|
* strcasecompare: all case insensitive string compares ignore locale nowDaniel Stenberg2016-10-311-6/+6
| | | | | We had some confusions on when each function was used. We should not act differently on different locales anyway.
* strcasecompare: is the new name for strequal()Daniel Stenberg2016-10-311-3/+2
| | | | | | | ... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-").
* errors: new alias CURLE_WEIRD_SERVER_REPLY (8)Jay Satiro2016-09-071-4/+4
| | | | | | | | Since we're using CURLE_FTP_WEIRD_SERVER_REPLY in imap, pop3 and smtp as more of a generic "failed to parse" introduce an alias without FTP in the name. Closes https://github.com/curl/curl/pull/975
* internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg2016-06-221-18/+18
|
* lib: include curl_printf.h as one of the last headersDaniel Stenberg2016-04-291-2/+2
| | | | | | | | | | | | | | | | | | | | curl_printf.h defines printf to curl_mprintf, etc. This can cause problems with external headers which may use __attribute__((format(printf, ...))) markers etc. To avoid that they cause problems with system includes, we include curl_printf.h after any system headers. That makes the three last headers to always be, and we keep them in this order: curl_printf.h curl_memory.h memdebug.h None of them include system headers, they all do funny #defines. Reported-by: David Benjamin Fixes #743
* imap: inlined checksrc disable instead of whitelist editDaniel Stenberg2016-04-191-0/+1
|
* IMAP: check pointer before dereferencing itehlertjd@gmail.com2016-04-011-1/+1
| | | | | | may be null in the CURLOPT_CONNECT_ONLY case Fixes #747
* imap: remove duplicated functionDaniel Stenberg2016-03-311-30/+6
| | | | | | | The list and search response functions were identical! Merged into one now. Detected by PVS Studio. Reported-by: Alexis La Goutte
* multi: turn Curl_done into file local multi_doneDaniel Stenberg2016-03-301-6/+1
| | | | ... as it now is used by multi.c only.
* ftp/imap/pop3/smtp: Fixed compilation warning when /Wall enabledSteve Holme2016-03-191-2/+2
| | | | warning C4706: assignment within conditional expression
* imap.c: Fixed compilation warning with /Wall enabledSteve Holme2016-03-191-1/+1
| | | | | | | | | warning C4701: potentially uninitialized local variable 'size' used Technically this can't happen, as the usage of 'size' is protected by 'if(parsed)' and 'parsed' is only set after 'size' has been parsed. Anyway, lets keep the compiler happy.
* imap/pop3/smtp: Fixed connections upgraded with TLS are not reusedSteve Holme2016-03-081-1/+9
| | | | | | | Regression since commit 710f14edba. Bug: https://github.com/curl/curl/issues/422 Reported-by: Justin Ehlert
* URLs: change all http:// URLs to https://Daniel Stenberg2016-02-031-1/+1
|
* Revert "cleanup: general removal of TODO (and similar) comments"Daniel Stenberg2015-11-241-10/+10
| | | | | | | This reverts commit 64e959ffe37c436503f9fed1ce2d6ee6ae50bd9a. Feedback-by: Dan Fandrich URL: http://curl.haxx.se/mail/lib-2015-11/0062.html
* cleanup: general removal of TODO (and similar) commentsDaniel Stenberg2015-11-131-10/+10
| | | | | | They tend to never get updated anyway so they're frequently inaccurate and we never go back to revisit them anyway. We document issues to work on properly in KNOWN_BUGS and TODO instead.
