summaryrefslogtreecommitdiff
path: root/lib/pop3.c
Commit message (Collapse)AuthorAgeFilesLines
...
* smtp/pop3/imap_get_message: decrease the data length too...Daniel Stenberg2018-01-151-3/+5
| | | | | | | | Follow-up commit to 615edc1f73 which was incomplete. Assisted-by: Max Dymond Detected by OSS-fuzz Bug: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5206
* sasl_getmesssage: make sure we have a long enough string to passDaniel Stenberg2017-12-051-12/+17
| | | | | | | | | | For pop3/imap/smtp, added test 891 to somewhat verify the pop3 case. For this, I enhanced the pingpong test server to be able to send back responses with LF-only instead of always using CRLF. Closes #2150
* handler: refactor connection checkingMax Dymond2017-06-301-0/+2
| | | | | | Add a new type of callback to Curl_handler which performs checks on the connection. Alter RTSP so that it uses this callback to do its own check on connection health.
* http-proxy: only attempt FTP over HTTP proxyDaniel Stenberg2017-06-151-77/+0
| | | | | | | | | | ... all other non-HTTP protocol schemes are now defaulting to "tunnel trough" mode if a HTTP proxy is specified. In reality there are no HTTP proxies out there that allow those other schemes. Assisted-by: Ray Satiro, Michael Kaufmann Closes #1505
* URL: only accept ";options" in SMTP/POP3/IMAP URL schemesDaniel Stenberg2017-02-101-3/+4
| | | | Fixes #1252
* STARTTLS: Don't print response character in denied messagesJay Satiro2017-01-121-1/+1
| | | | | | | Both IMAP and POP3 response characters are used internally, but when appended to the STARTTLS denial message likely could confuse the user. Closes https://github.com/curl/curl/pull/1203
* checksrc: white space edits to comply to stricter checksrcDaniel Stenberg2016-11-241-2/+2
|
* checksrc: code style: use 'char *name' styleDaniel Stenberg2016-11-241-2/+2
|
* strcasecompare: all case insensitive string compares ignore locale nowDaniel Stenberg2016-10-311-1/+0
| | | | | We had some confusions on when each function was used. We should not act differently on different locales anyway.
* strcasecompare: is the new name for strequal()Daniel Stenberg2016-10-311-4/+3
| | | | | | | ... to make it less likely that we forget that the function actually does case insentive compares. Also replaced several invokes of the function with a plain strcmp when case sensitivity is not an issue (like comparing with "-").
* errors: new alias CURLE_WEIRD_SERVER_REPLY (8)Jay Satiro2016-09-071-1/+1
| | | | | | | | Since we're using CURLE_FTP_WEIRD_SERVER_REPLY in imap, pop3 and smtp as more of a generic "failed to parse" introduce an alias without FTP in the name. Closes https://github.com/curl/curl/pull/975
* internals: rename the SessionHandle struct to Curl_easyDaniel Stenberg2016-06-221-17/+17
|
* lib: include curl_printf.h as one of the last headersDaniel Stenberg2016-04-291-1/+1
| | | | | | | | | | | | | | | | | | | | curl_printf.h defines printf to curl_mprintf, etc. This can cause problems with external headers which may use __attribute__((format(printf, ...))) markers etc. To avoid that they cause problems with system includes, we include curl_printf.h after any system headers. That makes the three last headers to always be, and we keep them in this order: curl_printf.h curl_memory.h memdebug.h None of them include system headers, they all do funny #defines. Reported-by: David Benjamin Fixes #743
* multi: turn Curl_done into file local multi_doneDaniel Stenberg2016-03-301-4/+0
| | | | ... as it now is used by multi.c only.
* ftp/imap/pop3/smtp: Fixed compilation warning when /Wall enabledSteve Holme2016-03-191-2/+2
| | | | warning C4706: assignment within conditional expression
* imap/pop3/smtp: Fixed connections upgraded with TLS are not reusedSteve Holme2016-03-081-1/+9
| | | | | | | Regression since commit 710f14edba. Bug: https://github.com/curl/curl/issues/422 Reported-by: Justin Ehlert
* URLs: change all http:// URLs to https://Daniel Stenberg2016-02-031-1/+1
|
* pop3: Differentiate between success and continuation responsesSteve Holme2015-11-201-4/+10
|
* pop3: Added clarity on some server response codesSteve Holme2015-11-201-2/+4
|
* mprintf.h: remove #ifdef CURLDEBUGDaniel Stenberg2015-03-031-4/+1
| | | | | ... and as a consequence, introduce curl_printf.h with that re-define magic instead and make all libcurl code use that instead.
