1 /***************************************************************************
3 * Project ___| | | | _ \| |
5 * | (__| |_| | _ <| |___
6 * \___|\___/|_| \_\_____|
8 * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
10 * This software is licensed as described in the file COPYING, which
11 * you should have received as part of this distribution. The terms
12 * are also available at http://curl.haxx.se/docs/copyright.html.
14 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15 * copies of the Software, and permit persons to whom the Software is
16 * furnished to do so, under the terms of the COPYING file.
18 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19 * KIND, either express or implied.
21 * RFC1734 POP3 Authentication
22 * RFC1939 POP3 protocol
23 * RFC2195 CRAM-MD5 authentication
24 * RFC2384 POP URL Scheme
25 * RFC2449 POP3 Extension Mechanism
26 * RFC2595 Using TLS with IMAP, POP3 and ACAP
27 * RFC2831 DIGEST-MD5 authentication
28 * RFC4422 Simple Authentication and Security Layer (SASL)
29 * RFC4616 PLAIN authentication
30 * RFC5034 POP3 SASL Authentication Mechanism
32 ***************************************************************************/
34 #include "curl_setup.h"
36 #ifndef CURL_DISABLE_POP3
38 #ifdef HAVE_NETINET_IN_H
39 #include <netinet/in.h>
41 #ifdef HAVE_ARPA_INET_H
42 #include <arpa/inet.h>
45 #include <sys/utsname.h>
55 #if (defined(NETWARE) && defined(__NOVELL_LIBC__))
57 #define in_addr_t unsigned long
60 #include <curl/curl.h>
68 #include "http.h" /* for HTTP proxy tunnel stuff */
72 #include "strtoofft.h"
81 #include "curl_sasl.h"
85 #define _MPRINTF_REPLACE /* use our functions only */
86 #include <curl/mprintf.h>
88 #include "curl_memory.h"
89 /* The last #include file should be: */
92 /* Local API functions */
93 static CURLcode pop3_parse_url_path(struct connectdata *conn);
94 static CURLcode pop3_parse_custom_request(struct connectdata *conn);
95 static CURLcode pop3_regular_transfer(struct connectdata *conn, bool *done);
96 static CURLcode pop3_do(struct connectdata *conn, bool *done);
97 static CURLcode pop3_done(struct connectdata *conn, CURLcode status,
99 static CURLcode pop3_connect(struct connectdata *conn, bool *done);
100 static CURLcode pop3_disconnect(struct connectdata *conn, bool dead);
101 static CURLcode pop3_multi_statemach(struct connectdata *conn, bool *done);
102 static int pop3_getsock(struct connectdata *conn, curl_socket_t *socks,
104 static CURLcode pop3_doing(struct connectdata *conn, bool *dophase_done);
105 static CURLcode pop3_setup_connection(struct connectdata *conn);
108 * POP3 protocol handler.
111 const struct Curl_handler Curl_handler_pop3 = {
113 pop3_setup_connection, /* setup_connection */
115 pop3_done, /* done */
116 ZERO_NULL, /* do_more */
117 pop3_connect, /* connect_it */
118 pop3_multi_statemach, /* connecting */
119 pop3_doing, /* doing */
120 pop3_getsock, /* proto_getsock */
121 pop3_getsock, /* doing_getsock */
122 ZERO_NULL, /* domore_getsock */
123 ZERO_NULL, /* perform_getsock */
124 pop3_disconnect, /* disconnect */
125 ZERO_NULL, /* readwrite */
126 PORT_POP3, /* defport */
127 CURLPROTO_POP3, /* protocol */
128 PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY /* flags */
133 * POP3S protocol handler.
136 const struct Curl_handler Curl_handler_pop3s = {
137 "POP3S", /* scheme */
138 pop3_setup_connection, /* setup_connection */
140 pop3_done, /* done */
141 ZERO_NULL, /* do_more */
142 pop3_connect, /* connect_it */
143 pop3_multi_statemach, /* connecting */
144 pop3_doing, /* doing */
145 pop3_getsock, /* proto_getsock */
146 pop3_getsock, /* doing_getsock */
147 ZERO_NULL, /* domore_getsock */
148 ZERO_NULL, /* perform_getsock */
149 pop3_disconnect, /* disconnect */
150 ZERO_NULL, /* readwrite */
151 PORT_POP3S, /* defport */
152 CURLPROTO_POP3 | CURLPROTO_POP3S, /* protocol */
153 PROTOPT_CLOSEACTION | PROTOPT_SSL
154 | PROTOPT_NOURLQUERY /* flags */
158 #ifndef CURL_DISABLE_HTTP
160 * HTTP-proxyed POP3 protocol handler.
163 static const struct Curl_handler Curl_handler_pop3_proxy = {
165 ZERO_NULL, /* setup_connection */
166 Curl_http, /* do_it */
167 Curl_http_done, /* done */
168 ZERO_NULL, /* do_more */
169 ZERO_NULL, /* connect_it */
170 ZERO_NULL, /* connecting */
171 ZERO_NULL, /* doing */
172 ZERO_NULL, /* proto_getsock */
173 ZERO_NULL, /* doing_getsock */
174 ZERO_NULL, /* domore_getsock */
175 ZERO_NULL, /* perform_getsock */
176 ZERO_NULL, /* disconnect */
177 ZERO_NULL, /* readwrite */
178 PORT_POP3, /* defport */
179 CURLPROTO_HTTP, /* protocol */
180 PROTOPT_NONE /* flags */
185 * HTTP-proxyed POP3S protocol handler.