* imap: avoid freeing constant stringDaniel Stenberg2015-11-091-1/+1
| | | | | | | The fix in 1a614c6c3 was wrong and would leed to free() of a fixed string. Pointed-out-by: Kamil Dudka
* imap: Don't check for continuation when executing a CUSTOMREQUESTJustin Ehlert2015-11-081-2/+2
| | | | | Bug: https://github.com/bagder/curl/issues/486 Closes https://github.com/bagder/curl/pull/487
* imap: checksrc: remove space after while before parenDaniel Stenberg2015-11-071-1/+1
|
* imap: Quote other 'atom-specials' and not just the space characterSteve Holme2015-11-071-8/+18
| | | | Closes #517
* imap: Fixed double quote in LIST command when mailbox contains spacesSteve Holme2015-11-071-8/+8
|
* imap: fix compiler warningDaniel Stenberg2015-11-061-1/+1
| | | | | imap.c:657:13: error: assignment discards 'const' qualifier from pointer target type [-Werror=discarded-qualifiers]
* imap: Don't call imap_atom() when no mailbox specified in LIST commandSteve Holme2015-11-061-2/+2
|
* free: instead of Curl_safefree()Daniel Stenberg2015-03-161-11/+11
| | | | | | | | | | | | Since we just started make use of free(NULL) in order to simplify code, this change takes it a step further and: - converts lots of Curl_safefree() calls to good old free() - makes Curl_safefree() not check the pointer before free() The (new) rule of thumb is: if you really want a function call that frees a pointer and then assigns it to NULL, then use Curl_safefree(). But we will prefer just using free() from now on.
* mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg2015-03-031-3/+1
| | | | | ... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
* imap: remove automatic password setting: it breaks external sasl authenticationPatrick Monnerat2015-01-271-3/+2
|
* sasl: implement EXTERNAL authentication mechanism.Patrick Monnerat2015-01-271-3/+3
| | | | | Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and by not setting the password.
* SASL: common state engine for imap/pop3/smtpPatrick Monnerat2015-01-201-774/+64
|
* SASL: common URL option and auth capabilities decoders for all protocolsPatrick Monnerat2015-01-201-70/+33
|
* IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.Patrick Monnerat2015-01-201-52/+52
|
* ldap/imap: Fixed spelling mistake in comments and variable namesSteve Holme2015-01-071-3/+3
| | | | Reported-by: Michael Osipov
* IPV6: address scope != scope idPatrick Monnerat2014-12-161-1/+0
| | | | | | | | | | | | | | | | | | There was a confusion between these: this commit tries to disambiguate them. - Scope can be computed from the address itself. - Scope id is scope dependent: it is currently defined as 1-based local interface index for link-local scoped addresses, and as a site index(?) for (obsolete) site-local addresses. Linux only supports it for link-local addresses. The URL parser properly parses a scope id as an interface index, but stores it in a field named "scope": confusion. The field has been renamed into "scope_id". Curl_if2ip() used the scope id as it was a scope. This caused failures to bind to an interface. Scope is now computed from the addresses and Curl_if2ip() matches them. If redundantly specified in the URL, scope id is check for mismatch with the interface index. This commit should fix SF bug #1451.
* kerberos: Use symbol qualified with _KERBEROS5Michael Osipov2014-11-161-3/+3
| | | | For consistency renamed USE_KRB5 to USE_KERBEROS5.
* sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is usedSteve Holme2014-11-021-3/+3
| | | | | | | | | | | Typically the USE_WINDOWS_SSPI definition would not be used when the CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication data structures and functions would incorrectly be used when they shouldn't be. Introduced a new USE_KRB5 definition that takes into account the use of CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
* imap_perform_authentication: fix memory leakDaniel Stenberg2014-10-021-2/+2
| | | | | | Coverity CID 1215296. There's a potential risk for a memory leak in here, and moving the free call to be unconditional seems like a cheap price to remove the risk.
* Ensure progress.size_dl/progress.size_ul are always >= 0Brandon Casey2014-09-071-3/+3
| | | | | | | | | | | | | | | | | | | | Historically the default "unknown" value for progress.size_dl and progress.size_ul has been zero, since these values are initialized implicitly by the calloc that allocates the curl handle that these variables are a part of. Users of curl that install progress callbacks may expect these values to always be >= 0. Currently it is possible for progress.size_dl and progress.size_ul to by set to a value of -1, if Curl_pgrsSetDownloadSize() or Curl_pgrsSetUploadSize() are passed a "size" of -1 (which a few places currently do, and a following patch will add more). So lets update Curl_pgrsSetDownloadSize() and Curl_pgrsSetUploadSize() so they make sure that these variables always contain a value that is >= 0. Updates test579 and test599. Signed-off-by: Brandon Casey <drafnel@gmail.com>
* imap: Added support for GSSAPI (Kerberos V5) authentication via Windows SSPISteve Holme2014-08-151-0/+186
|
View Lorry Controller Status