* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* RFC3207 SMTP over TLS
* RFC4422 Simple Authentication and Security Layer (SASL)
* RFC4616 PLAIN authentication
+ * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism
* RFC4954 SMTP Authentication
* RFC5321 SMTP protocol
+ * RFC6749 OAuth 2.0 Authorization Framework
+ * Draft SMTP URL Interface <draft-earhart-url-smtp-00.txt>
+ * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
*
***************************************************************************/
#include <curl/curl.h>
#include "urldata.h"
#include "sendf.h"
-#include "if2ip.h"
#include "hostip.h"
#include "progress.h"
#include "transfer.h"
#include "strtoofft.h"
#include "strequal.h"
-#include "sslgen.h"
+#include "vtls/vtls.h"
#include "connect.h"
#include "strerror.h"
#include "select.h"
int numsocks);
static CURLcode smtp_doing(struct connectdata *conn, bool *dophase_done);
static CURLcode smtp_setup_connection(struct connectdata *conn);
+static CURLcode smtp_parse_url_options(struct connectdata *conn);
+static CURLcode smtp_parse_url_path(struct connectdata *conn);
+static CURLcode smtp_parse_custom_request(struct connectdata *conn);
+static CURLcode smtp_calc_sasl_details(struct connectdata *conn,
+ const char **mech,
+ char **initresp, size_t *len,
+ smtpstate *state1, smtpstate *state2);
/*
* SMTP protocol handler.
smtp_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
PORT_SMTPS, /* defport */
- CURLPROTO_SMTP | CURLPROTO_SMTPS, /* protocol */
+ CURLPROTO_SMTPS, /* protocol */
PROTOPT_CLOSEACTION | PROTOPT_SSL
| PROTOPT_NOURLQUERY /* flags */
};
static const struct Curl_handler Curl_handler_smtp_proxy = {
"SMTP", /* scheme */
- ZERO_NULL, /* setup_connection */
+ Curl_http_setup_conn, /* setup_connection */
Curl_http, /* do_it */
Curl_http_done, /* done */
ZERO_NULL, /* do_more */
static const struct Curl_handler Curl_handler_smtps_proxy = {
"SMTPS", /* scheme */
- ZERO_NULL, /* setup_connection */
+ Curl_http_setup_conn, /* setup_connection */
Curl_http, /* do_it */
Curl_http_done, /* done */
ZERO_NULL, /* do_more */
#define smtp_to_smtps(x) Curl_nop_stmt
#endif
-/* Function that checks for an ending SMTP status code at the start of the
- given string, but also detects various capabilities from the EHLO response
- including the supported authentication mechanisms. */
+/***********************************************************************
+ *
+ * smtp_endofresp()
+ *
+ * Checks for an ending SMTP status code at the start of the given string, but
+ * also detects various capabilities from the EHLO response including the
+ * supported authentication mechanisms.
+ */
static bool smtp_endofresp(struct connectdata *conn, char *line, size_t len,
int *resp)
{
struct smtp_conn *smtpc = &conn->proto.smtpc;
bool result = FALSE;
- size_t wordlen;
+ /* Nothing for us */
if(len < 4 || !ISDIGIT(line[0]) || !ISDIGIT(line[1]) || !ISDIGIT(line[2]))
- return FALSE; /* Nothing for us */
-
- /* Do we have a command response? */
- result = (line[3] == ' ') ? TRUE : FALSE;
- if(result)
+ return FALSE;
+
+ /* Do we have a command response? This should be the response code followed
+ by a space and optionally some text as per RFC-5321 and as outlined in
+ Section 4. Examples of RFC-4954 but some e-mail servers ignore this and
+ only send the response code instead as per Section 4.2. */
+ if(line[3] == ' ' || len == 5) {
+ result = TRUE;
*resp = curlx_sltosi(strtol(line, NULL, 10));
- /* Are we processing EHLO command data? */
- if(smtpc->state == SMTP_EHLO && (!result || (result && *resp/100 == 2))) {
- line += 4;
- len -= 4;
-
- /* Does the server support the STARTTLS capability? */
- if(len >= 8 && !memcmp(line, "STARTTLS", 8))
- smtpc->tls_supported = TRUE;
-
- /* Does the server support the SIZE capability? */
- else if(len >= 4 && !memcmp(line, "SIZE", 4))
- smtpc->size_supported = TRUE;
-
- /* Do we have the authentication mechanism list? */
- else if(len >= 5 && !memcmp(line, "AUTH ", 5)) {
- line += 5;
- len -= 5;
-
- /* Loop through the data line */
- for(;;) {
- while(len &&
- (*line == ' ' || *line == '\t' ||
- *line == '\r' || *line == '\n')) {
+ /* Make sure real server never sends internal value */
+ if(*resp == 1)
+ *resp = 0;
+ }
+ /* Do we have a multiline (continuation) response? */
+ else if(line[3] == '-' &&
+ (smtpc->state == SMTP_EHLO || smtpc->state == SMTP_COMMAND)) {
+ result = TRUE;
+ *resp = 1; /* Internal response code */
+ }
- line++;
- len--;
- }
+ return result;
+}
- if(!len)
- break;
+/***********************************************************************
+ *
+ * smtp_get_message()
+ *
+ * Gets the authentication message from the response buffer.
+ */
+static void smtp_get_message(char *buffer, char** outptr)
+{
+ size_t len = 0;
+ char* message = NULL;
- /* Extract the word */
- for(wordlen = 0; wordlen < len && line[wordlen] != ' ' &&
- line[wordlen] != '\t' && line[wordlen] != '\r' &&
- line[wordlen] != '\n';)
- wordlen++;
+ /* Find the start of the message */
+ for(message = buffer + 4; *message == ' ' || *message == '\t'; message++)
+ ;
- /* Test the word for a matching authentication mechanism */
- if(wordlen == 5 && !memcmp(line, "LOGIN", 5))
- smtpc->authmechs |= SASL_MECH_LOGIN;
- else if(wordlen == 5 && !memcmp(line, "PLAIN", 5))
- smtpc->authmechs |= SASL_MECH_PLAIN;
- else if(wordlen == 8 && !memcmp(line, "CRAM-MD5", 8))
- smtpc->authmechs |= SASL_MECH_CRAM_MD5;
- else if(wordlen == 10 && !memcmp(line, "DIGEST-MD5", 10))
- smtpc->authmechs |= SASL_MECH_DIGEST_MD5;
- else if(wordlen == 6 && !memcmp(line, "GSSAPI", 6))
- smtpc->authmechs |= SASL_MECH_GSSAPI;
- else if(wordlen == 8 && !memcmp(line, "EXTERNAL", 8))
- smtpc->authmechs |= SASL_MECH_EXTERNAL;
- else if(wordlen == 4 && !memcmp(line, "NTLM", 4))
- smtpc->authmechs |= SASL_MECH_NTLM;
+ /* Find the end of the message */
+ for(len = strlen(message); len--;)
+ if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' &&
+ message[len] != '\t')
+ break;
- line += wordlen;
- len -= wordlen;
- }
- }
+ /* Terminate the message */
+ if(++len) {
+ message[len] = '\0';
}
- return result;
+ *outptr = message;
}
-/* This is the ONLY way to change SMTP state! */
+/***********************************************************************
+ *
+ * state()
+ *
+ * This is the ONLY way to change SMTP state!
+ */
static void state(struct connectdata *conn, smtpstate newstate)
{
struct smtp_conn *smtpc = &conn->proto.smtpc;
"AUTH_DIGESTMD5_RESP",
"AUTH_NTLM",
"AUTH_NTLM_TYPE2MSG",
- "AUTH",
+ "AUTH_GSSAPI",
+ "AUTH_GSSAPI_TOKEN",
+ "AUTH_GSSAPI_NO_DATA",
+ "AUTH_XOAUTH2",
+ "AUTH_CANCEL",
+ "AUTH_FINAL",
+ "COMMAND",
"MAIL",
"RCPT",
"DATA",
if(smtpc->state != newstate)
infof(conn->data, "SMTP %p state change from %s to %s\n",
- smtpc, names[smtpc->state], names[newstate]);
+ (void *)smtpc, names[smtpc->state], names[newstate]);
#endif
smtpc->state = newstate;
}
-static CURLcode smtp_state_ehlo(struct connectdata *conn)
+/***********************************************************************
+ *
+ * smtp_perform_ehlo()
+ *
+ * Sends the EHLO command to not only initialise communication with the ESMTP
+ * server but to also obtain a list of server side supported capabilities.
+ */
+static CURLcode smtp_perform_ehlo(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct smtp_conn *smtpc = &conn->proto.smtpc;
- smtpc->authmechs = 0; /* No known authentication mechanisms yet */
- smtpc->authused = 0; /* Clear the authentication mechanism used
- for esmtp connections */
- smtpc->tls_supported = FALSE; /* Clear the TLS capability */
+ smtpc->authmechs = 0; /* No known authentication mechanisms yet */
+ smtpc->authused = 0; /* Clear the authentication mechanism used
+ for esmtp connections */
+ smtpc->tls_supported = FALSE; /* Clear the TLS capability */
+ smtpc->auth_supported = FALSE; /* Clear the AUTH capability */
/* Send the EHLO command */
result = Curl_pp_sendf(&smtpc->pp, "EHLO %s", smtpc->domain);
- if(result)
- return result;
-
- state(conn, SMTP_EHLO);
+ if(!result)
+ state(conn, SMTP_EHLO);
- return CURLE_OK;
+ return result;
}
-static CURLcode smtp_state_helo(struct connectdata *conn)
+/***********************************************************************
+ *
+ * smtp_perform_helo()
+ *
+ * Sends the HELO command to initialise communication with the SMTP server.