188 static const struct Curl_handler Curl_handler_pop3s_proxy = {
189 "POP3S", /* scheme */
190 ZERO_NULL, /* setup_connection */
191 Curl_http, /* do_it */
192 Curl_http_done, /* done */
193 ZERO_NULL, /* do_more */
194 ZERO_NULL, /* connect_it */
195 ZERO_NULL, /* connecting */
196 ZERO_NULL, /* doing */
197 ZERO_NULL, /* proto_getsock */
198 ZERO_NULL, /* doing_getsock */
199 ZERO_NULL, /* domore_getsock */
200 ZERO_NULL, /* perform_getsock */
201 ZERO_NULL, /* disconnect */
202 ZERO_NULL, /* readwrite */
203 PORT_POP3S, /* defport */
204 CURLPROTO_HTTP, /* protocol */
205 PROTOPT_NONE /* flags */
211 static void pop3_to_pop3s(struct connectdata *conn)
213 conn->handler = &Curl_handler_pop3s;
216 #define pop3_to_pop3s(x) Curl_nop_stmt
219 /* Function that checks for an ending POP3 status code at the start of the
220 given string, but also detects the APOP timestamp from the server greeting
221 and various capabilities from the CAPA response including the supported
222 authentication types and allowed SASL mechanisms. */
223 static bool pop3_endofresp(struct connectdata *conn, char *line, size_t len,
226 struct pop3_conn *pop3c = &conn->proto.pop3c;
230 /* Do we have an error response? */
231 if(len >= 4 && !memcmp("-ERR", line, 4)) {
237 /* Are we processing servergreet responses? */
238 if(pop3c->state == POP3_SERVERGREET) {
239 /* Look for the APOP timestamp */
240 if(len >= 3 && line[len - 3] == '>') {
241 for(i = 0; i < len - 3; ++i) {
243 /* Calculate the length of the timestamp */
244 size_t timestamplen = len - 2 - i;
246 /* Allocate some memory for the timestamp */
247 pop3c->apoptimestamp = (char *)calloc(1, timestamplen + 1);
249 if(!pop3c->apoptimestamp)
252 /* Copy the timestamp */
253 memcpy(pop3c->apoptimestamp, line + i, timestamplen);
254 pop3c->apoptimestamp[timestamplen] = '\0';
260 /* Are we processing CAPA command responses? */
261 else if(pop3c->state == POP3_CAPA) {
262 /* Do we have the terminating line? */
263 if(len >= 1 && !memcmp(line, ".", 1)) {
269 /* Does the server support the STLS capability? */
270 if(len >= 4 && !memcmp(line, "STLS", 4))
271 pop3c->tls_supported = TRUE;
273 /* Does the server support clear text authentication? */
274 else if(len >= 4 && !memcmp(line, "USER", 4))
275 pop3c->authtypes |= POP3_TYPE_CLEARTEXT;
277 /* Does the server support APOP authentication? */
278 else if(len >= 4 && !memcmp(line, "APOP", 4))
279 pop3c->authtypes |= POP3_TYPE_APOP;
281 /* Does the server support SASL based authentication? */
282 else if(len >= 5 && !memcmp(line, "SASL ", 5)) {
283 pop3c->authtypes |= POP3_TYPE_SASL;
285 /* Advance past the SASL keyword */
289 /* Loop through the data line */
292 (*line == ' ' || *line == '\t' ||
293 *line == '\r' || *line == '\n')) {
302 /* Extract the word */
303 for(wordlen = 0; wordlen < len && line[wordlen] != ' ' &&
304 line[wordlen] != '\t' && line[wordlen] != '\r' &&
305 line[wordlen] != '\n';)
308 /* Test the word for a matching authentication mechanism */
309 if(wordlen == 5 && !memcmp(line, "LOGIN", 5))
310 pop3c->authmechs |= SASL_MECH_LOGIN;
311 else if(wordlen == 5 && !memcmp(line, "PLAIN", 5))
312 pop3c->authmechs |= SASL_MECH_PLAIN;
313 else if(wordlen == 8 && !memcmp(line, "CRAM-MD5", 8))
314 pop3c->authmechs |= SASL_MECH_CRAM_MD5;
315 else if(wordlen == 10 && !memcmp(line, "DIGEST-MD5", 10))
316 pop3c->authmechs |= SASL_MECH_DIGEST_MD5;
317 else if(wordlen == 6 && !memcmp(line, "GSSAPI", 6))
318 pop3c->authmechs |= SASL_MECH_GSSAPI;
319 else if(wordlen == 8 && !memcmp(line, "EXTERNAL", 8))
320 pop3c->authmechs |= SASL_MECH_EXTERNAL;
321 else if(wordlen == 4 && !memcmp(line, "NTLM", 4))
322 pop3c->authmechs |= SASL_MECH_NTLM;
332 /* Do we have a command or continuation response? */
333 if((len >= 3 && !memcmp("+OK", line, 3)) ||
334 (len >= 1 && !memcmp("+", line, 1))) {
340 return FALSE; /* Nothing for us */
343 /* This is the ONLY way to change POP3 state! */
344 static void state(struct connectdata *conn, pop3state newstate)
346 struct pop3_conn *pop3c = &conn->proto.pop3c;
347 #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
348 /* for debug purposes */
349 static const char * const names[] = {
360 "AUTH_DIGESTMD5_RESP",
362 "AUTH_NTLM_TYPE2MSG",
372 if(pop3c->state != newstate)
373 infof(conn->data, "POP3 %p state change from %s to %s\n",
374 pop3c, names[pop3c->state], names[newstate]);
377 pop3c->state = newstate;
380 static CURLcode pop3_state_capa(struct connectdata *conn)
382 CURLcode result = CURLE_OK;
383 struct pop3_conn *pop3c = &conn->proto.pop3c;
385 pop3c->authmechs = 0; /* No known authentication mechanisms yet */
