Commit Graph

407 Commits

Author SHA1 Message Date
David Woodhouse
9ad282b1ae Remove all traces of FBOpenSSL SPNEGO support
This is just fundamentally broken. SPNEGO (RFC4178) is a protocol which
allows client and server to negotiate the underlying mechanism which will
actually be used to authenticate. This is *often* Kerberos, and can also
be NTLM and other things. And to complicate matters, there are various
different OIDs which can be used to specify the Kerberos mechanism too.

A SPNEGO exchange will identify *which* GSSAPI mechanism is being used,
and will exchange GSSAPI tokens which are appropriate for that mechanism.

But this SPNEGO implementation just strips the incoming SPNEGO packet
and extracts the token, if any. And completely discards the information
about *which* mechanism is being used. Then we *assume* it was Kerberos,
and feed the token into gss_init_sec_context() with the default
mechanism (GSS_S_NO_OID for the mech_type argument).

Furthermore... broken as this code is, it was never even *used* for input
tokens anyway, because higher layers of curl would just bail out if the
server actually said anything *back* to us in the negotiation. We assume
that we send a single token to the server, and it accepts it. If the server
wants to continue the exchange (as is required for NTLM and for SPNEGO
to do anything useful), then curl was broken anyway.

So the only bit which actually did anything was the bit in
Curl_output_negotiate(), which always generates an *initial* SPNEGO
token saying "Hey, I support only the Kerberos mechanism and this is its
token".

You could have done that by manually just prefixing the Kerberos token
with the appropriate bytes, if you weren't going to do any proper SPNEGO
handling. There's no need for the FBOpenSSL library at all.

The sane way to do SPNEGO is just to *ask* the GSSAPI library to do
SPNEGO. That's what the 'mech_type' argument to gss_init_sec_context()
is for. And then it should all Just Work™.

That 'sane way' will be added in a subsequent patch, as will bug fixes
for our failure to handle any exchange other than a single outbound
token to the server which results in immediate success.
2014-07-16 17:26:08 +02:00
Dan Fandrich
3ae2b6cd7f Update instances of some obsolete CURLOPTs to their new names 2014-07-05 22:47:13 +02:00
Dimitrios Siganos
22eb00f937 example: use correct type (long) for CURLOPT_FOLLOWLOCATION 2014-07-03 22:47:28 +02:00
Daniel Stenberg
1343756742 cacertinmem: fix memory leak
While "just" an example it still isn't nice to leak memory.