+ */
+static CURLcode smtp_perform_helo(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct smtp_conn *smtpc = &conn->proto.smtpc;
/* Send the HELO command */
result = Curl_pp_sendf(&smtpc->pp, "HELO %s", smtpc->domain);
- if(result)
- return result;
-
- state(conn, SMTP_HELO);
+ if(!result)
+ state(conn, SMTP_HELO);
- return CURLE_OK;
+ return result;
}
-static CURLcode smtp_state_starttls(struct connectdata *conn)
+/***********************************************************************
+ *
+ * smtp_perform_starttls()
+ *
+ * Sends the STLS command to start the upgrade to TLS.
+ */
+static CURLcode smtp_perform_starttls(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
/* Send the STARTTLS command */
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "STARTTLS");
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "STARTTLS");
if(!result)
state(conn, SMTP_STARTTLS);
return result;
}
-static CURLcode smtp_state_upgrade_tls(struct connectdata *conn)
+/***********************************************************************
+ *
+ * smtp_perform_upgrade_tls()
+ *
+ * Performs the upgrade to TLS.
+ */
+static CURLcode smtp_perform_upgrade_tls(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct smtp_conn *smtpc = &conn->proto.smtpc;
if(smtpc->ssldone) {
smtp_to_smtps(conn);
- result = smtp_state_ehlo(conn);
+ result = smtp_perform_ehlo(conn);
}
}
return result;
}
-static CURLcode smtp_authenticate(struct connectdata *conn)
+/***********************************************************************
+ *
+ * smtp_perform_auth()
+ *
+ * Sends an AUTH command allowing the client to login with the given SASL
+ * authentication mechanism.
+ */
+static CURLcode smtp_perform_auth(struct connectdata *conn,
+ const char *mech,
+ const char *initresp, size_t len,
+ smtpstate state1, smtpstate state2)
+{
+ CURLcode result = CURLE_OK;
+ struct smtp_conn *smtpc = &conn->proto.smtpc;
+
+ if(initresp && 8 + strlen(mech) + len <= 512) { /* AUTH <mech> ...<crlf> */
+ /* Send the AUTH command with the initial response */
+ result = Curl_pp_sendf(&smtpc->pp, "AUTH %s %s", mech, initresp);
+
+ if(!result)
+ state(conn, state2);
+ }
+ else {
+ /* Send the AUTH command */
+ result = Curl_pp_sendf(&smtpc->pp, "AUTH %s", mech);
+
+ if(!result)
+ state(conn, state1);
+ }
+
+ return result;
+}
+
+/***********************************************************************
+ *
+ * smtp_perform_authentication()
+ *
+ * Initiates the authentication sequence, with the appropriate SASL
+ * authentication mechanism.
+ */
+static CURLcode smtp_perform_authentication(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct smtp_conn *smtpc = &conn->proto.smtpc;
smtpstate state1 = SMTP_STOP;
smtpstate state2 = SMTP_STOP;
- /* Check we have a username and password to authenticate with and end the
- connect phase if we don't */
- if(!conn->bits.user_passwd) {
+ /* Check we have a username and password to authenticate with, and the
+ server supports authentiation, and end the connect phase if not */
+ if(!conn->bits.user_passwd || !smtpc->auth_supported) {
state(conn, SMTP_STOP);
return result;
}
- /* Calculate the supported authentication mechanism, by decreasing order of
- security, as well as the initial response where appropriate */
-#ifndef CURL_DISABLE_CRYPTO_AUTH
- if(smtpc->authmechs & SASL_MECH_DIGEST_MD5) {
- mech = "DIGEST-MD5";
- state1 = SMTP_AUTH_DIGESTMD5;
- smtpc->authused = SASL_MECH_DIGEST_MD5;
- }
- else if(smtpc->authmechs & SASL_MECH_CRAM_MD5) {
- mech = "CRAM-MD5";
- state1 = SMTP_AUTH_CRAMMD5;
- smtpc->authused = SASL_MECH_CRAM_MD5;
- }
- else
-#endif
-#ifdef USE_NTLM
- if(smtpc->authmechs & SASL_MECH_NTLM) {
- mech = "NTLM";
- state1 = SMTP_AUTH_NTLM;
- state2 = SMTP_AUTH_NTLM_TYPE2MSG;
- smtpc->authused = SASL_MECH_NTLM;
- result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
- &conn->ntlm,
- &initresp, &len);
- }
- else
-#endif
- if(smtpc->authmechs & SASL_MECH_LOGIN) {
- mech = "LOGIN";
- state1 = SMTP_AUTH_LOGIN;
- state2 = SMTP_AUTH_LOGIN_PASSWD;
- smtpc->authused = SASL_MECH_LOGIN;
- result = Curl_sasl_create_login_message(conn->data, conn->user,
- &initresp, &len);
- }
- else if(smtpc->authmechs & SASL_MECH_PLAIN) {
- mech = "PLAIN";
- state1 = SMTP_AUTH_PLAIN;
- state2 = SMTP_AUTH;
- smtpc->authused = SASL_MECH_PLAIN;
- result = Curl_sasl_create_plain_message(conn->data, conn->user,
- conn->passwd, &initresp, &len);
- }
- else {
- /* Other mechanisms not supported */
- infof(conn->data, "No known authentication mechanisms supported!\n");
- result = CURLE_LOGIN_DENIED;
- }
+ /* Calculate the SASL login details */
+ result = smtp_calc_sasl_details(conn, &mech, &initresp, &len, &state1,
+ &state2);
if(!result) {
- /* Perform SASL based authentication */
- if(initresp &&
- strlen(mech) + len <= 512 - 8) { /* AUTH <mech> ...<crlf> */
- result = Curl_pp_sendf(&smtpc->pp, "AUTH %s %s", mech, initresp);
+ if(mech) {
+ /* Perform SASL based authentication */
+ result = smtp_perform_auth(conn, mech, initresp, len, state1, state2);
- if(!result)
- state(conn, state2);
+ Curl_safefree(initresp);
}
else {
- result = Curl_pp_sendf(&smtpc->pp, "AUTH %s", mech);
+ /* Other mechanisms not supported */
+ infof(conn->data, "No known authentication mechanisms supported!\n");
+ result = CURLE_LOGIN_DENIED;
+ }
+ }
- if(!result)
- state(conn, state1);
+ return result;
+}
+
+/***********************************************************************
+ *
+ * smtp_perform_command()
+ *
+ * Sends a SMTP based command.
+ */
+static CURLcode smtp_perform_command(struct connectdata *conn)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ struct SMTP *smtp = data->req.protop;
+
+ /* Send the command */
+ if(smtp->rcpt)
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s %s",
+ smtp->custom && smtp->custom[0] != '\0' ?
+ smtp->custom : "VRFY",
+ smtp->rcpt->data);
+ else
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s",
+ smtp->custom && smtp->custom[0] != '\0' ?
+ smtp->custom : "HELP");
+
+ if(!result)
+ state(conn, SMTP_COMMAND);
+
+ return result;
+}
+
+/***********************************************************************
+ *
+ * smtp_perform_mail()
+ *
+ * Sends an MAIL command to initiate the upload of a message.
+ */
+static CURLcode smtp_perform_mail(struct connectdata *conn)
+{
+ char *from = NULL;
+ char *auth = NULL;
+ char *size = NULL;
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+
+ /* Calculate the FROM parameter */
+ if(!data->set.str[STRING_MAIL_FROM])
+ /* Null reverse-path, RFC-5321, sect. 3.6.3 */
+ from = strdup("<>");
+ else if(data->set.str[STRING_MAIL_FROM][0] == '<')
+ from = aprintf("%s", data->set.str[STRING_MAIL_FROM]);
+ else
+ from = aprintf("<%s>", data->set.str[STRING_MAIL_FROM]);
+
+ if(!from)
+ return CURLE_OUT_OF_MEMORY;
+
+ /* Calculate the optional AUTH parameter */
+ if(data->set.str[STRING_MAIL_AUTH] && conn->proto.smtpc.authused) {
+ if(data->set.str[STRING_MAIL_AUTH][0] != '\0')
+ auth = aprintf("%s", data->set.str[STRING_MAIL_AUTH]);
+ else
+ /* Empty AUTH, RFC-2554, sect. 5 */
+ auth = strdup("<>");
+
+ if(!auth) {
+ Curl_safefree(from);
+
+ return CURLE_OUT_OF_MEMORY;
}
+ }
- Curl_safefree(initresp);
+ /* Calculate the optional SIZE parameter */
+ if(conn->proto.smtpc.size_supported && conn->data->state.infilesize > 0) {
+ size = aprintf("%" CURL_FORMAT_CURL_OFF_T, data->state.infilesize);
+
+ if(!size) {
+ Curl_safefree(from);
+ Curl_safefree(auth);
+
+ return CURLE_OUT_OF_MEMORY;
+ }
}
+ /* Send the MAIL command */
+ if(!auth && !size)
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp,
+ "MAIL FROM:%s", from);
+ else if(auth && !size)
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp,
+ "MAIL FROM:%s AUTH=%s", from, auth);
+ else if(auth && size)
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp,
+ "MAIL FROM:%s AUTH=%s SIZE=%s", from, auth, size);
+ else
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp,
+ "MAIL FROM:%s SIZE=%s", from, size);
+
+ Curl_safefree(from);
+ Curl_safefree(auth);
+ Curl_safefree(size);
+
+ if(!result)
+ state(conn, SMTP_MAIL);
+
+ return result;
+}
+
+/***********************************************************************
+ *
+ * smtp_perform_rcpt_to()
+ *
+ * Sends a RCPT TO command for a given recipient as part of the message upload
+ * process.
