pop3.c 67 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997199819992000200120022003200420052006200720082009201020112012201320142015201620172018201920202021202220232024202520262027202820292030203120322033203420352036203720382039204020412042204320442045204620472048204920502051205220532054205520562057205820592060206120622063206420652066206720682069207020712072207320742075207620772078207920802081208220832084208520862087208820892090209120922093209420952096209720982099210021012102210321042105210621072108210921102111211221132114211521162117211821192120212121222123212421252126212721282129213021312132213321342135213621372138213921402141214221432144214521462147214821492150215121522153215421552156215721582159216021612162216321642165216621672168216921702171217221732174217521762177217821792180218121822183218421852186218721882189219021912192219321942195219621972198219922002201220222032204220522062207220822092210221122122213221422152216221722182219222022212222222322242225222622272228222922302231223222332234223522362237223822392240224122422243224422452246224722482249225022512252225322542255225622572258225922602261226222632264226522662267226822692270227122722273227422752276227722782279228022812282228322842285228622872288228922902291229222932294229522962297229822992300230123022303230423052306230723082309231023112312231323142315231623172318231923202321232223232324232523262327232823292330233123322333233423352336233723382339
  1. /***************************************************************************
  2. * _ _ ____ _
  3. * Project ___| | | | _ \| |
  4. * / __| | | | |_) | |
  5. * | (__| |_| | _ <| |___
  6. * \___|\___/|_| \_\_____|
  7. *
  8. * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
  9. *
  10. * This software is licensed as described in the file COPYING, which
  11. * you should have received as part of this distribution. The terms
  12. * are also available at http://curl.haxx.se/docs/copyright.html.
  13. *
  14. * You may opt to use, copy, modify, merge, publish, distribute and/or sell
  15. * copies of the Software, and permit persons to whom the Software is
  16. * furnished to do so, under the terms of the COPYING file.
  17. *
  18. * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
  19. * KIND, either express or implied.
  20. *
  21. * RFC1734 POP3 Authentication
  22. * RFC1939 POP3 protocol
  23. * RFC2195 CRAM-MD5 authentication
  24. * RFC2384 POP URL Scheme
  25. * RFC2449 POP3 Extension Mechanism
  26. * RFC2595 Using TLS with IMAP, POP3 and ACAP
  27. * RFC2831 DIGEST-MD5 authentication
  28. * RFC4422 Simple Authentication and Security Layer (SASL)
  29. * RFC4616 PLAIN authentication
  30. * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism
  31. * RFC5034 POP3 SASL Authentication Mechanism
  32. * RFC6749 OAuth 2.0 Authorization Framework
  33. * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
  34. *
  35. ***************************************************************************/
  36. #include "curl_setup.h"
  37. #ifndef CURL_DISABLE_POP3
  38. #ifdef HAVE_NETINET_IN_H
  39. #include <netinet/in.h>
  40. #endif
  41. #ifdef HAVE_ARPA_INET_H
  42. #include <arpa/inet.h>
  43. #endif
  44. #ifdef HAVE_UTSNAME_H
  45. #include <sys/utsname.h>
  46. #endif
  47. #ifdef HAVE_NETDB_H
  48. #include <netdb.h>
  49. #endif
  50. #ifdef __VMS
  51. #include <in.h>
  52. #include <inet.h>
  53. #endif
  54. #if (defined(NETWARE) && defined(__NOVELL_LIBC__))
  55. #undef in_addr_t
  56. #define in_addr_t unsigned long
  57. #endif
  58. #include <curl/curl.h>
  59. #include "urldata.h"
  60. #include "sendf.h"