Bug: http://curl.haxx.se/bug/view.cgi?id=1368
Fixed-by: Marko
2014-05-09 13:33:21 +02:00
Steve Holme
0c4589f0c0 imap-append.c: Fixed compilation errors on some platforms
In the initializer for len, there is no prototype for "strlen".
In this statement, there is no prototype for "memcpy".
2014-03-30 10:56:51 +01:00
Daniel Stenberg
1f60728f81 examples: remove all use of CURLM_CALL_MULTI_PERFORM
... since it is never returned since a long while back.
2014-02-17 08:25:39 +01:00
Steve Holme
dc0f8c04ec examples: Added IMAP LSUB example 2014-02-16 00:09:22 +00:00
Daniel Stenberg
8bcf677a30 examples: gitignore more binaries 2014-01-29 10:22:40 +01:00
Steve Holme
27ecc22649 pop3-dele.c: Added missing CURLOPT_NOBODY following feedback 2014-01-15 23:39:46 +00:00
Steve Holme
a33e7edcec examples: Fixed compilation errors
error: 'MULTI_PERFORM_HANG_TIMEOUT' undeclared
2014-01-12 18:43:40 +00:00
Steve Holme
0fea86afe3 imap-multi.c: Corrected typo 2014-01-12 18:27:33 +00:00
Steve Holme
3a4cd2ad8d smtp-multi.c: Minor coding style tidyup following POP3 and IMAP additions 2014-01-12 18:24:48 +00:00
Steve Holme
82c472228e examples: Added IMAP multi example 2014-01-12 18:21:46 +00:00
Steve Holme
0089e65008 pop3-multi.c: Corrected copy/paste typo 2014-01-12 18:11:22 +00:00
Steve Holme
2492fd30e5 examples: Added POP3 multi example 2014-01-12 18:02:22 +00:00
Steve Holme
190e41f840 examples: Added comments to SMTP multi example based on other MAIL examples 2014-01-12 16:45:52 +00:00
Steve Holme
5d25d626b1 examples: Removed user information and TLS setup from SMTP multi example
Simplified the SMTP multi example as this example should demonstrate
the differences the easy and multi interfaces rather than introduce new
concepts such as user authentication and TLS which are shown in the TLS
and SSL examples.
2014-01-12 16:33:19 +00:00
Steve Holme
e473a4d2f3 examples: Updated SMTP MAIL example to return libcurl result code 2014-01-12 15:55:08 +00:00
Steve Holme
7e85964080 examples: Synchronised comments between SMTP MAIL examples 2014-01-12 15:43:07 +00:00
Steve Holme
9bd2fdb8e2 examples: Updated SMTP MAIL example to use a read function for data
Updated to read data from a callback rather than from stdio as this is
more realistic to most use cases.
2014-01-12 15:43:05 +00:00
Steve Holme
fc0b4b0d31 examples: Added required libcurl version information to SMTP examples 2014-01-05 23:00:56 +00:00
Steve Holme
149e0c8d10 Examples: Renamed SMTP MAIL example to match other email examples 2014-01-05 17:51:18 +00:00
Steve Holme
0f4bf77bd3 examples: Added POP3 TLS example 2014-01-05 14:26:51 +00:00
Steve Holme
ecb0dc4c90 examples: Added IMAP NOOP example 2014-01-05 14:22:35 +00:00
Steve Holme
a6742a1c12 examples: Added POP3 NOOP example 2014-01-05 13:59:21 +00:00
Steve Holme
e209d60713 pop3-stat.c: Corrected small typo from commit 91d62e9abd 2014-01-05 13:56:49 +00:00
Steve Holme
91d62e9abd examples: Added POP3 STAT example 2014-01-05 13:29:50 +00:00
Steve Holme
3e17db4882 examples: Added POP3 TOP example 2014-01-05 13:16:41 +00:00
Steve Holme
ef2d7cb44b examples: Added POP3 DELE example 2014-01-05 13:00:25 +00:00
Steve Holme
e948b9c6e3 examples: Added POP3 UIDL example 2014-01-05 12:31:28 +00:00
Steve Holme
afb65c6cf3 examples: Added POP3 RETR example 2014-01-05 12:17:15 +00:00
Steve Holme
5be92d03b0 examples: Added return of error code in POP3 examples 2014-01-05 12:05:02 +00:00
Steve Holme
ad39e7ec01 examples: Reworked POP3 examples for additional upcoming POP3 examples 2014-01-05 11:28:24 +00:00
Steve Holme
98b7fc0195 examples: Added SMTP SSL example 2014-01-05 11:27:29 +00:00
Steve Holme
f9797871aa examples: Added IMAP SSL and TLS examples 2014-01-05 11:26:41 +00:00
Steve Holme
5220c1d692 examples: Standardised username and password settings for all email examples
Replaced the use of CURLOPT_USERPWD for the preferred CURLOPT_USERNAME
and CURLOPT_PASSWORD options and used the same username and password for
all email examples which is the same as that used in the test suite.
2014-01-04 18:12:02 +00:00
Steve Holme
4c51f2b578 examples: Added IMAP COPY example 2014-01-04 01:11:26 +00:00
Steve Holme
2b026784a8 examples: Added IMAP DELETE example 2014-01-04 01:11:03 +00:00
Steve Holme
3c1519117a examples: Added IMAP CREATE example 2014-01-04 01:05:46 +00:00
Steve Holme
0f340f0572 examples: Added IMAP SEARCH example 2014-01-02 20:19:45 +00:00
Steve Holme
f063773b83 examples: Added IMAP EXAMINE mailbox folder example 2014-01-02 20:19:36 +00:00
Steve Holme
6bc9e46bf1 examples: Updated SMTP multi example to be more realistic
Updated the contents of the email and payload callback as per the IMAP
and other SMTP examples.
2014-01-01 20:58:04 +00:00
Steve Holme
1f47a77b29 examples: Corrected unescaped backslash in imap-store.c 2014-01-01 19:31:41 +00:00
Steve Holme
0757a9b941 examples: Update SMTP TLS example mail content to be RFC-2821 compliant
...and made some minor coding style changes to better match the curl
coding standards as well as the other email related examples.
2014-01-01 18:44:53 +00:00
Steve Holme
83ae98c6c6 examples: Added IMAP APPEND example 2014-01-01 18:02:06 +00:00
Steve Holme
2658da7604 examples: Added IMAP STORE example 2014-01-01 17:25:12 +00:00
Steve Holme
7de2e03258 examples: Added IMAP LIST mailbox example 2013-12-31 16:28:37 +00:00
Steve Holme
ab71241c88 examples: Updated IMAP fetch example for libcurl 7.30.0 2013-12-31 16:13:22 +00:00
Steve Holme
e9625c5bc6 examples: Rename before adding additional email examples 2013-12-31 16:01:31 +00:00
Steve Holme
18a6467c8c examples: Added SMTP EXPN command example 2013-12-31 14:37:49 +00:00