+ */
+static CURLcode smtp_perform_rcpt_to(struct connectdata *conn)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ struct SMTP *smtp = data->req.protop;
+
+ /* Send the RCPT TO command */
+ if(smtp->rcpt->data[0] == '<')
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "RCPT TO:%s",
+ smtp->rcpt->data);
+ else
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "RCPT TO:<%s>",
+ smtp->rcpt->data);
+ if(!result)
+ state(conn, SMTP_RCPT);
+
+ return result;
+}
+
+/***********************************************************************
+ *
+ * smtp_perform_quit()
+ *
+ * Performs the quit action prior to sclose() being called.
+ */
+static CURLcode smtp_perform_quit(struct connectdata *conn)
+{
+ CURLcode result = CURLE_OK;
+
+ /* Send the QUIT command */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "QUIT");
+
+ if(!result)
+ state(conn, SMTP_QUIT);
+
return result;
}
if(smtpcode/100 != 2) {
failf(data, "Got unexpected smtp-server response: %d", smtpcode);
- return CURLE_FTP_WEIRD_SERVER_REPLY;
+ result = CURLE_FTP_WEIRD_SERVER_REPLY;
}
-
- result = smtp_state_ehlo(conn);
+ else
+ result = smtp_perform_ehlo(conn);
return result;
}
result = CURLE_USE_SSL_FAILED;
}
else
- result = smtp_authenticate(conn);
+ result = smtp_perform_authentication(conn);
}
else
- result = smtp_state_upgrade_tls(conn);
+ result = smtp_perform_upgrade_tls(conn);
+
+ return result;
+}
+
+/* For EHLO responses */
+static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode,
+ smtpstate instate)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ struct smtp_conn *smtpc = &conn->proto.smtpc;
+ const char *line = data->state.buffer;
+ size_t len = strlen(line);
+ size_t wordlen;
+
+ (void)instate; /* no use for this yet */
+
+ if(smtpcode/100 != 2 && smtpcode != 1) {
+ if(data->set.use_ssl <= CURLUSESSL_TRY || conn->ssl[FIRSTSOCKET].use)
+ result = smtp_perform_helo(conn);
+ else {
+ failf(data, "Remote access denied: %d", smtpcode);
+ result = CURLE_REMOTE_ACCESS_DENIED;
+ }
+ }
+ else {
+ line += 4;
+ len -= 4;
+
+ /* Does the server support the STARTTLS capability? */
+ if(len >= 8 && !memcmp(line, "STARTTLS", 8))
+ smtpc->tls_supported = TRUE;
+
+ /* Does the server support the SIZE capability? */
+ else if(len >= 4 && !memcmp(line, "SIZE", 4))
+ smtpc->size_supported = TRUE;
+
+ /* Does the server support authentication? */
+ else if(len >= 5 && !memcmp(line, "AUTH ", 5)) {
+ smtpc->auth_supported = TRUE;
+
+ /* Advance past the AUTH keyword */
+ line += 5;
+ len -= 5;
+
+ /* Loop through the data line */
+ for(;;) {
+ while(len &&
+ (*line == ' ' || *line == '\t' ||
+ *line == '\r' || *line == '\n')) {
- return result;
-}
+ line++;
+ len--;
+ }
-/* For EHLO responses */
-static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode,
- smtpstate instate)
-{
- CURLcode result = CURLE_OK;
- struct SessionHandle *data = conn->data;
- struct smtp_conn *smtpc = &conn->proto.smtpc;
+ if(!len)
+ break;
- (void)instate; /* no use for this yet */
+ /* Extract the word */
+ for(wordlen = 0; wordlen < len && line[wordlen] != ' ' &&
+ line[wordlen] != '\t' && line[wordlen] != '\r' &&
+ line[wordlen] != '\n';)
+ wordlen++;
- if(smtpcode/100 != 2) {
- if((data->set.use_ssl <= CURLUSESSL_TRY || conn->ssl[FIRSTSOCKET].use) &&
- !conn->bits.user_passwd)
- result = smtp_state_helo(conn);
- else {
- failf(data, "Remote access denied: %d", smtpcode);
- result = CURLE_REMOTE_ACCESS_DENIED;
+ /* Test the word for a matching authentication mechanism */
+ if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_LOGIN))
+ smtpc->authmechs |= SASL_MECH_LOGIN;
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_PLAIN))
+ smtpc->authmechs |= SASL_MECH_PLAIN;
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_CRAM_MD5))
+ smtpc->authmechs |= SASL_MECH_CRAM_MD5;
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_DIGEST_MD5))
+ smtpc->authmechs |= SASL_MECH_DIGEST_MD5;
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_GSSAPI))
+ smtpc->authmechs |= SASL_MECH_GSSAPI;
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_EXTERNAL))
+ smtpc->authmechs |= SASL_MECH_EXTERNAL;
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_NTLM))
+ smtpc->authmechs |= SASL_MECH_NTLM;
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_XOAUTH2))
+ smtpc->authmechs |= SASL_MECH_XOAUTH2;
+
+ line += wordlen;
+ len -= wordlen;
+ }
}
- }
- else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
- /* We don't have a SSL/TLS connection yet, but SSL is requested */
- if(smtpc->tls_supported)
- /* Switch to TLS connection now */
- result = smtp_state_starttls(conn);
- else if(data->set.use_ssl == CURLUSESSL_TRY)
- /* Fallback and carry on with authentication */
- result = smtp_authenticate(conn);
- else {
- failf(data, "STARTTLS not supported.");
- result = CURLE_USE_SSL_FAILED;
+
+ if(smtpcode != 1) {
+ if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
+ /* We don't have a SSL/TLS connection yet, but SSL is requested */
+ if(smtpc->tls_supported)
+ /* Switch to TLS connection now */
+ result = smtp_perform_starttls(conn);
+ else if(data->set.use_ssl == CURLUSESSL_TRY)
+ /* Fallback and carry on with authentication */
+ result = smtp_perform_authentication(conn);
+ else {
+ failf(data, "STARTTLS not supported.");
+ result = CURLE_USE_SSL_FAILED;
+ }
+ }
+ else
+ result = smtp_perform_authentication(conn);
}
}
- else
- result = smtp_authenticate(conn);
return result;
}
/* Create the authorisation message */
result = Curl_sasl_create_plain_message(conn->data, conn->user,
conn->passwd, &plainauth, &len);
+ if(!result && plainauth) {
+ /* Send the message */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", plainauth);
- /* Send the message */
- if(!result) {
- if(plainauth) {
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", plainauth);
-
- if(!result)
- state(conn, SMTP_AUTH);
- }
-
- Curl_safefree(plainauth);
+ if(!result)
+ state(conn, SMTP_AUTH_FINAL);
}
}
+ Curl_safefree(plainauth);
+
return result;
}
/* Create the user message */
result = Curl_sasl_create_login_message(conn->data, conn->user,
&authuser, &len);
+ if(!result && authuser) {
+ /* Send the user */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", authuser);
- /* Send the user */
- if(!result) {
- if(authuser) {
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", authuser);
-
- if(!result)
- state(conn, SMTP_AUTH_LOGIN_PASSWD);
- }
-
- Curl_safefree(authuser);
+ if(!result)
+ state(conn, SMTP_AUTH_LOGIN_PASSWD);
}
}
+ Curl_safefree(authuser);
+
return result;
}
/* Create the password message */
result = Curl_sasl_create_login_message(conn->data, conn->passwd,
&authpasswd, &len);
+ if(!result && authpasswd) {
+ /* Send the password */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", authpasswd);
- /* Send the password */
- if(!result) {
- if(authpasswd) {
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", authpasswd);
-
- if(!result)
- state(conn, SMTP_AUTH);
- }
-
- Curl_safefree(authpasswd);
+ if(!result)
+ state(conn, SMTP_AUTH_FINAL);
}
}
+ Curl_safefree(authpasswd);
+
return result;
}
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- char *chlg64 = data->state.buffer;
- size_t len = 0;
+ char *chlg = NULL;
+ char *chlg64 = NULL;
char *rplyb64 = NULL;
+ size_t len = 0;
(void)instate; /* no use for this yet */
return CURLE_LOGIN_DENIED;
}
- /* Get the challenge */
- for(chlg64 += 4; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++)
- ;
+ /* Get the challenge message */
+ smtp_get_message(data->state.buffer, &chlg64);
- /* Terminate the challenge */
- if(*chlg64 != '=') {
- for(len = strlen(chlg64); len--;)
- if(chlg64[len] != '\r' && chlg64[len] != '\n' && chlg64[len] != ' ' &&
- chlg64[len] != '\t')
- break;
+ /* Decode the challenge message */
+ result = Curl_sasl_decode_cram_md5_message(chlg64, &chlg, &len);
+ if(result) {
+ /* Send the cancellation */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*");
- if(++len) {
- chlg64[len] = '\0';
- }
+ if(!result)
+ state(conn, SMTP_AUTH_CANCEL);
}
-
- /* Create the response message */