386 pop3c->authused = 0; /* Clear the authentication mechanism used */
387 pop3c->tls_supported = FALSE; /* Clear the TLS capability */
389 /* Send the CAPA command */
390 result = Curl_pp_sendf(&pop3c->pp, "CAPA");
395 state(conn, POP3_CAPA);
400 static CURLcode pop3_state_starttls(struct connectdata *conn)
402 CURLcode result = CURLE_OK;
404 /* Send the STLS command */
405 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "STLS");
408 state(conn, POP3_STARTTLS);
413 static CURLcode pop3_state_upgrade_tls(struct connectdata *conn)
415 CURLcode result = CURLE_OK;
416 struct pop3_conn *pop3c = &conn->proto.pop3c;
418 /* Start the SSL connection */
419 result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &pop3c->ssldone);
422 if(pop3c->state != POP3_UPGRADETLS)
423 state(conn, POP3_UPGRADETLS);
427 result = pop3_state_capa(conn);
434 static CURLcode pop3_state_user(struct connectdata *conn)
436 CURLcode result = CURLE_OK;
438 /* Check we have a username and password to authenticate with and end the
439 connect phase if we don't */
440 if(!conn->bits.user_passwd) {
441 state(conn, POP3_STOP);
446 /* Send the USER command */
447 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "USER %s",
448 conn->user ? conn->user : "");
452 state(conn, POP3_USER);
457 #ifndef CURL_DISABLE_CRYPTO_AUTH
458 static CURLcode pop3_state_apop(struct connectdata *conn)
460 CURLcode result = CURLE_OK;
461 struct pop3_conn *pop3c = &conn->proto.pop3c;
464 unsigned char digest[MD5_DIGEST_LEN];
465 char secret[2 * MD5_DIGEST_LEN + 1];
467 /* Check we have a username and password to authenticate with and end the
468 connect phase if we don't */
469 if(!conn->bits.user_passwd) {
470 state(conn, POP3_STOP);
475 /* Create the digest */
476 ctxt = Curl_MD5_init(Curl_DIGEST_MD5);
478 return CURLE_OUT_OF_MEMORY;
480 Curl_MD5_update(ctxt, (const unsigned char *) pop3c->apoptimestamp,
481 curlx_uztoui(strlen(pop3c->apoptimestamp)));
483 Curl_MD5_update(ctxt, (const unsigned char *) conn->passwd,
484 curlx_uztoui(strlen(conn->passwd)));
486 /* Finalise the digest */
487 Curl_MD5_final(ctxt, digest);
489 /* Convert the calculated 16 octet digest into a 32 byte hex string */
490 for(i = 0; i < MD5_DIGEST_LEN; i++)
491 snprintf(&secret[2 * i], 3, "%02x", digest[i]);
493 result = Curl_pp_sendf(&pop3c->pp, "APOP %s %s", conn->user, secret);
496 state(conn, POP3_APOP);
502 static CURLcode pop3_authenticate(struct connectdata *conn)
504 CURLcode result = CURLE_OK;
505 struct pop3_conn *pop3c = &conn->proto.pop3c;
506 const char *mech = NULL;
507 pop3state authstate = POP3_STOP;
509 /* Check we have a username and password to authenticate with and end the
510 connect phase if we don't */
511 if(!conn->bits.user_passwd) {
512 state(conn, POP3_STOP);
517 /* Calculate the supported authentication mechanism by decreasing order of
519 if(pop3c->authtypes & POP3_TYPE_SASL) {
520 #ifndef CURL_DISABLE_CRYPTO_AUTH
521 if(pop3c->authmechs & SASL_MECH_DIGEST_MD5) {
523 authstate = POP3_AUTH_DIGESTMD5;
524 pop3c->authused = SASL_MECH_DIGEST_MD5;
526 else if(pop3c->authmechs & SASL_MECH_CRAM_MD5) {
528 authstate = POP3_AUTH_CRAMMD5;
529 pop3c->authused = SASL_MECH_CRAM_MD5;
534 if(pop3c->authmechs & SASL_MECH_NTLM) {
536 authstate = POP3_AUTH_NTLM;
537 pop3c->authused = SASL_MECH_NTLM;
541 if(pop3c->authmechs & SASL_MECH_LOGIN) {
543 authstate = POP3_AUTH_LOGIN;
544 pop3c->authused = SASL_MECH_LOGIN;
546 else if(pop3c->authmechs & SASL_MECH_PLAIN) {
548 authstate = POP3_AUTH_PLAIN;
549 pop3c->authused = SASL_MECH_PLAIN;
554 /* Perform SASL based authentication */
555 result = Curl_pp_sendf(&pop3c->pp, "AUTH %s", mech);
558 state(conn, authstate);
560 #ifndef CURL_DISABLE_CRYPTO_AUTH
561 else if(pop3c->authtypes & POP3_TYPE_APOP)
562 /* Perform APOP authentication */
563 result = pop3_state_apop(conn);
565 else if(pop3c->authtypes & POP3_TYPE_CLEARTEXT)
566 /* Perform clear text authentication */
567 result = pop3_state_user(conn);
569 /* Other mechanisms not supported */
570 infof(conn->data, "No known authentication mechanisms supported!\n");
571 result = CURLE_LOGIN_DENIED;
577 /* For the initial server greeting */
578 static CURLcode pop3_state_servergreet_resp(struct connectdata *conn,
582 CURLcode result = CURLE_OK;
583 struct SessionHandle *data = conn->data;
585 (void)instate; /* no use for this yet */
587 if(pop3code != '+') {
588 failf(data, "Got unexpected pop3-server response");
589 return CURLE_FTP_WEIRD_SERVER_REPLY;
592 result = pop3_state_capa(conn);
597 /* For CAPA responses */
598 static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code,
601 CURLcode result = CURLE_OK;
