diff options
| author | Curl Upstream <curl-library@cool.haxx.se> | 2021-02-03 07:02:36 (GMT) |
|---|---|---|
| committer | Brad King <brad.king@kitware.com> | 2021-02-03 16:49:32 (GMT) |
| commit | 076b3219f58ca16afa52fe095019a05537ade0f3 (patch) | |
| tree | f9ea493f94ce5afb8792e1ab4a040cea7eba4aed /lib/krb5.c | |
| parent | 5aacc593a961fe9ee1427c03d18fba8947a9e33d (diff) | |
| download | CMake-076b3219f58ca16afa52fe095019a05537ade0f3.zip CMake-076b3219f58ca16afa52fe095019a05537ade0f3.tar.gz CMake-076b3219f58ca16afa52fe095019a05537ade0f3.tar.bz2 | |
curl 2021-02-03 (2f33be81)
Code extracted from:
https://github.com/curl/curl.git
at commit 2f33be817cbce6ad7a36f27dd7ada9219f13584c (curl-7_75_0).
Diffstat (limited to 'lib/krb5.c')
| -rw-r--r-- | lib/krb5.c | 106 |
1 files changed, 55 insertions, 51 deletions
@@ -2,7 +2,7 @@ * * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan * (Royal Institute of Technology, Stockholm, Sweden). - * Copyright (c) 2004 - 2020 Daniel Stenberg + * Copyright (c) 2004 - 2021 Daniel Stenberg * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -56,7 +56,8 @@ #include "curl_memory.h" #include "memdebug.h" -static CURLcode ftpsend(struct connectdata *conn, const char *cmd) +static CURLcode ftpsend(struct Curl_easy *data, struct connectdata *conn, + const char *cmd) { ssize_t bytes_written; #define SBUF_SIZE 1024 @@ -80,7 +81,7 @@ static CURLcode ftpsend(struct connectdata *conn, const char *cmd) write_len += 2; bytes_written = 0; - result = Curl_convert_to_network(conn->data, s, write_len); + result = Curl_convert_to_network(data, s, write_len); /* Curl_convert_to_network calls failf if unsuccessful */ if(result) return result; @@ -89,7 +90,7 @@ static CURLcode ftpsend(struct connectdata *conn, const char *cmd) #ifdef HAVE_GSSAPI conn->data_prot = PROT_CMD; #endif - result = Curl_write(conn, conn->sock[FIRSTSOCKET], sptr, write_len, + result = Curl_write(data, conn->sock[FIRSTSOCKET], sptr, write_len, &bytes_written); #ifdef HAVE_GSSAPI DEBUGASSERT(data_sec > PROT_NONE && data_sec < PROT_LAST); @@ -99,7 +100,7 @@ static CURLcode ftpsend(struct connectdata *conn, const char *cmd) if(result) break; - Curl_debug(conn->data, CURLINFO_HEADER_OUT, sptr, (size_t)bytes_written); + Curl_debug(data, CURLINFO_HEADER_OUT, sptr, (size_t)bytes_written); if(bytes_written != (ssize_t)write_len) { write_len -= bytes_written; @@ -202,14 +203,13 @@ krb5_encode(void *app_data, const void *from, int length, int level, void **to) } static int -krb5_auth(void *app_data, struct connectdata *conn) +krb5_auth(void *app_data, struct Curl_easy *data, struct connectdata *conn) { int ret = AUTH_OK; char *p; const char *host = conn->host.name; ssize_t nread; curl_socklen_t l = sizeof(conn->local_addr); - struct Curl_easy *data = conn->data; CURLcode result; const char *service = data->set.str[STRING_SERVICE_NAME] ? data->set.str[STRING_SERVICE_NAME] : @@ -242,11 +242,11 @@ krb5_auth(void *app_data, struct connectdata *conn) for(;;) { /* this really shouldn't be repeated here, but can't help it */ if(service == srv_host) { - result = ftpsend(conn, "AUTH GSSAPI"); + result = ftpsend(data, conn, "AUTH GSSAPI"); if(result) return -2; - if(Curl_GetFTPResponse(&nread, conn, NULL)) + if(Curl_GetFTPResponse(data, &nread, NULL)) return -1; if(data->state.buffer[0] != '3') @@ -319,7 +319,7 @@ krb5_auth(void *app_data, struct connectdata *conn) cmd = aprintf("ADAT %s", p); if(cmd) - result = ftpsend(conn, cmd); + result = ftpsend(data, conn, cmd); else result = CURLE_OUT_OF_MEMORY; @@ -331,7 +331,7 @@ krb5_auth(void *app_data, struct connectdata *conn) break; } - if(Curl_GetFTPResponse(&nread, conn, NULL)) { + if(Curl_GetFTPResponse(data, &nread, NULL)) { ret = -1; break; } @@ -443,7 +443,7 @@ static char level_to_char(int level) /* Send an FTP command defined by |message| and the optional arguments. The function returns the ftp_code. If an error occurs, -1 is returned. */ -static int ftp_send_command(struct connectdata *conn, const char *message, ...) +static int ftp_send_command(struct Curl_easy *data, const char *message, ...) { int ftp_code; ssize_t nread = 0; @@ -454,11 +454,11 @@ static int ftp_send_command(struct