- result = Curl_sasl_create_cram_md5_message(data, chlg64, conn->user,
- conn->passwd, &rplyb64, &len);
-
- /* Send the response */
- if(!result) {
- if(rplyb64) {
+ else {
+ /* Create the response message */
+ result = Curl_sasl_create_cram_md5_message(data, chlg, conn->user,
+ conn->passwd, &rplyb64, &len);
+ if(!result && rplyb64) {
+ /* Send the response */
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", rplyb64);
if(!result)
- state(conn, SMTP_AUTH);
+ state(conn, SMTP_AUTH_FINAL);
}
-
- Curl_safefree(rplyb64);
}
+ Curl_safefree(chlg);
+ Curl_safefree(rplyb64);
+
return result;
}
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- char *chlg64 = data->state.buffer;
- size_t len = 0;
+ char *chlg64 = NULL;
char *rplyb64 = NULL;
+ size_t len = 0;
(void)instate; /* no use for this yet */
return CURLE_LOGIN_DENIED;
}
- /* Get the challenge */
- for(chlg64 += 4; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++)
- ;
+ /* Get the challenge message */
+ smtp_get_message(data->state.buffer, &chlg64);
/* Create the response message */
- result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user,
- conn->passwd, "smtp",
- &rplyb64, &len);
-
- /* Send the response */
- if(!result) {
- if(rplyb64) {
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", rplyb64);
+ result = Curl_sasl_create_digest_md5_message(data, chlg64,
+ conn->user, conn->passwd,
+ "smtp", &rplyb64, &len);
+ if(result) {
+ if(result == CURLE_BAD_CONTENT_ENCODING) {
+ /* Send the cancellation */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*");
if(!result)
- state(conn, SMTP_AUTH_DIGESTMD5_RESP);
+ state(conn, SMTP_AUTH_CANCEL);
}
+ }
+ else {
+ /* Send the response */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", rplyb64);
- Curl_safefree(rplyb64);
+ if(!result)
+ state(conn, SMTP_AUTH_DIGESTMD5_RESP);
}
+ Curl_safefree(rplyb64);
+
return result;
}
}
else {
/* Send an empty response */
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "");
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "");
if(!result)
- state(conn, SMTP_AUTH);
+ state(conn, SMTP_AUTH_FINAL);
}
return result;
result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
&conn->ntlm,
&type1msg, &len);
+ if(!result && type1msg) {
+ /* Send the message */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type1msg);
- /* Send the message */
- if(!result) {
- if(type1msg) {
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type1msg);
-
- if(!result)
- state(conn, SMTP_AUTH_NTLM_TYPE2MSG);
- }
-
- Curl_safefree(type1msg);
+ if(!result)
+ state(conn, SMTP_AUTH_NTLM_TYPE2MSG);
}
}
+ Curl_safefree(type1msg);
+
return result;
}
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
+ char *type2msg = NULL;
char *type3msg = NULL;
size_t len = 0;
result = CURLE_LOGIN_DENIED;
}
else {
- /* Create the type-3 message */
- result = Curl_sasl_create_ntlm_type3_message(data,
- data->state.buffer + 4,
- conn->user, conn->passwd,
- &conn->ntlm,
- &type3msg, &len);
+ /* Get the type-2 message */
+ smtp_get_message(data->state.buffer, &type2msg);
+
+ /* Decode the type-2 message */
+ result = Curl_sasl_decode_ntlm_type2_message(data, type2msg, &conn->ntlm);
+ if(result) {
+ /* Send the cancellation */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*");
- /* Send the message */
- if(!result) {
- if(type3msg) {
+ if(!result)
+ state(conn, SMTP_AUTH_CANCEL);
+ }
+ else {
+ /* Create the type-3 message */
+ result = Curl_sasl_create_ntlm_type3_message(data, conn->user,
+ conn->passwd, &conn->ntlm,
+ &type3msg, &len);
+ if(!result && type3msg) {
+ /* Send the message */
result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", type3msg);
if(!result)
- state(conn, SMTP_AUTH);
+ state(conn, SMTP_AUTH_FINAL);
}
-
- Curl_safefree(type3msg);
}
}
+ Curl_safefree(type3msg);
+
return result;
}
#endif
-/* For the final responses to the AUTH sequence */
-static CURLcode smtp_state_auth_final_resp(struct connectdata *conn,
- int smtpcode,
- smtpstate instate)
+#if defined(USE_KERBEROS5)
+/* For AUTH GSSAPI (without initial response) responses */
+static CURLcode smtp_state_auth_gssapi_resp(struct connectdata *conn,
+ int smtpcode,
+ smtpstate instate)
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
+ struct smtp_conn *smtpc = &conn->proto.smtpc;
+ char *respmsg = NULL;
+ size_t len = 0;
(void)instate; /* no use for this yet */
- if(smtpcode != 235) {
- failf(data, "Authentication failed: %d", smtpcode);
+ if(smtpcode != 334) {
+ failf(data, "Access denied: %d", smtpcode);
result = CURLE_LOGIN_DENIED;
}
- else
- /* End of connect phase */
- state(conn, SMTP_STOP);
+ else {
+ /* Create the initial response message */
+ result = Curl_sasl_create_gssapi_user_message(data, conn->user,
+ conn->passwd, "smtp",
+ smtpc->mutual_auth, NULL,
+ &conn->krb5,
+ &respmsg, &len);
+ if(!result && respmsg) {
+ /* Send the message */
+ result = Curl_pp_sendf(&smtpc->pp, "%s", respmsg);
+
+ if(!result)
+ state(conn, SMTP_AUTH_GSSAPI_TOKEN);
+ }
+ }
+
+ Curl_safefree(respmsg);
return result;
}
-/* Start the DO phase */
-static CURLcode smtp_mail(struct connectdata *conn)
+/* For AUTH GSSAPI user token responses */
+static CURLcode smtp_state_auth_gssapi_token_resp(struct connectdata *conn,
+ int smtpcode,
+ smtpstate instate)
{
- char *from = NULL;
- char *auth = NULL;
- char *size = NULL;
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
+ struct smtp_conn *smtpc = &conn->proto.smtpc;
+ char *chlgmsg = NULL;
+ char *respmsg = NULL;
+ size_t len = 0;
- /* Calculate the FROM parameter */
- if(!data->set.str[STRING_MAIL_FROM])
- /* Null reverse-path, RFC-2821, sect. 3.7 */
- from = strdup("<>");
- else if(data->set.str[STRING_MAIL_FROM][0] == '<')
- from = aprintf("%s", data->set.str[STRING_MAIL_FROM]);
- else
- from = aprintf("<%s>", data->set.str[STRING_MAIL_FROM]);
-
- if(!from)
- return CURLE_OUT_OF_MEMORY;
+ (void)instate; /* no use for this yet */
- /* Calculate the optional AUTH parameter */
- if(data->set.str[STRING_MAIL_AUTH] && conn->proto.smtpc.authused) {
- if(data->set.str[STRING_MAIL_AUTH][0] != '\0')
- auth = aprintf("%s", data->set.str[STRING_MAIL_AUTH]);
+ if(smtpcode != 334) {
+ failf(data, "Access denied: %d", smtpcode);
+ result = CURLE_LOGIN_DENIED;
+ }
+ else {
+ /* Get the challenge message */
+ smtp_get_message(data->state.buffer, &chlgmsg);
+
+ if(smtpc->mutual_auth)
+ /* Decode the user token challenge and create the optional response
+ message */
+ result = Curl_sasl_create_gssapi_user_message(data, NULL, NULL, NULL,
+ smtpc->mutual_auth,
+ chlgmsg, &conn->krb5,
+ &respmsg, &len);
else
- /* Empty AUTH, RFC-2554, sect. 5 */
- auth = strdup("<>");
+ /* Decode the security challenge and create the response message */
+ result = Curl_sasl_create_gssapi_security_message(data, chlgmsg,
+ &conn->krb5,
+ &respmsg, &len);
- if(!auth) {
- Curl_safefree(from);
+ if(result) {
+ if(result == CURLE_BAD_CONTENT_ENCODING) {
+ /* Send the cancellation */
+ result = Curl_pp_sendf(&smtpc->pp, "%s", "*");
- return CURLE_OUT_OF_MEMORY;
+ if(!result)
+ state(conn, SMTP_AUTH_CANCEL);
+ }
+ }
+ else {
+ /* Send the response */
+ if(respmsg)
+ result = Curl_pp_sendf(&smtpc->pp, "%s", respmsg);
+ else
+ result = Curl_pp_sendf(&smtpc->pp, "%s", "");
+
+ if(!result)
+ state(conn, (smtpc->mutual_auth ? SMTP_AUTH_GSSAPI_NO_DATA :
+ SMTP_AUTH_FINAL));
}
}
- /* calculate the optional SIZE parameter */
- if(conn->proto.smtpc.size_supported && conn->data->set.infilesize > 0) {
- size = aprintf("%" FORMAT_OFF_T, data->set.infilesize);
+ Curl_safefree(respmsg);
- if(!size) {
- Curl_safefree(from);
- Curl_safefree(auth);
+ return result;
+}
- return CURLE_OUT_OF_MEMORY;
+/* For AUTH GSSAPI no data responses */
+static CURLcode smtp_state_auth_gssapi_no_data_resp(struct connectdata *conn,
+ int smtpcode,
+ smtpstate instate)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ char *chlgmsg = NULL;
+ char *respmsg = NULL;
+ size_t len = 0;
+
+ (void)instate; /* no use for this yet */
+
+ if(smtpcode != 334) {
+ failf(data, "Access denied: %d", smtpcode);
+ result = CURLE_LOGIN_DENIED;