602 struct SessionHandle *data = conn->data;
603 struct pop3_conn *pop3c = &conn->proto.pop3c;
605 (void)instate; /* no use for this yet */
608 result = pop3_state_user(conn);
609 else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
610 /* We don't have a SSL/TLS connection yet, but SSL is requested */
611 if(pop3c->tls_supported)
612 /* Switch to TLS connection now */
613 result = pop3_state_starttls(conn);
614 else if(data->set.use_ssl == CURLUSESSL_TRY)
615 /* Fallback and carry on with authentication */
616 result = pop3_authenticate(conn);
618 failf(data, "STLS not supported.");
619 result = CURLE_USE_SSL_FAILED;
623 result = pop3_authenticate(conn);
628 /* For STARTTLS responses */
629 static CURLcode pop3_state_starttls_resp(struct connectdata *conn,
633 CURLcode result = CURLE_OK;
634 struct SessionHandle *data = conn->data;
636 (void)instate; /* no use for this yet */
638 if(pop3code != '+') {
639 if(data->set.use_ssl != CURLUSESSL_TRY) {
640 failf(data, "STARTTLS denied. %c", pop3code);
641 result = CURLE_USE_SSL_FAILED;
644 result = pop3_authenticate(conn);
647 result = pop3_state_upgrade_tls(conn);
652 /* For AUTH PLAIN responses */
653 static CURLcode pop3_state_auth_plain_resp(struct connectdata *conn,
657 CURLcode result = CURLE_OK;
658 struct SessionHandle *data = conn->data;
660 char *plainauth = NULL;
662 (void)instate; /* no use for this yet */
664 if(pop3code != '+') {
665 failf(data, "Access denied. %c", pop3code);
666 result = CURLE_LOGIN_DENIED;
669 /* Create the authorisation message */
670 result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
673 /* Send the message */
676 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", plainauth);
679 state(conn, POP3_AUTH);
682 Curl_safefree(plainauth);
689 /* For AUTH LOGIN responses */
690 static CURLcode pop3_state_auth_login_resp(struct connectdata *conn,
694 CURLcode result = CURLE_OK;
695 struct SessionHandle *data = conn->data;
697 char *authuser = NULL;
699 (void)instate; /* no use for this yet */
701 if(pop3code != '+') {
702 failf(data, "Access denied: %d", pop3code);
703 result = CURLE_LOGIN_DENIED;
706 /* Create the user message */
707 result = Curl_sasl_create_login_message(data, conn->user,
713 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", authuser);
716 state(conn, POP3_AUTH_LOGIN_PASSWD);
719 Curl_safefree(authuser);
726 /* For AUTH LOGIN user entry responses */
727 static CURLcode pop3_state_auth_login_password_resp(struct connectdata *conn,
731 CURLcode result = CURLE_OK;
732 struct SessionHandle *data = conn->data;
734 char *authpasswd = NULL;
736 (void)instate; /* no use for this yet */
738 if(pop3code != '+') {
739 failf(data, "Access denied: %d", pop3code);
740 result = CURLE_LOGIN_DENIED;
743 /* Create the password message */
744 result = Curl_sasl_create_login_message(data, conn->passwd,
747 /* Send the password */
750 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", authpasswd);
753 state(conn, POP3_AUTH);
756 Curl_safefree(authpasswd);
763 #ifndef CURL_DISABLE_CRYPTO_AUTH
764 /* For AUTH CRAM-MD5 responses */
765 static CURLcode pop3_state_auth_cram_resp(struct connectdata *conn,
769 CURLcode result = CURLE_OK;
770 struct SessionHandle *data = conn->data;
771 char *chlg64 = data->state.buffer;
773 char *rplyb64 = NULL;
775 (void)instate; /* no use for this yet */
777 if(pop3code != '+') {
778 failf(data, "Access denied: %d", pop3code);
779 return CURLE_LOGIN_DENIED;
782 /* Get the challenge */
783 for(chlg64 += 2; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++)
786 /* Terminate the challenge */
788 for(len = strlen(chlg64); len--;)
789 if(chlg64[len] != '\r' && chlg64[len] != '\n' && chlg64[len] != ' ' &&
798 /* Create the response message */
799 result = Curl_sasl_create_cram_md5_message(data, chlg64, conn->user,
800 conn->passwd, &rplyb64, &len);
802 /* Send the response */
805 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64);
808 state(conn, POP3_AUTH);
811 Curl_safefree(rplyb64);
817 /* For AUTH DIGEST-MD5 challenge responses */
818 static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn,
822 CURLcode result = CURLE_OK;
823 struct SessionHandle *data = conn->data;
824 char *chlg64 = data->state.buffer;
826 char *rplyb64 = NULL;
828 (void)instate; /* no use for this yet */
830 if(pop3code != '+') {
831 failf(data, "Access denied: %d", pop3code);
832 return CURLE_LOGIN_DENIED;
835 /* Get the challenge */
836 for(chlg64 += 2; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++)
839 /* Create the response message */
840 result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user,