* sasl: implement EXTERNAL authentication mechanism.Patrick Monnerat2015-01-271-3/+3
| | | | | Its use is only enabled by explicit requirement in URL (;AUTH=EXTERNAL) and by not setting the password.
* SASL: common state engine for imap/pop3/smtpPatrick Monnerat2015-01-201-775/+74
|
* SASL: common URL option and auth capabilities decoders for all protocolsPatrick Monnerat2015-01-201-70/+37
|
* IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.Patrick Monnerat2015-01-201-53/+53
|
* IPV6: address scope != scope idPatrick Monnerat2014-12-161-1/+0
| | | | | | | | | | | | | | | | | | There was a confusion between these: this commit tries to disambiguate them. - Scope can be computed from the address itself. - Scope id is scope dependent: it is currently defined as 1-based local interface index for link-local scoped addresses, and as a site index(?) for (obsolete) site-local addresses. Linux only supports it for link-local addresses. The URL parser properly parses a scope id as an interface index, but stores it in a field named "scope": confusion. The field has been renamed into "scope_id". Curl_if2ip() used the scope id as it was a scope. This caused failures to bind to an interface. Scope is now computed from the addresses and Curl_if2ip() matches them. If redundantly specified in the URL, scope id is check for mismatch with the interface index. This commit should fix SF bug #1451.
* kerberos: Use symbol qualified with _KERBEROS5Michael Osipov2014-11-161-3/+3
| | | | For consistency renamed USE_KRB5 to USE_KERBEROS5.
* sasl: Fixed Kerberos V5 inclusion when CURL_DISABLE_CRYPTO_AUTH is usedSteve Holme2014-11-021-3/+3
| | | | | | | | | | | Typically the USE_WINDOWS_SSPI definition would not be used when the CURL_DISABLE_CRYPTO_AUTH define is, however, it is still a valid build configuration and, as such, the SASL Kerberos V5 (GSSAPI) authentication data structures and functions would incorrectly be used when they shouldn't be. Introduced a new USE_KRB5 definition that takes into account the use of CURL_DISABLE_CRYPTO_AUTH like USE_SPNEGO and USE_NTLM do.
* pop3_perform_authentication: fix memory leakDaniel Stenberg2014-10-021-2/+2
| | | | | | Coverity CID 1215287. There's a potential risk for a memory leak in here, and moving the free call to be unconditional seems like a cheap price to remove the risk.
* Ensure progress.size_dl/progress.size_ul are always >= 0Brandon Casey2014-09-071-2/+2
| | | | | | | | | | | | | | | | | | | | Historically the default "unknown" value for progress.size_dl and progress.size_ul has been zero, since these values are initialized implicitly by the calloc that allocates the curl handle that these variables are a part of. Users of curl that install progress callbacks may expect these values to always be >= 0. Currently it is possible for progress.size_dl and progress.size_ul to by set to a value of -1, if Curl_pgrsSetDownloadSize() or Curl_pgrsSetUploadSize() are passed a "size" of -1 (which a few places currently do, and a following patch will add more). So lets update Curl_pgrsSetDownloadSize() and Curl_pgrsSetUploadSize() so they make sure that these variables always contain a value that is >= 0. Updates test579 and test599. Signed-off-by: Brandon Casey <drafnel@gmail.com>
* pop3: Added support for GSSAPI (Kerberos V5) authentication via Windows SSPISteve Holme2014-08-151-0/+186
|
* email: Introduced the GSSAPI statesSteve Holme2014-08-141-0/+4
|
* bits.close: introduce connection close trackingDaniel Stenberg2014-05-221-2/+2
| | | | | | | Make all code use connclose() and connkeep() when changing the "close state" for a connection. These two macros take a string argument with an explanation, and debug builds of curl will include that in the debug output. Helps tracking connection re-use/close issues.