+ }
+ else {
+ /* Get the challenge message */
+ smtp_get_message(data->state.buffer, &chlgmsg);
+
+ /* Decode the security challenge and create the response message */
+ result = Curl_sasl_create_gssapi_security_message(data, chlgmsg,
+ &conn->krb5,
+ &respmsg, &len);
+ if(result) {
+ if(result == CURLE_BAD_CONTENT_ENCODING) {
+ /* Send the cancellation */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "*");
+
+ if(!result)
+ state(conn, SMTP_AUTH_CANCEL);
+ }
+ }
+ else {
+ /* Send the response */
+ if(respmsg) {
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", respmsg);
+
+ if(!result)
+ state(conn, SMTP_AUTH_FINAL);
+ }
}
}
- /* Send the MAIL command */
- if(!auth && !size)
- result = Curl_pp_sendf(&conn->proto.smtpc.pp,
- "MAIL FROM:%s", from);
- else if(auth && !size)
- result = Curl_pp_sendf(&conn->proto.smtpc.pp,
- "MAIL FROM:%s AUTH=%s", from, auth);
- else if(auth && size)
- result = Curl_pp_sendf(&conn->proto.smtpc.pp,
- "MAIL FROM:%s AUTH=%s SIZE=%s", from, auth, size);
- else
- result = Curl_pp_sendf(&conn->proto.smtpc.pp,
- "MAIL FROM:%s SIZE=%s", from, size);
+ Curl_safefree(respmsg);
- Curl_safefree(from);
- Curl_safefree(auth);
- Curl_safefree(size);
+ return result;
+}
+#endif
+
+/* For AUTH XOAUTH2 (without initial response) responses */
+static CURLcode smtp_state_auth_xoauth2_resp(struct connectdata *conn,
+ int smtpcode, smtpstate instate)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ size_t len = 0;
+ char *xoauth = NULL;
+
+ (void)instate; /* no use for this yet */
+
+ if(smtpcode != 334) {
+ failf(data, "Access denied: %d", smtpcode);
+ result = CURLE_LOGIN_DENIED;
+ }
+ else {
+ /* Create the authorisation message */
+ result = Curl_sasl_create_xoauth2_message(conn->data, conn->user,
+ conn->xoauth2_bearer,
+ &xoauth, &len);
+ if(!result && xoauth) {
+ /* Send the message */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", xoauth);
+
+ if(!result)
+ state(conn, SMTP_AUTH_FINAL);
+ }
+ }
+
+ Curl_safefree(xoauth);
+
+ return result;
+}
+
+/* For AUTH cancellation responses */
+static CURLcode smtp_state_auth_cancel_resp(struct connectdata *conn,
+ int smtpcode,
+ smtpstate instate)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ struct smtp_conn *smtpc = &conn->proto.smtpc;
+ const char *mech = NULL;
+ char *initresp = NULL;
+ size_t len = 0;
+ smtpstate state1 = SMTP_STOP;
+ smtpstate state2 = SMTP_STOP;
+
+ (void)smtpcode;
+ (void)instate; /* no use for this yet */
+
+ /* Remove the offending mechanism from the supported list */
+ smtpc->authmechs ^= smtpc->authused;
+
+ /* Calculate alternative SASL login details */
+ result = smtp_calc_sasl_details(conn, &mech, &initresp, &len, &state1,
+ &state2);
+
+ if(!result) {
+ /* Do we have any mechanisms left? */
+ if(mech) {
+ /* Retry SASL based authentication */
+ result = smtp_perform_auth(conn, mech, initresp, len, state1, state2);
+
+ Curl_safefree(initresp);
+ }
+ else {
+ failf(data, "Authentication cancelled");
+
+ result = CURLE_LOGIN_DENIED;
+ }
+ }
+
+ return result;
+}
+
+/* For final responses in the AUTH sequence */
+static CURLcode smtp_state_auth_final_resp(struct connectdata *conn,
+ int smtpcode,
+ smtpstate instate)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
- if(result)
- return result;
+ (void)instate; /* no use for this yet */
- state(conn, SMTP_MAIL);
+ if(smtpcode != 235) {
+ failf(data, "Authentication failed: %d", smtpcode);
+ result = CURLE_LOGIN_DENIED;
+ }
+ else
+ /* End of connect phase */
+ state(conn, SMTP_STOP);
return result;
}
-static CURLcode smtp_rcpt_to(struct connectdata *conn)
+/* For command responses */
+static CURLcode smtp_state_command_resp(struct connectdata *conn, int smtpcode,
+ smtpstate instate)
{
CURLcode result = CURLE_OK;
- struct smtp_conn *smtpc = &conn->proto.smtpc;
+ struct SessionHandle *data = conn->data;
+ struct SMTP *smtp = data->req.protop;
+ char *line = data->state.buffer;
+ size_t len = strlen(line);
- /* Send the RCPT TO command */
- if(smtpc->rcpt) {
- if(smtpc->rcpt->data[0] == '<')
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "RCPT TO:%s",
- smtpc->rcpt->data);
- else
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "RCPT TO:<%s>",
- smtpc->rcpt->data);
- if(!result)
- state(conn, SMTP_RCPT);
+ (void)instate; /* no use for this yet */
+
+ if((smtp->rcpt && smtpcode/100 != 2 && smtpcode != 553 && smtpcode != 1) ||
+ (!smtp->rcpt && smtpcode/100 != 2 && smtpcode != 1)) {
+ failf(data, "Command failed: %d", smtpcode);
+ result = CURLE_RECV_ERROR;
+ }
+ else {
+ /* Temporarily add the LF character back and send as body to the client */
+ if(!data->set.opt_no_body) {
+ line[len] = '\n';
+ result = Curl_client_write(conn, CLIENTWRITE_BODY, line, len + 1);
+ line[len] = '\0';
+ }
+
+ if(smtpcode != 1) {
+ if(smtp->rcpt) {
+ smtp->rcpt = smtp->rcpt->next;
+
+ if(smtp->rcpt) {
+ /* Send the next command */
+ result = smtp_perform_command(conn);
+ }
+ else
+ /* End of DO phase */
+ state(conn, SMTP_STOP);
+ }
+ else
+ /* End of DO phase */
+ state(conn, SMTP_STOP);
+ }
}
return result;
if(smtpcode/100 != 2) {
failf(data, "MAIL failed: %d", smtpcode);
result = CURLE_SEND_ERROR;
- state(conn, SMTP_STOP);
- }
- else {
- struct smtp_conn *smtpc = &conn->proto.smtpc;
- smtpc->rcpt = data->set.mail_rcpt;
-
- result = smtp_rcpt_to(conn);
}
+ else
+ /* Start the RCPT TO command */
+ result = smtp_perform_rcpt_to(conn);
return result;
}
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
+ struct SMTP *smtp = data->req.protop;
(void)instate; /* no use for this yet */
if(smtpcode/100 != 2) {
failf(data, "RCPT failed: %d", smtpcode);
result = CURLE_SEND_ERROR;
- state(conn, SMTP_STOP);
}
else {
- struct smtp_conn *smtpc = &conn->proto.smtpc;
+ smtp->rcpt = smtp->rcpt->next;
- if(smtpc->rcpt) {
- smtpc->rcpt = smtpc->rcpt->next;
- result = smtp_rcpt_to(conn);
+ if(smtp->rcpt)
+ /* Send the next RCPT TO command */
+ result = smtp_perform_rcpt_to(conn);
+ else {
+ /* Send the DATA command */
+ result = Curl_pp_sendf(&conn->proto.smtpc.pp, "%s", "DATA");
- /* If we failed or still are sending RCPT data then return */
- if(result || smtpc->rcpt)
- return result;
+ if(!result)
+ state(conn, SMTP_DATA);
}
-
- /* Send the DATA command */
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "DATA");
-
- if(result)
- return result;
-
- state(conn, SMTP_DATA);
}
return result;
static CURLcode smtp_state_data_resp(struct connectdata *conn, int smtpcode,
smtpstate instate)
{
+ CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct FTP *smtp = data->state.proto.smtp;
(void)instate; /* no use for this yet */
if(smtpcode != 354) {
- state(conn, SMTP_STOP);
- return CURLE_SEND_ERROR;
+ failf(data, "DATA failed: %d", smtpcode);
+ result = CURLE_SEND_ERROR;
}
+ else {
+ /* Set the progress upload size */
+ Curl_pgrsSetUploadSize(data, data->state.infilesize);
- /* SMTP upload */
- Curl_setup_transfer(conn, -1, -1, FALSE, NULL, /* no download */
- FIRSTSOCKET, smtp->bytecountp);
+ /* SMTP upload */
+ Curl_setup_transfer(conn, -1, -1, FALSE, NULL, FIRSTSOCKET, NULL);
- /* End of do phase */
- state(conn, SMTP_STOP);
+ /* End of DO phase */
+ state(conn, SMTP_STOP);
+ }
- return CURLE_OK;
+ return result;
}
/* For POSTDATA responses, which are received after the entire DATA
if(smtpcode != 250)
result = CURLE_RECV_ERROR;
- /* End of done phase */
+ /* End of DONE phase */
state(conn, SMTP_STOP);
return result;
/* Busy upgrading the connection; right now all I/O is SSL/TLS, not SMTP */
if(smtpc->state == SMTP_UPGRADETLS)
- return smtp_state_upgrade_tls(conn);
+ return smtp_perform_upgrade_tls(conn);
/* Flush any data that needs to be sent */
if(pp->sendleft)
return Curl_pp_flushsend(pp);
- /* Read the response from the server */
- result = Curl_pp_readresp(sock, pp, &smtpcode, &nread);
- if(result)
- return result;
+ do {
+ /* Read the response from the server */
+ result = Curl_pp_readresp(sock, pp, &smtpcode, &nread);
+ if(result)
+ return result;
- /* Store the latest response for later retrieval */
- if(smtpc->state != SMTP_QUIT)
- data->info.httpcode = smtpcode;