844 /* Send the response */
847 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64);
850 state(conn, POP3_AUTH_DIGESTMD5_RESP);
853 Curl_safefree(rplyb64);
859 /* For AUTH DIGEST-MD5 challenge-response responses */
860 static CURLcode pop3_state_auth_digest_resp_resp(struct connectdata *conn,
864 CURLcode result = CURLE_OK;
865 struct SessionHandle *data = conn->data;
867 (void)instate; /* no use for this yet */
869 if(pop3code != '+') {
870 failf(data, "Authentication failed: %d", pop3code);
871 result = CURLE_LOGIN_DENIED;
874 /* Send an empty response */
875 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "");
878 state(conn, POP3_AUTH);
886 /* For AUTH NTLM responses */
887 static CURLcode pop3_state_auth_ntlm_resp(struct connectdata *conn,
891 CURLcode result = CURLE_OK;
892 struct SessionHandle *data = conn->data;
894 char *type1msg = NULL;
896 (void)instate; /* no use for this yet */
898 if(pop3code != '+') {
899 failf(data, "Access denied: %d", pop3code);
900 result = CURLE_LOGIN_DENIED;
903 /* Create the type-1 message */
904 result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
908 /* Send the message */
911 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", type1msg);
914 state(conn, POP3_AUTH_NTLM_TYPE2MSG);
917 Curl_safefree(type1msg);
924 /* For NTLM type-2 responses (sent in reponse to our type-1 message) */
925 static CURLcode pop3_state_auth_ntlm_type2msg_resp(struct connectdata *conn,
929 CURLcode result = CURLE_OK;
930 struct SessionHandle *data = conn->data;
932 char *type3msg = NULL;
934 (void)instate; /* no use for this yet */
936 if(pop3code != '+') {
937 failf(data, "Access denied: %d", pop3code);
938 result = CURLE_LOGIN_DENIED;
941 /* Create the type-3 message */
942 result = Curl_sasl_create_ntlm_type3_message(data,
943 data->state.buffer + 2,
944 conn->user, conn->passwd,
948 /* Send the message */
951 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", type3msg);
954 state(conn, POP3_AUTH);
957 Curl_safefree(type3msg);
965 /* For final responses to the AUTH sequence */
966 static CURLcode pop3_state_auth_final_resp(struct connectdata *conn,
970 CURLcode result = CURLE_OK;
971 struct SessionHandle *data = conn->data;
973 (void)instate; /* no use for this yet */
975 if(pop3code != '+') {
976 failf(data, "Authentication failed: %d", pop3code);
977 result = CURLE_LOGIN_DENIED;
980 /* End of connect phase */
981 state(conn, POP3_STOP);
986 #ifndef CURL_DISABLE_CRYPTO_AUTH
987 static CURLcode pop3_state_apop_resp(struct connectdata *conn, int pop3code,
990 CURLcode result = CURLE_OK;
991 struct SessionHandle *data = conn->data;
993 (void)instate; /* no use for this yet */
995 if(pop3code != '+') {
996 failf(data, "Authentication failed: %d", pop3code);
997 result = CURLE_LOGIN_DENIED;
1000 /* End of connect phase */
1001 state(conn, POP3_STOP);
1007 /* For USER responses */
1008 static CURLcode pop3_state_user_resp(struct connectdata *conn, int pop3code,
1011 CURLcode result = CURLE_OK;
1012 struct SessionHandle *data = conn->data;
1014 (void)instate; /* no use for this yet */
1016 if(pop3code != '+') {
1017 failf(data, "Access denied. %c", pop3code);
1018 result = CURLE_LOGIN_DENIED;
1021 /* Send the PASS command */
1022 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "PASS %s",
1023 conn->passwd ? conn->passwd : "");
1027 state(conn, POP3_PASS);
1032 /* For PASS responses */
1033 static CURLcode pop3_state_pass_resp(struct connectdata *conn, int pop3code,
1036 CURLcode result = CURLE_OK;
1037 struct SessionHandle *data = conn->data;
1039 (void)instate; /* no use for this yet */
1041 if(pop3code != '+') {
1042 failf(data, "Access denied. %c", pop3code);
1043 result = CURLE_LOGIN_DENIED;
1046 /* End of connect phase */
1047 state(conn, POP3_STOP);
1052 /* Start the DO phase for the command */
1053 static CURLcode pop3_command(struct connectdata *conn)
1055 CURLcode result = CURLE_OK;
1056 struct SessionHandle *data = conn->data;
1057 struct POP3 *pop3 = data->state.proto.pop3;
1058 const char *command = NULL;
1060 /* Calculate the default command */
1061 if(pop3->mailbox[0] == '\0' || conn->data->set.ftp_list_only) {
1064 if(pop3->mailbox[0] != '\0')
1065 /* Message specific LIST so skip the BODY transfer */
1066 pop3->transfer = FTPTRANSFER_INFO;
1071 /* Send the command */
1072 if(pop3->mailbox[0] != '\0')
1073 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s %s",
1074 (pop3->custom && pop3->custom[0] != '\0' ?
1075 pop3->custom : command), pop3->mailbox);
1077 result = Curl_pp_sendf(&conn->proto.pop3c.pp,
1078 (pop3->custom && pop3->custom[0] != '\0' ?