* handler: make 'protocol' always specified as a single bitDaniel Stenberg2014-04-231-1/+1
| | | | | | | | | | | | | | | | This makes the findprotocol() function work as intended so that libcurl can properly be restricted to not support HTTP while still supporting HTTPS - since the HTTPS handler previously set both the HTTP and HTTPS bits in the protocol field. This fixes --proto and --proto-redir for most SSL protocols. This is done by adding a few new convenience defines that groups HTTP and HTTPS, FTP and FTPS etc that should then be used when the code wants to check for both protocols at once. PROTO_FAMILY_[protocol] style. Bug: https://github.com/bagder/curl/pull/97 Reported-by: drizzt
* sasl: Combined DIGEST-MD5 message decoding and generationSteve Holme2014-04-051-24/+16
|
* pop3: Fixed auth preference not being honored when CAPA not supportedSteve Holme2013-12-241-2/+6
| | | | | | | | | If a user indicated they preferred to authenticate using APOP or a SASL mechanism, but neither were supported by the server, curl would always fall back to clear text when CAPA wasn't supported, even though the user didn't want to use this. This also fixes the auto build failure caused by commit 6f2d5f0562f64a.
* pop3: Fixed APOP being determined by CAPA response rather than by timestampSteve Holme2013-12-241-9/+7
| | | | | | | | This commit replaces that of 9f260b5d6610f3 because according to RFC-2449, section 6, there is no APOP capability "...even though APOP is an optional command in [POP3]. Clients discover server support of APOP by the presence in the greeting banner of an initial challenge enclosed in angle brackets."
* email: Fixed segfault introduced in commit 195b63f99c2fe3Steve Holme2013-12-221-1/+1
|
* code police: fix indent level to silence checksrc complaintsDaniel Stenberg2013-12-221-2/+2
|
* email: Extended the login options to support multiple auth mechanismsSteve Holme2013-12-211-22/+34
|
* Revert "pop3: Added debug information to assist with test864 failure"Steve Holme2013-12-211-3/+0
| | | | This reverts commit 727d798d680f29c8b3cb7d7f03d6b6a3eb4356da.
* pop3: Added debug information to assist with test864 failureSteve Holme2013-12-211-0/+3
|
* pop3: Fixed APOP timestamp detection from commit 1cfb436a2f1795Steve Holme2013-12-201-3/+3
|
* vtls: renamed sslgen.[ch] to vtls.[ch]Daniel Stenberg2013-12-201-1/+1
|
* vtls: created subdir, moved sslgen.[ch] there, updated all include linesDaniel Stenberg2013-12-201-1/+1
|
* pop3: Fixed selection of APOP when server replies with an invalid timestampSteve Holme2013-12-201-2/+6
| | | | | | | Although highlighted by a bug in commit 1cfb436a2f1795, APOP authentication could be chosen if the server was to reply with an empty or missing timestamp in the server greeting and APOP was given in the capability list by the server.
* pop3: Fixed processing of more than one response when sent in same packetSteve Holme2013-12-201-6/+9
| | | | | | Added a loop to pop3_statemach_act() in which Curl_pp_readresp() is called until the cache is drained. Without this multiple responses received in a single packet could result in a hang or delay.
* pop3: Moved CAPA response handling to pop3_state_capa_resp()Steve Holme2013-12-191-82/+87
| | | | | | Similar to the processing of untagged CAPABILITY responses in IMAP and multi-line EHLO responses in SMTP, moved the processing of multi-line CAPA responses to pop3_state_capa_resp().
* pop3: Moved APOP detection into pop3_state_servergreet_resp()Steve Holme2013-12-191-26/+28
| | | | | | In an effort to reduce what pop3_endofresp() does and bring the POP3 source back inline with the IMAP and SMTP protocols, moved the APOP detection into pop3_state_servergreet_resp().
* imap/pop3/smtp: Added support for SASL authentication downgradesSteve Holme2013-12-181-2/+40
| | | | | | | | | Added support for downgrading the SASL authentication mechanism when the decoding of CRAM-MD5, DIGEST-MD5 and NTLM messages fails. This enhances the previously added support for graceful cancellation by allowing the client to retry a lesser SASL mechanism such as LOGIN or PLAIN, or even APOP / clear text (in the case of POP3 and IMAP) when supported by the server.
* pop3: Moved the calculation of SASL login details into a separate functionSteve Holme2013-12-181-71/+93
|
View Lorry Controller Status