  61. #include "if2ip.h"
  62. #include "hostip.h"
  63. #include "progress.h"
  64. #include "transfer.h"
  65. #include "escape.h"
  66. #include "http.h" /* for HTTP proxy tunnel stuff */
  67. #include "socks.h"
  68. #include "pop3.h"
  69. #include "strtoofft.h"
  70. #include "strequal.h"
  71. #include "vtls/vtls.h"
  72. #include "connect.h"
  73. #include "strerror.h"
  74. #include "select.h"
  75. #include "multiif.h"
  76. #include "url.h"
  77. #include "rawstr.h"
  78. #include "curl_sasl.h"
  79. #include "curl_md5.h"
  80. #include "warnless.h"
  81. #define _MPRINTF_REPLACE /* use our functions only */
  82. #include <curl/mprintf.h>
  83. #include "curl_memory.h"
  84. /* The last #include file should be: */
  85. #include "memdebug.h"
  86. /* Local API functions */
  87. static CURLcode pop3_regular_transfer(struct connectdata *conn, bool *done);
  88. static CURLcode pop3_do(struct connectdata *conn, bool *done);
  89. static CURLcode pop3_done(struct connectdata *conn, CURLcode status,
  90. bool premature);
  91. static CURLcode pop3_connect(struct connectdata *conn, bool *done);
  92. static CURLcode pop3_disconnect(struct connectdata *conn, bool dead);
  93. static CURLcode pop3_multi_statemach(struct connectdata *conn, bool *done);
  94. static int pop3_getsock(struct connectdata *conn, curl_socket_t *socks,
  95. int numsocks);
  96. static CURLcode pop3_doing(struct connectdata *conn, bool *dophase_done);
  97. static CURLcode pop3_setup_connection(struct connectdata *conn);
  98. static CURLcode pop3_parse_url_options(struct connectdata *conn);
  99. static CURLcode pop3_parse_url_path(struct connectdata *conn);
  100. static CURLcode pop3_parse_custom_request(struct connectdata *conn);
  101. static CURLcode pop3_calc_sasl_details(struct connectdata *conn,
  102. const char **mech,
  103. char **initresp, size_t *len,
  104. pop3state *state1, pop3state *state2);
  105. /*
  106. * POP3 protocol handler.
  107. */
  108. const struct Curl_handler Curl_handler_pop3 = {
  109. "POP3", /* scheme */
  110. pop3_setup_connection, /* setup_connection */
  111. pop3_do, /* do_it */
  112. pop3_done, /* done */
  113. ZERO_NULL, /* do_more */
  114. pop3_connect, /* connect_it */
  115. pop3_multi_statemach, /* connecting */
  116. pop3_doing, /* doing */
  117. pop3_getsock, /* proto_getsock */
  118. pop3_getsock, /* doing_getsock */
  119. ZERO_NULL, /* domore_getsock */
  120. ZERO_NULL, /* perform_getsock */
  121. pop3_disconnect, /* disconnect */
  122. ZERO_NULL, /* readwrite */
  123. PORT_POP3, /* defport */
  124. CURLPROTO_POP3, /* protocol */
  125. PROTOPT_CLOSEACTION | PROTOPT_NOURLQUERY /* flags */
  126. };
  127. #ifdef USE_SSL
  128. /*
  129. * POP3S protocol handler.
  130. */
  131. const struct Curl_handler Curl_handler_pop3s = {
  132. "POP3S", /* scheme */
  133. pop3_setup_connection, /* setup_connection */
  134. pop3_do, /* do_it */
  135. pop3_done, /* done */
  136. ZERO_NULL, /* do_more */
  137. pop3_connect, /* connect_it */
  138. pop3_multi_statemach, /* connecting */
  139. pop3_doing, /* doing */
  140. pop3_getsock, /* proto_getsock */
  141. pop3_getsock, /* doing_getsock */
  142. ZERO_NULL, /* domore_getsock */
  143. ZERO_NULL, /* perform_getsock */
  144. pop3_disconnect, /* disconnect */
  145. ZERO_NULL, /* readwrite */
  146. PORT_POP3S, /* defport */
  147. CURLPROTO_POP3S, /* protocol */
  148. PROTOPT_CLOSEACTION | PROTOPT_SSL
  149. | PROTOPT_NOURLQUERY /* flags */
  150. };
  151. #endif
  152. #ifndef CURL_DISABLE_HTTP
  153. /*
  154. * HTTP-proxyed POP3 protocol handler.