connectdata *conn, const char *message, ...) mvsnprintf(print_buffer, sizeof(print_buffer), message, args); va_end(args); - if(ftpsend(conn, print_buffer)) { + if(ftpsend(data, data->conn, print_buffer)) { ftp_code = -1; } else { - if(Curl_GetFTPResponse(&nread, conn, &ftp_code)) + if(Curl_GetFTPResponse(data, &nread, &ftp_code)) ftp_code = -1; } @@ -495,7 +495,7 @@ socket_read(curl_socket_t fd, void *to, size_t len) CURLcode saying whether an error occurred or CURLE_OK if |len| was written. */ static CURLcode -socket_write(struct connectdata *conn, curl_socket_t fd, const void *to, +socket_write(struct Curl_easy *data, curl_socket_t fd, const void *to, size_t len) { const char *to_p = to; @@ -503,7 +503,7 @@ socket_write(struct connectdata *conn, curl_socket_t fd, const void *to, ssize_t written; while(len > 0) { - result = Curl_write_plain(conn, fd, to_p, len, &written); + result = Curl_write_plain(data, fd, to_p, len, &written); if(!result) { len -= written; to_p += written; @@ -556,18 +556,19 @@ buffer_read(struct krb5buffer *buf, void *data, size_t len) } /* Matches Curl_recv signature */ -static ssize_t sec_recv(struct connectdata *conn, int sockindex, +static ssize_t sec_recv(struct Curl_easy *data, int sockindex, char *buffer, size_t len, CURLcode *err) { size_t bytes_read; size_t total_read = 0; + struct connectdata *conn = data->conn; curl_socket_t fd = conn->sock[sockindex]; *err = CURLE_OK; /* Handle clear text response. */ if(conn->sec_complete == 0 || conn->data_prot == PROT_CLEAR) - return sread(fd, buffer, len); + return sread(fd, buffer, len); if(conn->in_buffer.eof_flag) { conn->in_buffer.eof_flag = 0; @@ -597,8 +598,8 @@ static ssize_t sec_recv(struct connectdata *conn, int sockindex, /* Send |length| bytes from |from| to the |fd| socket taking care of encoding and negotiating with the server. |from| can be NULL. */ -static void do_sec_send(struct connectdata *conn, curl_socket_t fd, - const char *from, int length) +static void do_sec_send(struct Curl_easy *data, struct connectdata *conn, + curl_socket_t fd, const char *from, int length) { int bytes, htonl_bytes; /* 32-bit integers for htonl */ char *buffer = NULL; @@ -622,7 +623,7 @@ static void do_sec_send(struct connectdata *conn, curl_socket_t fd, return; /* error */ if(iscmd) { - error = Curl_base64_encode(conn->data, buffer, curlx_sitouz(bytes), + error = Curl_base64_encode(data, buffer, curlx_sitouz(bytes), &cmd_buffer, &cmd_size); if(error) { free(buffer); @@ -632,27 +633,27 @@ static void do_sec_send(struct connectdata *conn, curl_socket_t fd, static const char *enc = "ENC "; static const char *mic = "MIC "; if(prot_level == PROT_PRIVATE) - socket_write(conn, fd, enc, 4); + socket_write(data, fd, enc, 4); else - socket_write(conn, fd, mic, 4); + socket_write(data, fd, mic, 4); - socket_write(conn, fd, cmd_buffer, cmd_size); - socket_write(conn, fd, "\r\n", 2); - infof(conn->data, "Send: %s%s\n", prot_level == PROT_PRIVATE?enc:mic, + socket_write(data, fd, cmd_buffer, cmd_size); + socket_write(data, fd, "\r\n", 2); + infof(data, "Send: %s%s\n", prot_level == PROT_PRIVATE?enc:mic, cmd_buffer); free(cmd_buffer); } } else { htonl_bytes = htonl(bytes); - socket_write(conn, fd, &htonl_bytes, sizeof(htonl_bytes)); - socket_write(conn, fd, buffer, curlx_sitouz(bytes)); + socket_write(data, fd, &htonl_bytes, sizeof(htonl_bytes)); + socket_write(data, fd, buffer, curlx_sitouz(bytes)); } free(buffer); } -static ssize_t sec_write(struct connectdata *conn, curl_socket_t fd, - const char *buffer, size_t length) +static ssize_t sec_write(struct Curl_easy *data, struct connectdata *conn, + curl_socket_t fd, const char *buffer, size_t length) { ssize_t tx = 0, len = conn->buffer_size; @@ -664,7 +665,7 @@ static ssize_t sec_write(struct connectdata *conn, curl_socket_t fd, if(length < (size_t)len) len = length; - do_sec_send(conn, fd, buffer, curlx_sztosi(len)); + do_sec_send(data, conn, fd, buffer, curlx_sztosi(len)); length -= len; buffer += len; tx += len; @@ -673,16 +674,17 @@ static ssize_t sec_write(struct connectdata *conn, curl_socket_t fd, } /* Matches Curl_send signature */ -static ssize_t sec_send(struct connectdata *conn, int