+ /* Store the latest response for later retrieval if necessary */
+ if(smtpc->state != SMTP_QUIT && smtpcode != 1)
+ data->info.httpcode = smtpcode;
+
+ if(!smtpcode)
+ break;
- if(smtpcode) {
/* We have now received a full SMTP server response */
switch(smtpc->state) {
case SMTP_SERVERGREET:
break;
#endif
- case SMTP_AUTH:
+#if defined(USE_KERBEROS5)
+ case SMTP_AUTH_GSSAPI:
+ result = smtp_state_auth_gssapi_resp(conn, smtpcode, smtpc->state);
+ break;
+
+ case SMTP_AUTH_GSSAPI_TOKEN:
+ result = smtp_state_auth_gssapi_token_resp(conn, smtpcode, smtpc->state);
+ break;
+
+ case SMTP_AUTH_GSSAPI_NO_DATA:
+ result = smtp_state_auth_gssapi_no_data_resp(conn, smtpcode,
+ smtpc->state);
+ break;
+#endif
+
+ case SMTP_AUTH_XOAUTH2:
+ result = smtp_state_auth_xoauth2_resp(conn, smtpcode, smtpc->state);
+ break;
+
+ case SMTP_AUTH_CANCEL:
+ result = smtp_state_auth_cancel_resp(conn, smtpcode, smtpc->state);
+ break;
+
+ case SMTP_AUTH_FINAL:
result = smtp_state_auth_final_resp(conn, smtpcode, smtpc->state);
break;
+ case SMTP_COMMAND:
+ result = smtp_state_command_resp(conn, smtpcode, smtpc->state);
+ break;
+
case SMTP_MAIL:
result = smtp_state_mail_resp(conn, smtpcode, smtpc->state);
break;
state(conn, SMTP_STOP);
break;
}
- }
+ } while(!result && smtpc->state != SMTP_STOP && Curl_pp_moredata(pp));
return result;
}
CURLcode result = CURLE_OK;
struct smtp_conn *smtpc = &conn->proto.smtpc;
- if((conn->handler->flags & PROTOPT_SSL) && !smtpc->ssldone)
+ if((conn->handler->flags & PROTOPT_SSL) && !smtpc->ssldone) {
result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &smtpc->ssldone);
- else
- result = Curl_pp_statemach(&smtpc->pp, FALSE);
+ if(result || !smtpc->ssldone)
+ return result;
+ }
+ result = Curl_pp_statemach(&smtpc->pp, FALSE);
*done = (smtpc->state == SMTP_STOP) ? TRUE : FALSE;
return result;
CURLcode result = CURLE_OK;
struct smtp_conn *smtpc = &conn->proto.smtpc;
- while(smtpc->state != SMTP_STOP) {
+ while(smtpc->state != SMTP_STOP && !result)
result = Curl_pp_statemach(&smtpc->pp, TRUE);
- if(result)
- break;
- }
return result;
}
required */
static CURLcode smtp_init(struct connectdata *conn)
{
+ CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct FTP *smtp = data->state.proto.smtp;
+ struct SMTP *smtp;
- if(!smtp) {
- smtp = data->state.proto.smtp = calloc(sizeof(struct FTP), 1);
- if(!smtp)
- return CURLE_OUT_OF_MEMORY;
- }
-
- /* Get some initial data into the smtp struct */
- smtp->bytecountp = &data->req.bytecount;
-
- /* No need to duplicate user+password, the connectdata struct won't change
- during a session, but we re-init them here since on subsequent inits
- since the conn struct may have changed or been replaced.
- */
- smtp->user = conn->user;
- smtp->passwd = conn->passwd;
+ smtp = data->req.protop = calloc(sizeof(struct SMTP), 1);
+ if(!smtp)
+ result = CURLE_OUT_OF_MEMORY;
- return CURLE_OK;
+ return result;
}
/* For the SMTP "protocol connect" and "doing" phases only */
* the connection phase.
*
* The variable pointed to by 'done' will be TRUE if the protocol-layer
- * connect phase is done when this function returns, or FALSE if not. When
- * called as a part of the easy interface, it will always be TRUE.
+ * connect phase is done when this function returns, or FALSE if not.
*/
static CURLcode smtp_connect(struct connectdata *conn, bool *done)
{
CURLcode result = CURLE_OK;
struct smtp_conn *smtpc = &conn->proto.smtpc;
struct pingpong *pp = &smtpc->pp;
- const char *path = conn->data->state.path;
- char localhost[HOSTNAME_MAX + 1];
*done = FALSE; /* default to not done yet */
- /* If there already is a protocol-specific struct allocated for this
- sessionhandle, deal with it */
- Curl_reset_reqproto(conn);
-
- /* Initialise the SMTP layer */
- result = smtp_init(conn);
- if(result)
- return result;
-
/* We always support persistent connections in SMTP */
- conn->bits.close = FALSE;
+ connkeep(conn, "SMTP default");
/* Set the default response time-out */
pp->response_time = RESP_TIMEOUT;
pp->endofresp = smtp_endofresp;
pp->conn = conn;
+ /* Set the default preferred authentication mechanism */
+ smtpc->prefmech = SASL_AUTH_ANY;
+
/* Initialise the pingpong layer */
Curl_pp_init(pp);
- /* Calculate the path if necessary */
- if(!*path) {
- if(!Curl_gethostname(localhost, sizeof(localhost)))
- path = localhost;
- else
- path = "localhost";
- }
+ /* Parse the URL options */
+ result = smtp_parse_url_options(conn);
+ if(result)
+ return result;
- /* URL decode the path and use it as the domain in our EHLO */
- result = Curl_urldecode(conn->data, path, 0, &smtpc->domain, NULL, TRUE);
+ /* Parse the URL path */
+ result = smtp_parse_url_path(conn);
if(result)
return result;
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct FTP *smtp = data->state.proto.smtp;
+ struct SMTP *smtp = data->req.protop;
+ struct pingpong *pp = &conn->proto.smtpc.pp;
+ char *eob;
+ ssize_t len;
ssize_t bytes_written;
(void)premature;
- if(!smtp)
- /* When the easy handle is removed from the multi while libcurl is still
- * trying to resolve the host name, it seems that the SMTP struct is not
- * yet initialized, but the removal action calls Curl_done() which calls
- * this function. So we simply return success if no SMTP pointer is set.
- */
+ if(!smtp || !pp->conn)
+ /* When the easy handle is removed from the multi interface while libcurl
+ is still trying to resolve the host name, the SMTP struct is not yet
+ initialized. However, the removal action calls Curl_done() which in
+ turn calls this function, so we simply return success. */
return CURLE_OK;
if(status) {
- conn->bits.close = TRUE; /* marked for closure */
+ connclose(conn, "SMTP done with bad status"); /* marked for closure */
result = status; /* use the already set error code */
}
- else if(!data->set.connect_only) {
- struct smtp_conn *smtpc = &conn->proto.smtpc;
- struct pingpong *pp = &smtpc->pp;
+ else if(!data->set.connect_only && data->set.upload && data->set.mail_rcpt) {
+ /* Calculate the EOB taking into account any terminating CRLF from the
+ previous line of the email or the CRLF of the DATA command when there
+ is "no mail data". RFC-5321, sect. 4.1.1.4.
+
+ Note: As some SSL backends, such as OpenSSL, will cause Curl_write() to
+ fail when using a different pointer following a previous write, that
+ returned CURLE_AGAIN, we duplicate the EOB now rather than when the
+ bytes written doesn't equal len. */
+ if(smtp->trailing_crlf || !conn->data->state.infilesize) {
+ eob = strdup(SMTP_EOB + 2);
+ len = SMTP_EOB_LEN - 2;
+ }
+ else {
+ eob = strdup(SMTP_EOB);
+ len = SMTP_EOB_LEN;
+ }
- /* Send the end of block data */
- result = Curl_write(conn,
- conn->writesockfd, /* socket to send to */
- SMTP_EOB, /* buffer pointer */
- SMTP_EOB_LEN, /* buffer size */
- &bytes_written); /* actually sent away */
+ if(!eob)
+ return CURLE_OUT_OF_MEMORY;
- if(result)
+ /* Send the end of block data */
+ result = Curl_write(conn, conn->writesockfd, eob, len, &bytes_written);
+ if(result) {
+ free(eob);
return result;
+ }
- if(bytes_written != SMTP_EOB_LEN) {
+ if(bytes_written != len) {
/* The whole chunk was not sent so keep it around and adjust the
pingpong structure accordingly */
- pp->sendthis = strdup(SMTP_EOB);
- pp->sendsize = SMTP_EOB_LEN;
- pp->sendleft = SMTP_EOB_LEN - bytes_written;
+ pp->sendthis = eob;
+ pp->sendsize = len;
+ pp->sendleft = len - bytes_written;
}
- else
+ else {
/* Successfully sent so adjust the response timeout relative to now */
pp->response = Curl_tvnow();
+ free(eob);
+ }
+
state(conn, SMTP_POSTDATA);
/* Run the state-machine
result = smtp_block_statemach(conn);
}
+ /* Cleanup our per-request based variables */
+ Curl_safefree(smtp->custom);
+
/* Clear the transfer mode for the next request */
smtp->transfer = FTPTRANSFER_BODY;
*
* smtp_perform()
*
- * This is the actual DO function for SMTP. Get a file/directory according to
- * the options previously setup.
+ * This is the actual DO function for SMTP. Transfer a mail, send a command
+ * or get some data according to the options previously setup.