1079 pop3->custom : command));
1084 state(conn, POP3_COMMAND);
1089 /* For command responses */
1090 static CURLcode pop3_state_command_resp(struct connectdata *conn,
1094 CURLcode result = CURLE_OK;
1095 struct SessionHandle *data = conn->data;
1096 struct POP3 *pop3 = data->state.proto.pop3;
1097 struct pop3_conn *pop3c = &conn->proto.pop3c;
1098 struct pingpong *pp = &pop3c->pp;
1100 (void)instate; /* no use for this yet */
1102 if(pop3code != '+') {
1103 state(conn, POP3_STOP);
1104 return CURLE_RECV_ERROR;
1107 /* This 'OK' line ends with a CR LF pair which is the two first bytes of the
1108 EOB string so count this is two matching bytes. This is necessary to make
1109 the code detect the EOB if the only data than comes now is %2e CR LF like
1110 when there is no body to return. */
1113 /* But since this initial CR LF pair is not part of the actual body, we set
1114 the strip counter here so that these bytes won't be delivered. */
1118 Curl_setup_transfer(conn, FIRSTSOCKET, -1, FALSE, pop3->bytecountp,
1119 -1, NULL); /* no upload here */
1122 /* The header "cache" contains a bunch of data that is actually body
1123 content so send it as such. Note that there may even be additional
1124 "headers" after the body */
1126 if(!data->set.opt_no_body) {
1127 result = Curl_pop3_write(conn, pp->cache, pp->cache_size);
1132 /* Free the cache */
1133 Curl_safefree(pp->cache);
1135 /* Reset the cache size */
1139 /* End of do phase */
1140 state(conn, POP3_STOP);
1145 static CURLcode pop3_statemach_act(struct connectdata *conn)
1147 CURLcode result = CURLE_OK;
1148 curl_socket_t sock = conn->sock[FIRSTSOCKET];
1150 struct pop3_conn *pop3c = &conn->proto.pop3c;
1151 struct pingpong *pp = &pop3c->pp;
1154 /* Busy upgrading the connection; right now all I/O is SSL/TLS, not POP3 */
1155 if(pop3c->state == POP3_UPGRADETLS)
1156 return pop3_state_upgrade_tls(conn);
1158 /* Flush any data that needs to be sent */
1160 return Curl_pp_flushsend(pp);
1162 /* Read the response from the server */
1163 result = Curl_pp_readresp(sock, pp, &pop3code, &nread);
1168 /* We have now received a full POP3 server response */
1169 switch(pop3c->state) {
1170 case POP3_SERVERGREET:
1171 result = pop3_state_servergreet_resp(conn, pop3code, pop3c->state);
1175 result = pop3_state_capa_resp(conn, pop3code, pop3c->state);
1179 result = pop3_state_starttls_resp(conn, pop3code, pop3c->state);
1182 case POP3_AUTH_PLAIN:
1183 result = pop3_state_auth_plain_resp(conn, pop3code, pop3c->state);
1186 case POP3_AUTH_LOGIN:
1187 result = pop3_state_auth_login_resp(conn, pop3code, pop3c->state);
1190 case POP3_AUTH_LOGIN_PASSWD:
1191 result = pop3_state_auth_login_password_resp(conn, pop3code,
1195 #ifndef CURL_DISABLE_CRYPTO_AUTH
1196 case POP3_AUTH_CRAMMD5:
1197 result = pop3_state_auth_cram_resp(conn, pop3code, pop3c->state);
1200 case POP3_AUTH_DIGESTMD5:
1201 result = pop3_state_auth_digest_resp(conn, pop3code, pop3c->state);
1204 case POP3_AUTH_DIGESTMD5_RESP:
1205 result = pop3_state_auth_digest_resp_resp(conn, pop3code, pop3c->state);
1210 case POP3_AUTH_NTLM:
1211 result = pop3_state_auth_ntlm_resp(conn, pop3code, pop3c->state);
1214 case POP3_AUTH_NTLM_TYPE2MSG:
1215 result = pop3_state_auth_ntlm_type2msg_resp(conn, pop3code,
1221 result = pop3_state_auth_final_resp(conn, pop3code, pop3c->state);
1224 #ifndef CURL_DISABLE_CRYPTO_AUTH
1226 result = pop3_state_apop_resp(conn, pop3code, pop3c->state);
1231 result = pop3_state_user_resp(conn, pop3code, pop3c->state);
1235 result = pop3_state_pass_resp(conn, pop3code, pop3c->state);
1239 result = pop3_state_command_resp(conn, pop3code, pop3c->state);
1243 /* fallthrough, just stop! */
1245 /* internal error */
1246 state(conn, POP3_STOP);
1254 /* Called repeatedly until done from multi.c */
1255 static CURLcode pop3_multi_statemach(struct connectdata *conn, bool *done)
1257 CURLcode result = CURLE_OK;
1258 struct pop3_conn *pop3c = &conn->proto.pop3c;
1260 if((conn->handler->flags & PROTOPT_SSL) && !pop3c->ssldone)
1261 result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &pop3c->ssldone);
1263 result = Curl_pp_statemach(&pop3c->pp, FALSE);
1265 *done = (pop3c->state == POP3_STOP) ? TRUE : FALSE;
1270 static CURLcode pop3_block_statemach(struct connectdata *conn)
1272 CURLcode result = CURLE_OK;
1273 struct pop3_conn *pop3c = &conn->proto.pop3c;
1275 while(pop3c->state != POP3_STOP) {
1276 result = Curl_pp_statemach(&pop3c->pp, TRUE);
1284 /* Allocate and initialize the POP3 struct for the current SessionHandle if
1286 static CURLcode pop3_init(struct connectdata *conn)
1288 struct SessionHandle *data = conn->data;
1289 struct POP3 *pop3 = data->state.proto.pop3;
1292 pop3 = data->state.proto.pop3 = calloc(sizeof(struct POP3), 1);
1294 return CURLE_OUT_OF_MEMORY;
1297 /* Get some initial data into the pop3 struct */
1298 pop3->bytecountp = &data->req.bytecount;
1303 /* For the POP3 "protocol connect" and "doing" phases only */
1304 static int pop3_getsock(struct connectdata *conn, curl_socket_t *socks,
1307 return Curl_pp_getsock(&conn->proto.pop3c.pp, socks, numsocks);
1310 /***********************************************************************
1314 * This function should do everything that is to be considered a part of the
1317 * The variable 'done' points to will be TRUE if the protocol-layer connect
1318 * phase is done when this function returns, or FALSE is not. When called as
1319 * a part of the easy interface, it will always be TRUE.