  155. */
  156. static const struct Curl_handler Curl_handler_pop3_proxy = {
  157. "POP3", /* scheme */
  158. Curl_http_setup_conn, /* setup_connection */
  159. Curl_http, /* do_it */
  160. Curl_http_done, /* done */
  161. ZERO_NULL, /* do_more */
  162. ZERO_NULL, /* connect_it */
  163. ZERO_NULL, /* connecting */
  164. ZERO_NULL, /* doing */
  165. ZERO_NULL, /* proto_getsock */
  166. ZERO_NULL, /* doing_getsock */
  167. ZERO_NULL, /* domore_getsock */
  168. ZERO_NULL, /* perform_getsock */
  169. ZERO_NULL, /* disconnect */
  170. ZERO_NULL, /* readwrite */
  171. PORT_POP3, /* defport */
  172. CURLPROTO_HTTP, /* protocol */
  173. PROTOPT_NONE /* flags */
  174. };
  175. #ifdef USE_SSL
  176. /*
  177. * HTTP-proxyed POP3S protocol handler.
  178. */
  179. static const struct Curl_handler Curl_handler_pop3s_proxy = {
  180. "POP3S", /* scheme */
  181. Curl_http_setup_conn, /* setup_connection */
  182. Curl_http, /* do_it */
  183. Curl_http_done, /* done */
  184. ZERO_NULL, /* do_more */
  185. ZERO_NULL, /* connect_it */
  186. ZERO_NULL, /* connecting */
  187. ZERO_NULL, /* doing */
  188. ZERO_NULL, /* proto_getsock */
  189. ZERO_NULL, /* doing_getsock */
  190. ZERO_NULL, /* domore_getsock */
  191. ZERO_NULL, /* perform_getsock */
  192. ZERO_NULL, /* disconnect */
  193. ZERO_NULL, /* readwrite */
  194. PORT_POP3S, /* defport */
  195. CURLPROTO_HTTP, /* protocol */
  196. PROTOPT_NONE /* flags */
  197. };
  198. #endif
  199. #endif
  200. #ifdef USE_SSL
  201. static void pop3_to_pop3s(struct connectdata *conn)
  202. {
  203. conn->handler = &Curl_handler_pop3s;
  204. }
  205. #else
  206. #define pop3_to_pop3s(x) Curl_nop_stmt
  207. #endif
  208. /***********************************************************************
  209. *
  210. * pop3_endofresp()
  211. *
  212. * Checks for an ending POP3 status code at the start of the given string, but
  213. * also detects the APOP timestamp from the server greeting and various
  214. * capabilities from the CAPA response including the supported authentication
  215. * types and allowed SASL mechanisms.
  216. */
  217. static bool pop3_endofresp(struct connectdata *conn, char *line, size_t len,
  218. int *resp)
  219. {
  220. struct pop3_conn *pop3c = &conn->proto.pop3c;
  221. /* Do we have an error response? */
  222. if(len >= 4 && !memcmp("-ERR", line, 4)) {
  223. *resp = '-';
  224. return TRUE;
  225. }
  226. /* Are we processing CAPA command responses? */
  227. if(pop3c->state == POP3_CAPA) {
  228. /* Do we have the terminating line? */
  229. if(len >= 1 && !memcmp(line, ".", 1))
  230. *resp = '+';
  231. else
  232. *resp = '*';
  233. return TRUE;
  234. }
  235. /* Do we have a command or continuation response? */
  236. if((len >= 3 && !memcmp("+OK", line, 3)) ||
  237. (len >= 1 && !memcmp("+", line, 1))) {
  238. *resp = '+';
  239. return TRUE;
  240. }
  241. return FALSE; /* Nothing for us */
  242. }
  243. /***********************************************************************
  244. *
  245. * pop3_get_message()
  246. *
  247. * Gets the authentication message from the response buffer.