*/
static CURLcode smtp_perform(struct connectdata *conn, bool *connected,
bool *dophase_done)
{
/* This is SMTP and no proxy */
CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ struct SMTP *smtp = data->req.protop;
DEBUGF(infof(conn->data, "DO phase starts\n"));
- if(conn->data->set.opt_no_body) {
+ if(data->set.opt_no_body) {
/* Requested no body means no transfer */
- struct FTP *smtp = conn->data->state.proto.smtp;
smtp->transfer = FTPTRANSFER_INFO;
}
*dophase_done = FALSE; /* not done yet */
+ /* Store the first recipient (or NULL if not specified) */
+ smtp->rcpt = data->set.mail_rcpt;
+
/* Start the first command in the DO phase */
- result = smtp_mail(conn);
+ if(data->set.upload && data->set.mail_rcpt)
+ /* MAIL transfer */
+ result = smtp_perform_mail(conn);
+ else
+ /* SMTP based command (VRFY, EXPN, NOOP, RSET or HELP) */
+ result = smtp_perform_command(conn);
+
if(result)
return result;
- /* run the state-machine */
+ /* Run the state-machine */
result = smtp_multi_statemach(conn, dophase_done);
*connected = conn->bits.tcpconnect[FIRSTSOCKET];
*done = FALSE; /* default to false */
- /*
- Since connections can be re-used between SessionHandles, this might be a
- connection already existing but on a fresh SessionHandle struct so we must
- make sure we have a good 'struct SMTP' to play with. For new connections,
- the struct SMTP is allocated and setup in the smtp_connect() function.
- */
- Curl_reset_reqproto(conn);
- result = smtp_init(conn);
+ /* Parse the custom request */
+ result = smtp_parse_custom_request(conn);
if(result)
return result;
/***********************************************************************
*
- * smtp_quit()
- *
- * This should be called before calling sclose(). We should then wait for the
- * response from the server before returning. The calling code should then try
- * to close the connection.
- */
-static CURLcode smtp_quit(struct connectdata *conn)
-{
- CURLcode result = CURLE_OK;
-
- result = Curl_pp_sendf(&conn->proto.smtpc.pp, "QUIT");
- if(result)
- return result;
-
- state(conn, SMTP_QUIT);
-
- result = smtp_block_statemach(conn);
-
- return result;
-}
-
-/***********************************************************************
- *
* smtp_disconnect()
*
* Disconnect from an SMTP server. Cleanup protocol-specific per-connection
* resources. BLOCKING.
*/
-static CURLcode smtp_disconnect(struct connectdata *conn,
- bool dead_connection)
+static CURLcode smtp_disconnect(struct connectdata *conn, bool dead_connection)
{
struct smtp_conn *smtpc = &conn->proto.smtpc;
/* We cannot send quit unconditionally. If this connection is stale or
bad in any way, sending quit and waiting around here will make the
- disconnect wait in vain and cause more problems than we need to */
+ disconnect wait in vain and cause more problems than we need to. */
/* The SMTP session may or may not have been allocated/setup at this
point! */
- if(!dead_connection && smtpc->pp.conn)
- (void)smtp_quit(conn); /* ignore errors on QUIT */
+ if(!dead_connection && smtpc->pp.conn && smtpc->pp.conn->bits.protoconnstart)
+ if(!smtp_perform_quit(conn))
+ (void)smtp_block_statemach(conn); /* ignore errors on QUIT */
/* Disconnect from the server */
Curl_pp_disconnect(&smtpc->pp);
/* Call this when the DO phase has completed */
static CURLcode smtp_dophase_done(struct connectdata *conn, bool connected)
{
- struct FTP *smtp = conn->data->state.proto.smtp;
+ struct SMTP *smtp = conn->data->req.protop;
(void)connected;
if(result)
DEBUGF(infof(conn->data, "DO phase failed\n"));
- else {
- if(*dophase_done) {
- result = smtp_dophase_done(conn, FALSE /* not connected */);
+ else if(*dophase_done) {
+ result = smtp_dophase_done(conn, FALSE /* not connected */);
- DEBUGF(infof(conn->data, "DO phase is complete\n"));
- }
+ DEBUGF(infof(conn->data, "DO phase is complete\n"));
}
return result;
/* Make sure size is unknown at this point */
data->req.size = -1;
+ /* Set the progress data */
Curl_pgrsSetUploadCounter(data, 0);
Curl_pgrsSetDownloadCounter(data, 0);
- Curl_pgrsSetUploadSize(data, 0);
- Curl_pgrsSetDownloadSize(data, 0);
+ Curl_pgrsSetUploadSize(data, -1);
+ Curl_pgrsSetDownloadSize(data, -1);
+ /* Carry out the perform */
result = smtp_perform(conn, &connected, dophase_done);
- if(!result) {
- if(!*dophase_done)
- /* The DO phase has not completed yet */
- return CURLE_OK;
-
+ /* Perform post DO phase operations if necessary */
+ if(!result && *dophase_done)
result = smtp_dophase_done(conn, connected);
- }
return result;
}
static CURLcode smtp_setup_connection(struct connectdata *conn)
{
struct SessionHandle *data = conn->data;
+ CURLcode result;
if(conn->bits.httpproxy && !data->set.tunnel_thru_httpproxy) {
/* Unless we have asked to tunnel SMTP operations through the proxy, we
return CURLE_UNSUPPORTED_PROTOCOL;
#endif
}
+ /* set it up as a HTTP connection instead */
+ return conn->handler->setup_connection(conn);
- /* We explicitly mark this connection as persistent here as we're doing
- SMTP over HTTP and thus we accidentally avoid setting this value
- otherwise */
- conn->bits.close = FALSE;
#else
failf(data, "SMTP over http proxy requires HTTP support built-in!");
return CURLE_UNSUPPORTED_PROTOCOL;
#endif
}
+ /* Initialise the SMTP layer */
+ result = smtp_init(conn);
+ if(result)
+ return result;
+
data->state.path++; /* don't include the initial slash */
return CURLE_OK;
}
-CURLcode Curl_smtp_escape_eob(struct connectdata *conn, ssize_t nread)
+/***********************************************************************
+ *
+ * smtp_parse_url_options()
+ *
+ * Parse the URL login options.
+ */
+static CURLcode smtp_parse_url_options(struct connectdata *conn)
+{
+ CURLcode result = CURLE_OK;
+ struct smtp_conn *smtpc = &conn->proto.smtpc;
+ const char *options = conn->options;
+ const char *ptr = options;
+ bool reset = TRUE;
+
+ while(ptr && *ptr) {
+ const char *key = ptr;
+
+ while(*ptr && *ptr != '=')
+ ptr++;
+
+ if(strnequal(key, "AUTH", 4)) {
+ size_t len = 0;
+ const char *value = ++ptr;
+
+ if(reset) {
+ reset = FALSE;
+ smtpc->prefmech = SASL_AUTH_NONE;
+ }
+
+ while(*ptr && *ptr != ';') {
+ ptr++;
+ len++;
+ }
+
+ if(strnequal(value, "*", len))
+ smtpc->prefmech = SASL_AUTH_ANY;
+ else if(strnequal(value, SASL_MECH_STRING_LOGIN, len))
+ smtpc->prefmech |= SASL_MECH_LOGIN;
+ else if(strnequal(value, SASL_MECH_STRING_PLAIN, len))
+ smtpc->prefmech |= SASL_MECH_PLAIN;
+ else if(strnequal(value, SASL_MECH_STRING_CRAM_MD5, len))
+ smtpc->prefmech |= SASL_MECH_CRAM_MD5;
+ else if(strnequal(value, SASL_MECH_STRING_DIGEST_MD5, len))
+ smtpc->prefmech |= SASL_MECH_DIGEST_MD5;
+ else if(strnequal(value, SASL_MECH_STRING_GSSAPI, len))
+ smtpc->prefmech |= SASL_MECH_GSSAPI;
+ else if(strnequal(value, SASL_MECH_STRING_NTLM, len))
+ smtpc->prefmech |= SASL_MECH_NTLM;
+ else if(strnequal(value, SASL_MECH_STRING_XOAUTH2, len))
+ smtpc->prefmech |= SASL_MECH_XOAUTH2;
+
+ if(*ptr == ';')
+ ptr++;
+ }
+ else
+ result = CURLE_URL_MALFORMAT;
+ }
+
+ return result;
+}
+
+/***********************************************************************
+ *
+ * smtp_parse_url_path()
+ *
+ * Parse the URL path into separate path components.
+ */
+static CURLcode smtp_parse_url_path(struct connectdata *conn)
+{
+ /* The SMTP struct is already initialised in smtp_connect() */
+ struct SessionHandle *data = conn->data;
+ struct smtp_conn *smtpc = &conn->proto.smtpc;
+ const char *path = data->state.path;
+ char localhost[HOSTNAME_MAX + 1];
+
+ /* Calculate the path if necessary */
+ if(!*path) {
+ if(!Curl_gethostname(localhost, sizeof(localhost)))
+ path = localhost;
+ else
+ path = "localhost";
+ }
+
+ /* URL decode the path and use it as the domain in our EHLO */
+ return Curl_urldecode(conn->data, path, 0, &smtpc->domain, NULL, TRUE);
+}
+
+/***********************************************************************
+ *
+ * smtp_parse_custom_request()
+ *
+ * Parse the custom request.
+ */
+static CURLcode smtp_parse_custom_request(struct connectdata *conn)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ struct SMTP *smtp = data->req.protop;
+ const char *custom = data->set.str[STRING_CUSTOMREQUEST];
+
+ /* URL decode the custom request */
+ if(custom)
+ result = Curl_urldecode(data, custom, 0, &smtp->custom, NULL, TRUE);
+
+ return result;
+}
+
+/***********************************************************************
+ *
+ * smtp_calc_sasl_details()
+ *
+ * Calculate the required login details for SASL authentication.