1321 static CURLcode pop3_connect(struct connectdata *conn, bool *done)
1323 CURLcode result = CURLE_OK;
1324 struct pop3_conn *pop3c = &conn->proto.pop3c;
1325 struct pingpong *pp = &pop3c->pp;
1327 *done = FALSE; /* default to not done yet */
1329 /* If there already is a protocol-specific struct allocated for this
1330 sessionhandle, deal with it */
1331 Curl_reset_reqproto(conn);
1333 /* Initialise the POP3 layer */
1334 result = pop3_init(conn);
1338 /* We always support persistent connections in POP3 */
1339 conn->bits.close = FALSE;
1341 /* Set the default response time-out */
1342 pp->response_time = RESP_TIMEOUT;
1343 pp->statemach_act = pop3_statemach_act;
1344 pp->endofresp = pop3_endofresp;
1347 /* Initialise the pingpong layer */
1350 /* Start off waiting for the server greeting response */
1351 state(conn, POP3_SERVERGREET);
1353 result = pop3_multi_statemach(conn, done);
1358 /***********************************************************************
1362 * The DONE function. This does what needs to be done after a single DO has
1365 * Input argument is already checked for validity.
1367 static CURLcode pop3_done(struct connectdata *conn, CURLcode status,
1370 CURLcode result = CURLE_OK;
1371 struct SessionHandle *data = conn->data;
1372 struct POP3 *pop3 = data->state.proto.pop3;
1377 /* When the easy handle is removed from the multi while libcurl is still
1378 * trying to resolve the host name, it seems that the POP3 struct is not
1379 * yet initialized, but the removal action calls Curl_done() which calls
1380 * this function. So we simply return success if no POP3 pointer is set.
1385 conn->bits.close = TRUE; /* marked for closure */
1386 result = status; /* use the already set error code */
1389 /* Cleanup our per-request based variables */
1390 Curl_safefree(pop3->mailbox);
1391 Curl_safefree(pop3->custom);
1393 /* Clear the transfer mode for the next request */
1394 pop3->transfer = FTPTRANSFER_BODY;
1399 /***********************************************************************
1403 * This is the actual DO function for POP3. Get a message/listing according to
1404 * the options previously setup.
1406 static CURLcode pop3_perform(struct connectdata *conn, bool *connected,
1409 /* This is POP3 and no proxy */
1410 CURLcode result = CURLE_OK;
1412 DEBUGF(infof(conn->data, "DO phase starts\n"));
1414 if(conn->data->set.opt_no_body) {
1415 /* Requested no body means no transfer */
1416 struct POP3 *pop3 = conn->data->state.proto.pop3;
1417 pop3->transfer = FTPTRANSFER_INFO;
1420 *dophase_done = FALSE; /* not done yet */
1422 /* Start the first command in the DO phase */
1423 result = pop3_command(conn);
1427 /* Run the state-machine */
1428 result = pop3_multi_statemach(conn, dophase_done);
1430 *connected = conn->bits.tcpconnect[FIRSTSOCKET];
1433 DEBUGF(infof(conn->data, "DO phase is complete\n"));
1438 /***********************************************************************
1442 * This function is registered as 'curl_do' function. It decodes the path
1443 * parts etc as a wrapper to the actual DO function (pop3_perform).
1445 * The input argument is already checked for validity.
1447 static CURLcode pop3_do(struct connectdata *conn, bool *done)
1449 CURLcode result = CURLE_OK;
1451 *done = FALSE; /* default to false */
1454 Since connections can be re-used between SessionHandles, this might be a
1455 connection already existing but on a fresh SessionHandle struct so we must
1456 make sure we have a good 'struct POP3' to play with. For new connections,
1457 the struct POP3 is allocated and setup in the pop3_connect() function.
1459 Curl_reset_reqproto(conn);
1460 result = pop3_init(conn);
1464 /* Parse the URL path */
1465 result = pop3_parse_url_path(conn);
1469 /* Parse the custom request */
1470 result = pop3_parse_custom_request(conn);
1474 result = pop3_regular_transfer(conn, done);
1479 /***********************************************************************
1483 * This should be called before calling sclose(). We should then wait for the
1484 * response from the server before returning. The calling code should then try
1485 * to close the connection.
1487 static CURLcode pop3_quit(struct connectdata *conn)
1489 CURLcode result = CURLE_OK;
1491 result = Curl_pp_sendf(&conn->proto.pop3c.pp, "QUIT", NULL);
1495 state(conn, POP3_QUIT);
1497 result = pop3_block_statemach(conn);
1502 /***********************************************************************
1506 * Disconnect from an POP3 server. Cleanup protocol-specific per-connection
1507 * resources. BLOCKING.
1509 static CURLcode pop3_disconnect(struct connectdata *conn,
1510 bool dead_connection)
1512 struct pop3_conn *pop3c = &conn->proto.pop3c;
1514 /* We cannot send quit unconditionally. If this connection is stale or
1515 bad in any way, sending quit and waiting around here will make the
1516 disconnect wait in vain and cause more problems than we need to */
1518 /* The POP3 session may or may not have been allocated/setup at this
1520 if(!dead_connection && pop3c->pp.conn)
1521 (void)pop3_quit(conn); /* ignore errors on QUIT */
1523 /* Disconnect from the server */
1524 Curl_pp_disconnect(&pop3c->pp);
1526 /* Cleanup the SASL module */
1527 Curl_sasl_cleanup(conn, pop3c->authused);
1529 /* Cleanup our connection based variables */
1530 Curl_safefree(pop3c->apoptimestamp);
1535 /***********************************************************************
1537 * pop3_parse_url_path()
1539 * Parse the URL path into separate path components.