  248. */
  249. static void pop3_get_message(char *buffer, char** outptr)
  250. {
  251. size_t len = 0;
  252. char* message = NULL;
  253. /* Find the start of the message */
  254. for(message = buffer + 2; *message == ' ' || *message == '\t'; message++)
  255. ;
  256. /* Find the end of the message */
  257. for(len = strlen(message); len--;)
  258. if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' &&
  259. message[len] != '\t')
  260. break;
  261. /* Terminate the message */
  262. if(++len) {
  263. message[len] = '\0';
  264. }
  265. *outptr = message;
  266. }
  267. /***********************************************************************
  268. *
  269. * state()
  270. *
  271. * This is the ONLY way to change POP3 state!
  272. */
  273. static void state(struct connectdata *conn, pop3state newstate)
  274. {
  275. struct pop3_conn *pop3c = &conn->proto.pop3c;
  276. #if defined(DEBUGBUILD) && !defined(CURL_DISABLE_VERBOSE_STRINGS)
  277. /* for debug purposes */
  278. static const char * const names[] = {
  279. "STOP",
  280. "SERVERGREET",
  281. "CAPA",
  282. "STARTTLS",
  283. "UPGRADETLS",
  284. "AUTH_PLAIN",
  285. "AUTH_LOGIN",
  286. "AUTH_LOGIN_PASSWD",
  287. "AUTH_CRAMMD5",
  288. "AUTH_DIGESTMD5",
  289. "AUTH_DIGESTMD5_RESP",
  290. "AUTH_NTLM",
  291. "AUTH_NTLM_TYPE2MSG",
  292. "AUTH_GSSAPI",
  293. "AUTH_GSSAPI_TOKEN",
  294. "AUTH_GSSAPI_NO_DATA",
  295. "AUTH_XOAUTH2",
  296. "AUTH_CANCEL",
  297. "AUTH_FINAL",
  298. "APOP",
  299. "USER",
  300. "PASS",
  301. "COMMAND",
  302. "QUIT",
  303. /* LAST */
  304. };
  305. if(pop3c->state != newstate)
  306. infof(conn->data, "POP3 %p state change from %s to %s\n",
  307. (void *)pop3c, names[pop3c->state], names[newstate]);
  308. #endif
  309. pop3c->state = newstate;
  310. }
  311. /***********************************************************************
  312. *
  313. * pop3_perform_capa()
  314. *
  315. * Sends the CAPA command in order to obtain a list of server side supported
  316. * capabilities.
  317. */
  318. static CURLcode pop3_perform_capa(struct connectdata *conn)
  319. {
  320. CURLcode result = CURLE_OK;
  321. struct pop3_conn *pop3c = &conn->proto.pop3c;
  322. pop3c->authmechs = 0; /* No known authentication mechanisms yet */
  323. pop3c->authused = 0; /* Clear the authentication mechanism used */
  324. pop3c->tls_supported = FALSE; /* Clear the TLS capability */
  325. /* Send the CAPA command */
  326. result = Curl_pp_sendf(&pop3c->pp, "%s", "CAPA");
  327. if(!result)
  328. state(conn, POP3_CAPA);
  329. return result;
  330. }
  331. /***********************************************************************
  332. *
  333. * pop3_perform_starttls()
  334. *
  335. * Sends the STLS command to start the upgrade to TLS.
  336. */
  337. static CURLcode pop3_perform_starttls(struct connectdata *conn)
  338. {
  339. CURLcode result = CURLE_OK;
  340. /* Send the STLS command */
  341. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "STLS");
  342. if(!result)
  343. state(conn, POP3_STARTTLS);
  344. return result;
  345. }
  346. /***********************************************************************
  347. *
  348. * pop3_perform_upgrade_tls()
  349. *
  350. * Performs the upgrade to TLS.