sockindex, +static ssize_t sec_send(struct Curl_easy *data, int sockindex, const void *buffer, size_t len, CURLcode *err) { + struct connectdata *conn = data->conn; curl_socket_t fd = conn->sock[sockindex]; *err = CURLE_OK; - return sec_write(conn, fd, buffer, len); + return sec_write(data, conn, fd, buffer, len); } -int Curl_sec_read_msg(struct connectdata *conn, char *buffer, - enum protection_level level) +int Curl_sec_read_msg(struct Curl_easy *data, struct connectdata *conn, + char *buffer, enum protection_level level) { /* decoded_len should be size_t or ssize_t but conn->mech->decode returns an int */ @@ -692,6 +694,8 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer, size_t decoded_sz = 0; CURLcode error; + (void) data; + if(!conn->mech) /* not inititalized, return error */ return -1; @@ -717,7 +721,7 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer, { buf[decoded_len] = '\n'; - Curl_debug(conn->data, CURLINFO_HEADER_IN, buf, decoded_len + 1); + Curl_debug(data, CURLINFO_HEADER_IN, buf, decoded_len + 1); } buf[decoded_len] = '\0'; @@ -736,16 +740,17 @@ int Curl_sec_read_msg(struct connectdata *conn, char *buffer, return ret_code; } -static int sec_set_protection_level(struct connectdata *conn) +static int sec_set_protection_level(struct Curl_easy *data) { int code; + struct connectdata *conn = data->conn; enum protection_level level = conn->request_data_prot; DEBUGASSERT(level > PROT_NONE && level < PROT_LAST); if(!conn->sec_complete) { - infof(conn->data, "Trying to change the protection level after the" - " completion of the data exchange.\n"); + infof(data, "Trying to change the protection level after the" + " completion of the data exchange.\n"); return -1; } @@ -757,17 +762,17 @@ static int sec_set_protection_level(struct connectdata *conn) char *pbsz; static unsigned int buffer_size = 1 << 20; /* 1048576 */ - code = ftp_send_command(conn, "PBSZ %u", buffer_size); + code = ftp_send_command(data, "PBSZ %u", buffer_size); if(code < 0) return -1; if(code/100 != 2) { - failf(conn->data, "Failed to set the protection's buffer size."); + failf(data, "Failed to set the protection's buffer size."); return -1; } conn->buffer_size = buffer_size; - pbsz = strstr(conn->data->state.buffer, "PBSZ="); + pbsz = strstr(data->state.buffer, "PBSZ="); if(pbsz) { /* ignore return code, use default value if it fails */ (void)sscanf(pbsz, "PBSZ=%u", &buffer_size); @@ -777,13 +782,13 @@ static int sec_set_protection_level(struct connectdata *conn) } /* Now try to negiociate the protection level. */ - code = ftp_send_command(conn, "PROT %c", level_to_char(level)); + code = ftp_send_command(data, "PROT %c", level_to_char(level)); if(code < 0) return -1; if(code/100 != 2) { - failf(conn->data, "Failed to set the protection level."); + failf(data, "Failed to set the protection level."); return -1; } @@ -805,10 +810,9 @@ Curl_sec_request_prot(struct connectdata *conn, const char *level) return 0; } -static CURLcode choose_mech(struct connectdata *conn) +static CURLcode choose_mech(struct Curl_easy *data, struct connectdata *conn) { int ret; - struct Curl_easy *data = conn->data; void *tmp_allocation; const struct Curl_sec_client_mech *mech = &Curl_krb5_client_mech; @@ -830,7 +834,7 @@ static CURLcode choose_mech(struct connectdata *conn) } infof(data, "Trying mechanism %s...\n", mech->name); - ret = ftp_send_command(conn, "AUTH %s", mech->name); + ret = ftp_send_command(data, "AUTH %s", mech->name); if(ret < 0) return CURLE_COULDNT_CONNECT; @@ -855,7 +859,7 @@ static CURLcode choose_mech(struct connectdata *conn) } /* Authenticate */ - ret = mech->auth(conn->app_data, conn); + ret = mech->auth(conn->app_data, data, conn); if(ret != AUTH_CONTINUE) { if(ret != AUTH_OK) { @@ -873,16 +877,16 @@ static CURLcode choose_mech(struct connectdata *conn) conn->command_prot = PROT_SAFE; /* Set the requested protection level */ /* BLOCKING */ - (void)sec_set_protection_level(conn); + (void)sec_set_protection_level(data); } return CURLE_OK; } CURLcode -Curl_sec_login(struct connectdata *conn) +Curl_sec_login(struct Curl_easy *data, struct connectdata *conn) { - return choose_mech(conn); + return choose_mech(data, conn); } |