1541 static CURLcode pop3_parse_url_path(struct connectdata *conn)
1543 /* The POP3 struct is already initialised in pop3_connect() */
1544 struct SessionHandle *data = conn->data;
1545 struct POP3 *pop3 = data->state.proto.pop3;
1546 const char *path = data->state.path;
1548 /* URL decode the path and use this mailbox */
1549 return Curl_urldecode(data, path, 0, &pop3->mailbox, NULL, TRUE);
1552 static CURLcode pop3_parse_custom_request(struct connectdata *conn)
1554 CURLcode result = CURLE_OK;
1555 struct SessionHandle *data = conn->data;
1556 struct POP3 *pop3 = data->state.proto.pop3;
1557 const char *custom = conn->data->set.str[STRING_CUSTOMREQUEST];
1559 /* URL decode the custom request */
1561 result = Curl_urldecode(data, custom, 0, &pop3->custom, NULL, TRUE);
1566 /* Call this when the DO phase has completed */
1567 static CURLcode pop3_dophase_done(struct connectdata *conn, bool connected)
1569 struct POP3 *pop3 = conn->data->state.proto.pop3;
1573 if(pop3->transfer != FTPTRANSFER_BODY)
1574 /* no data to transfer */
1575 Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
1580 /* Called from multi.c while DOing */
1581 static CURLcode pop3_doing(struct connectdata *conn, bool *dophase_done)
1583 CURLcode result = pop3_multi_statemach(conn, dophase_done);
1586 DEBUGF(infof(conn->data, "DO phase failed\n"));
1589 result = pop3_dophase_done(conn, FALSE /* not connected */);
1591 DEBUGF(infof(conn->data, "DO phase is complete\n"));
1598 /***********************************************************************
1600 * pop3_regular_transfer()
1602 * The input argument is already checked for validity.
1604 * Performs all commands done before a regular transfer between a local and a
1607 static CURLcode pop3_regular_transfer(struct connectdata *conn,
1610 CURLcode result = CURLE_OK;
1611 bool connected = FALSE;
1612 struct SessionHandle *data = conn->data;
1614 /* Make sure size is unknown at this point */
1615 data->req.size = -1;
1617 Curl_pgrsSetUploadCounter(data, 0);
1618 Curl_pgrsSetDownloadCounter(data, 0);
1619 Curl_pgrsSetUploadSize(data, 0);
1620 Curl_pgrsSetDownloadSize(data, 0);
1622 result = pop3_perform(conn, &connected, dophase_done);
1626 /* The DO phase has not completed yet */
1629 result = pop3_dophase_done(conn, connected);
1635 static CURLcode pop3_setup_connection(struct connectdata * conn)
1637 struct SessionHandle *data = conn->data;
1639 if(conn->bits.httpproxy && !data->set.tunnel_thru_httpproxy) {
1640 /* Unless we have asked to tunnel POP3 operations through the proxy, we
1641 switch and use HTTP operations only */
1642 #ifndef CURL_DISABLE_HTTP
1643 if(conn->handler == &Curl_handler_pop3)
1644 conn->handler = &Curl_handler_pop3_proxy;
1647 conn->handler = &Curl_handler_pop3s_proxy;
1649 failf(data, "POP3S not supported!");
1650 return CURLE_UNSUPPORTED_PROTOCOL;
1654 /* We explicitly mark this connection as persistent here as we're doing
1655 POP3 over HTTP and thus we accidentally avoid setting this value
1657 conn->bits.close = FALSE;
1659 failf(data, "POP3 over http proxy requires HTTP support built-in!");
1660 return CURLE_UNSUPPORTED_PROTOCOL;
1664 data->state.path++; /* don't include the initial slash */
1669 /* This function scans the body after the end-of-body and writes everything
1670 until the end is found */
1671 CURLcode Curl_pop3_write(struct connectdata *conn, char *str, size_t nread)
1673 /* This code could be made into a special function in the handler struct */
1674 CURLcode result = CURLE_OK;
1675 struct SessionHandle *data = conn->data;
1676 struct SingleRequest *k = &data->req;
1678 struct pop3_conn *pop3c = &conn->proto.pop3c;
1679 bool strip_dot = FALSE;
1683 /* Search through the buffer looking for the end-of-body marker which is
1684 5 bytes (0d 0a 2e 0d 0a). Note that a line starting with a dot matches
1685 the eob so the server will have prefixed it with an extra dot which we
1686 need to strip out. Additionally the marker could of course be spread out
1687 over 5 different data chunks */
1688 for(i = 0; i < nread; i++) {
1689 size_t prev = pop3c->eob;
1693 if(pop3c->eob == 0) {
1697 /* Write out the body part that didn't match */
1698 result = Curl_client_write(conn, CLIENTWRITE_BODY, &str[last],
1707 else if(pop3c->eob == 3)
1710 /* If the character match wasn't at position 0 or 3 then restart the
1716 if(pop3c->eob == 1 || pop3c->eob == 4)
1719 /* If the character match wasn't at position 1 or 4 then start the
1727 else if(pop3c->eob == 3) {
1728 /* We have an extra dot after the CRLF which we need to strip off */
1733 /* If the character match wasn't at position 2 then start the search
1743 /* Did we have a partial match which has subsequently failed? */
1744 if(prev && prev >= pop3c->eob) {
1745 /* Strip can only be non-zero for the very first mismatch after CRLF
1746 and then both prev and strip are equal and nothing will be output
1748 while(prev && pop3c->strip) {
1754 /* If the partial match was the CRLF and dot then only write the CRLF
1755 as the server would have inserted the dot */
1756 result = Curl_client_write(conn, CLIENTWRITE_BODY, (char*)POP3_EOB,
1757 strip_dot ? prev - 1 : prev);
1768 if(pop3c->eob == POP3_EOB_LEN) {
1769 /* We have a full match so the transfer is done, however we must transfer
1770 the CRLF at the start of the EOB as this is considered to be part of the
1771 message as per RFC-1939, sect. 3 */
1772 result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)POP3_EOB, 2);
1774 k->keepon &= ~KEEP_RECV;
1781 /* While EOB is matching nothing should be output */
1785 result = Curl_client_write(conn, CLIENTWRITE_BODY, &str[last],
1792 #endif /* CURL_DISABLE_POP3 */