  351. */
  352. static CURLcode pop3_perform_upgrade_tls(struct connectdata *conn)
  353. {
  354. CURLcode result = CURLE_OK;
  355. struct pop3_conn *pop3c = &conn->proto.pop3c;
  356. /* Start the SSL connection */
  357. result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &pop3c->ssldone);
  358. if(!result) {
  359. if(pop3c->state != POP3_UPGRADETLS)
  360. state(conn, POP3_UPGRADETLS);
  361. if(pop3c->ssldone) {
  362. pop3_to_pop3s(conn);
  363. result = pop3_perform_capa(conn);
  364. }
  365. }
  366. return result;
  367. }
  368. /***********************************************************************
  369. *
  370. * pop3_perform_user()
  371. *
  372. * Sends a clear text USER command to authenticate with.
  373. */
  374. static CURLcode pop3_perform_user(struct connectdata *conn)
  375. {
  376. CURLcode result = CURLE_OK;
  377. /* Check we have a username and password to authenticate with and end the
  378. connect phase if we don't */
  379. if(!conn->bits.user_passwd) {
  380. state(conn, POP3_STOP);
  381. return result;
  382. }
  383. /* Send the USER command */
  384. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "USER %s",
  385. conn->user ? conn->user : "");
  386. if(!result)
  387. state(conn, POP3_USER);
  388. return result;
  389. }
  390. #ifndef CURL_DISABLE_CRYPTO_AUTH
  391. /***********************************************************************
  392. *
  393. * pop3_perform_apop()
  394. *
  395. * Sends an APOP command to authenticate with.
  396. */
  397. static CURLcode pop3_perform_apop(struct connectdata *conn)
  398. {
  399. CURLcode result = CURLE_OK;
  400. struct pop3_conn *pop3c = &conn->proto.pop3c;
  401. size_t i;
  402. MD5_context *ctxt;
  403. unsigned char digest[MD5_DIGEST_LEN];
  404. char secret[2 * MD5_DIGEST_LEN + 1];
  405. /* Check we have a username and password to authenticate with and end the
  406. connect phase if we don't */
  407. if(!conn->bits.user_passwd) {
  408. state(conn, POP3_STOP);
  409. return result;
  410. }
  411. /* Create the digest */
  412. ctxt = Curl_MD5_init(Curl_DIGEST_MD5);
  413. if(!ctxt)
  414. return CURLE_OUT_OF_MEMORY;
  415. Curl_MD5_update(ctxt, (const unsigned char *) pop3c->apoptimestamp,
  416. curlx_uztoui(strlen(pop3c->apoptimestamp)));
  417. Curl_MD5_update(ctxt, (const unsigned char *) conn->passwd,
  418. curlx_uztoui(strlen(conn->passwd)));
  419. /* Finalise the digest */
  420. Curl_MD5_final(ctxt, digest);
  421. /* Convert the calculated 16 octet digest into a 32 byte hex string */
  422. for(i = 0; i < MD5_DIGEST_LEN; i++)
  423. snprintf(&secret[2 * i], 3, "%02x", digest[i]);
  424. result = Curl_pp_sendf(&pop3c->pp, "APOP %s %s", conn->user, secret);
  425. if(!result)
  426. state(conn, POP3_APOP);
  427. return result;
  428. }
  429. #endif
  430. /***********************************************************************
  431. *
  432. * pop3_perform_auth()
  433. *
  434. * Sends an AUTH command allowing the client to login with the given SASL
  435. * authentication mechanism.