+ */
+static CURLcode smtp_calc_sasl_details(struct connectdata *conn,
+ const char **mech,
+ char **initresp, size_t *len,
+ smtpstate *state1, smtpstate *state2)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ struct smtp_conn *smtpc = &conn->proto.smtpc;
+
+ /* Calculate the supported authentication mechanism, by decreasing order of
+ security, as well as the initial response where appropriate */
+#if defined(USE_KERBEROS5)
+ if((smtpc->authmechs & SASL_MECH_GSSAPI) &&
+ (smtpc->prefmech & SASL_MECH_GSSAPI)) {
+ smtpc->mutual_auth = FALSE; /* TODO: Calculate mutual authentication */
+
+ *mech = SASL_MECH_STRING_GSSAPI;
+ *state1 = SMTP_AUTH_GSSAPI;
+ *state2 = SMTP_AUTH_GSSAPI_TOKEN;
+ smtpc->authused = SASL_MECH_GSSAPI;
+
+ if(data->set.sasl_ir)
+ result = Curl_sasl_create_gssapi_user_message(data, conn->user,
+ conn->passwd, "smtp",
+ smtpc->mutual_auth,
+ NULL, &conn->krb5,
+ initresp, len);
+ }
+ else
+#endif
+#ifndef CURL_DISABLE_CRYPTO_AUTH
+ if((smtpc->authmechs & SASL_MECH_DIGEST_MD5) &&
+ (smtpc->prefmech & SASL_MECH_DIGEST_MD5)) {
+ *mech = SASL_MECH_STRING_DIGEST_MD5;
+ *state1 = SMTP_AUTH_DIGESTMD5;
+ smtpc->authused = SASL_MECH_DIGEST_MD5;
+ }
+ else if((smtpc->authmechs & SASL_MECH_CRAM_MD5) &&
+ (smtpc->prefmech & SASL_MECH_CRAM_MD5)) {
+ *mech = SASL_MECH_STRING_CRAM_MD5;
+ *state1 = SMTP_AUTH_CRAMMD5;
+ smtpc->authused = SASL_MECH_CRAM_MD5;
+ }
+ else
+#endif
+#ifdef USE_NTLM
+ if((smtpc->authmechs & SASL_MECH_NTLM) &&
+ (smtpc->prefmech & SASL_MECH_NTLM)) {
+ *mech = SASL_MECH_STRING_NTLM;
+ *state1 = SMTP_AUTH_NTLM;
+ *state2 = SMTP_AUTH_NTLM_TYPE2MSG;
+ smtpc->authused = SASL_MECH_NTLM;
+
+ if(data->set.sasl_ir)
+ result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
+ &conn->ntlm,
+ initresp, len);
+ }
+ else
+#endif
+ if(((smtpc->authmechs & SASL_MECH_XOAUTH2) &&
+ (smtpc->prefmech & SASL_MECH_XOAUTH2) &&
+ (smtpc->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
+ *mech = SASL_MECH_STRING_XOAUTH2;
+ *state1 = SMTP_AUTH_XOAUTH2;
+ *state2 = SMTP_AUTH_FINAL;
+ smtpc->authused = SASL_MECH_XOAUTH2;
+
+ if(data->set.sasl_ir)
+ result = Curl_sasl_create_xoauth2_message(data, conn->user,
+ conn->xoauth2_bearer,
+ initresp, len);
+ }
+ else if((smtpc->authmechs & SASL_MECH_LOGIN) &&
+ (smtpc->prefmech & SASL_MECH_LOGIN)) {
+ *mech = SASL_MECH_STRING_LOGIN;
+ *state1 = SMTP_AUTH_LOGIN;
+ *state2 = SMTP_AUTH_LOGIN_PASSWD;
+ smtpc->authused = SASL_MECH_LOGIN;
+
+ if(data->set.sasl_ir)
+ result = Curl_sasl_create_login_message(data, conn->user, initresp, len);
+ }
+ else if((smtpc->authmechs & SASL_MECH_PLAIN) &&
+ (smtpc->prefmech & SASL_MECH_PLAIN)) {
+ *mech = SASL_MECH_STRING_PLAIN;
+ *state1 = SMTP_AUTH_PLAIN;
+ *state2 = SMTP_AUTH_FINAL;
+ smtpc->authused = SASL_MECH_PLAIN;
+
+ if(data->set.sasl_ir)
+ result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
+ initresp, len);
+ }
+
+ return result;
+}
+
+CURLcode Curl_smtp_escape_eob(struct connectdata *conn, const ssize_t nread)
{
/* When sending a SMTP payload we must detect CRLF. sequences making sure
they are sent as CRLF.. instead, as a . on the beginning of a line will
be deleted by the server when not part of an EOB terminator and a
genuine CRLF.CRLF which isn't escaped will wrongly be detected as end of
- data by the server.
+ data by the server
*/
ssize_t i;
ssize_t si;
- struct smtp_conn *smtpc = &conn->proto.smtpc;
struct SessionHandle *data = conn->data;
+ struct SMTP *smtp = data->req.protop;
+ char *scratch = data->state.scratch;
+ char *newscratch = NULL;
+ char *oldscratch = NULL;
+ size_t eob_sent;
+
+ /* Do we need to allocate a scratch buffer? */
+ if(!scratch || data->set.crlf) {
+ oldscratch = scratch;
- /* Do we need to allocate the scatch buffer? */
- if(!data->state.scratch) {
- data->state.scratch = malloc(2 * BUFSIZE);
+ scratch = newscratch = malloc(2 * BUFSIZE);
+ if(!newscratch) {
+ failf(data, "Failed to alloc scratch buffer!");
- if(!data->state.scratch) {
- failf (data, "Failed to alloc scratch buffer!");
return CURLE_OUT_OF_MEMORY;
}
}
+ /* Have we already sent part of the EOB? */
+ eob_sent = smtp->eob;
+
/* This loop can be improved by some kind of Boyer-Moore style of
approach but that is saved for later... */
for(i = 0, si = 0; i < nread; i++) {
- if(SMTP_EOB[smtpc->eob] == data->req.upload_fromhere[i])
- smtpc->eob++;
- else if(smtpc->eob) {
+ if(SMTP_EOB[smtp->eob] == data->req.upload_fromhere[i]) {
+ smtp->eob++;
+
+ /* Is the EOB potentially the terminating CRLF? */
+ if(2 == smtp->eob || SMTP_EOB_LEN == smtp->eob)
+ smtp->trailing_crlf = TRUE;
+ else
+ smtp->trailing_crlf = FALSE;
+ }
+ else if(smtp->eob) {
/* A previous substring matched so output that first */
- memcpy(&data->state.scratch[si], SMTP_EOB, smtpc->eob);
- si += smtpc->eob;
+ memcpy(&scratch[si], &SMTP_EOB[eob_sent], smtp->eob - eob_sent);
+ si += smtp->eob - eob_sent;
/* Then compare the first byte */
if(SMTP_EOB[0] == data->req.upload_fromhere[i])
- smtpc->eob = 1;
+ smtp->eob = 1;
else
- smtpc->eob = 0;
+ smtp->eob = 0;
+
+ eob_sent = 0;
+
+ /* Reset the trailing CRLF flag as there was more data */
+ smtp->trailing_crlf = FALSE;
}
- /* Do we have a match for CRLF. as per RFC-2821, sect. 4.5.2 */
- if(SMTP_EOB_FIND_LEN == smtpc->eob) {
+ /* Do we have a match for CRLF. as per RFC-5321, sect. 4.5.2 */
+ if(SMTP_EOB_FIND_LEN == smtp->eob) {
/* Copy the replacement data to the target buffer */
- memcpy(&data->state.scratch[si], SMTP_EOB_REPL, SMTP_EOB_REPL_LEN);
- si += SMTP_EOB_REPL_LEN;
- smtpc->eob = 0;
+ memcpy(&scratch[si], &SMTP_EOB_REPL[eob_sent],
+ SMTP_EOB_REPL_LEN - eob_sent);
+ si += SMTP_EOB_REPL_LEN - eob_sent;
+ smtp->eob = 0;
+ eob_sent = 0;
}
- else if(!smtpc->eob)
- data->state.scratch[si++] = data->req.upload_fromhere[i];
+ else if(!smtp->eob)
+ scratch[si++] = data->req.upload_fromhere[i];
}
- if(smtpc->eob) {
+ if(smtp->eob - eob_sent) {
/* A substring matched before processing ended so output that now */
- memcpy(&data->state.scratch[si], SMTP_EOB, smtpc->eob);
- si += smtpc->eob;
- smtpc->eob = 0;
+ memcpy(&scratch[si], &SMTP_EOB[eob_sent], smtp->eob - eob_sent);
+ si += smtp->eob - eob_sent;
}
+ /* Only use the new buffer if we replaced something */
if(si != nread) {
- /* Only use the new buffer if we replaced something */
- nread = si;
-
/* Upload from the new (replaced) buffer instead */
- data->req.upload_fromhere = data->state.scratch;
+ data->req.upload_fromhere = scratch;
+
+ /* Save the buffer so it can be freed later */
+ data->state.scratch = scratch;
+
+ /* Free the old scratch buffer */
+ Curl_safefree(oldscratch);
/* Set the new amount too */
- data->req.upload_present = nread;
+ data->req.upload_present = si;
}
+ else
+ Curl_safefree(newscratch);
return CURLE_OK;
}
projects / platform / upstream / curl.git / blobdiff