  436. */
  437. static CURLcode pop3_perform_auth(struct connectdata *conn,
  438. const char *mech,
  439. const char *initresp, size_t len,
  440. pop3state state1, pop3state state2)
  441. {
  442. CURLcode result = CURLE_OK;
  443. struct pop3_conn *pop3c = &conn->proto.pop3c;
  444. if(initresp && 8 + strlen(mech) + len <= 255) { /* AUTH <mech> ...<crlf> */
  445. /* Send the AUTH command with the initial response */
  446. result = Curl_pp_sendf(&pop3c->pp, "AUTH %s %s", mech, initresp);
  447. if(!result)
  448. state(conn, state2);
  449. }
  450. else {
  451. /* Send the AUTH command */
  452. result = Curl_pp_sendf(&pop3c->pp, "AUTH %s", mech);
  453. if(!result)
  454. state(conn, state1);
  455. }
  456. return result;
  457. }
  458. /***********************************************************************
  459. *
  460. * pop3_perform_authentication()
  461. *
  462. * Initiates the authentication sequence, with the appropriate SASL
  463. * authentication mechanism, falling back to APOP and clear text should a
  464. * common mechanism not be available between the client and server.
  465. */
  466. static CURLcode pop3_perform_authentication(struct connectdata *conn)
  467. {
  468. CURLcode result = CURLE_OK;
  469. struct pop3_conn *pop3c = &conn->proto.pop3c;
  470. const char *mech = NULL;
  471. char *initresp = NULL;
  472. size_t len = 0;
  473. pop3state state1 = POP3_STOP;
  474. pop3state state2 = POP3_STOP;
  475. /* Check we have a username and password to authenticate with and end the
  476. connect phase if we don't */
  477. if(!conn->bits.user_passwd) {
  478. state(conn, POP3_STOP);
  479. return result;
  480. }
  481. /* Calculate the SASL login details */
  482. if(pop3c->authtypes & POP3_TYPE_SASL)
  483. result = pop3_calc_sasl_details(conn, &mech, &initresp, &len, &state1,
  484. &state2);
  485. if(!result) {
  486. if(mech && (pop3c->preftype & POP3_TYPE_SASL)) {
  487. /* Perform SASL based authentication */
  488. result = pop3_perform_auth(conn, mech, initresp, len, state1, state2);
  489. }
  490. #ifndef CURL_DISABLE_CRYPTO_AUTH
  491. else if((pop3c->authtypes & POP3_TYPE_APOP) &&
  492. (pop3c->preftype & POP3_TYPE_APOP))
  493. /* Perform APOP authentication */
  494. result = pop3_perform_apop(conn);
  495. #endif
  496. else if((pop3c->authtypes & POP3_TYPE_CLEARTEXT) &&
  497. (pop3c->preftype & POP3_TYPE_CLEARTEXT))
  498. /* Perform clear text authentication */
  499. result = pop3_perform_user(conn);
  500. else {
  501. /* Other mechanisms not supported */
  502. infof(conn->data, "No known authentication mechanisms supported!\n");
  503. result = CURLE_LOGIN_DENIED;
  504. }
  505. }
  506. Curl_safefree(initresp);
  507. return result;
  508. }
  509. /***********************************************************************
  510. *
  511. * pop3_perform_command()
  512. *
  513. * Sends a POP3 based command.
  514. */
  515. static CURLcode pop3_perform_command(struct connectdata *conn)
  516. {
  517. CURLcode result = CURLE_OK;
  518. struct SessionHandle *data = conn->data;
  519. struct POP3 *pop3 = data->req.protop;
  520. const char *command = NULL;
  521. /* Calculate the default command */
  522. if(pop3->id[0] == '\0' || conn->data->set.ftp_list_only) {
  523. command = "LIST";
  524. if(pop3->id[0] != '\0')
  525. /* Message specific LIST so skip the BODY transfer */
  526. pop3->transfer = FTPTRANSFER_INFO;
  527. }
  528. else
  529. command = "RETR";
  530. /* Send the command */
  531. if(pop3->id[0] != '\0')
  532. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s %s",
  533. (pop3->custom && pop3->custom[0] != '\0' ?
  534. pop3->custom : command), pop3->id);
  535. else
  536. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s",
  537. (pop3->custom && pop3->custom[0] != '\0' ?
  538. pop3->custom : command));
  539. if(!result)
  540. state(conn, POP3_COMMAND);
  541. return result;
  542. }
  543. /***********************************************************************
  544. *
  545. * pop3_perform_quit()
  546. *
  547. * Performs the quit action prior to sclose() be called.
  548. */
  549. static CURLcode pop3_perform_quit(struct connectdata *conn)
  550. {
  551. CURLcode result = CURLE_OK;
  552. /* Send the QUIT command */
  553. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "QUIT");
  554. if(!result)
  555. state(conn, POP3_QUIT);
  556. return result;
  557. }
  558. /* For the initial server greeting */
  559. static CURLcode pop3_state_servergreet_resp(struct connectdata *conn,
  560. int pop3code,
  561. pop3state instate)
  562. {
  563. CURLcode result = CURLE_OK;
  564. struct SessionHandle *data = conn->data;
  565. struct pop3_conn *pop3c = &conn->proto.pop3c;
  566. const char *line = data->state.buffer;
  567. size_t len = strlen(line);
  568. size_t i;
  569. (void)instate; /* no use for this yet */
  570. if(pop3code != '+') {
  571. failf(data, "Got unexpected pop3-server response");
  572. result = CURLE_FTP_WEIRD_SERVER_REPLY;
  573. }
  574. else {
  575. /* Does the server support APOP authentication? */
  576. if(len >= 4 && line[len - 2] == '>') {
  577. /* Look for the APOP timestamp */
  578. for(i = 3; i < len - 2; ++i) {
  579. if(line[i] == '<') {
  580. /* Calculate the length of the timestamp */
  581. size_t timestamplen = len - 1 - i;
  582. if(!timestamplen)
  583. break;
  584. /* Allocate some memory for the timestamp */
  585. pop3c->apoptimestamp = (char *)calloc(1, timestamplen + 1);
  586. if(!pop3c->apoptimestamp)
  587. break;
  588. /* Copy the timestamp */
  589. memcpy(pop3c->apoptimestamp, line + i, timestamplen);
  590. pop3c->apoptimestamp[timestamplen] = '\0';
  591. /* Store the APOP capability */
  592. pop3c->authtypes |= POP3_TYPE_APOP;
  593. break;
  594. }
  595. }
  596. }
  597. result = pop3_perform_capa(conn);
  598. }
  599. return result;
  600. }
  601. /* For CAPA responses */
  602. static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code,
  603. pop3state instate)
  604. {
  605. CURLcode result = CURLE_OK;
  606. struct SessionHandle *data = conn->data;
  607. struct pop3_conn *pop3c = &conn->proto.pop3c;
  608. const char *line = data->state.buffer;
  609. size_t len = strlen(line);
  610. size_t wordlen;
  611. (void)instate; /* no use for this yet */
  612. /* Do we have a untagged response? */
  613. if(pop3code == '*') {
  614. /* Does the server support the STLS capability? */
  615. if(len >= 4 && !memcmp(line, "STLS", 4))
  616. pop3c->tls_supported = TRUE;
  617. /* Does the server support clear text authentication? */
  618. else if(len >= 4 && !memcmp(line, "USER", 4))
  619. pop3c->authtypes |= POP3_TYPE_CLEARTEXT;
  620. /* Does the server support SASL based authentication? */
  621. else if(len >= 5 && !memcmp(line, "SASL ", 5)) {
  622. pop3c->authtypes |= POP3_TYPE_SASL;
  623. /* Advance past the SASL keyword */
  624. line += 5;
  625. len -= 5;
  626. /* Loop through the data line */
  627. for(;;) {
  628. while(len &&
  629. (*line == ' ' || *line == '\t' ||
  630. *line == '\r' || *line == '\n')) {
  631. line++;
  632. len--;
  633. }
  634. if(!len)
  635. break;
  636. /* Extract the word */
  637. for(wordlen = 0; wordlen < len && line[wordlen] != ' ' &&
  638. line[wordlen] != '\t' && line[wordlen] != '\r' &&
  639. line[wordlen] != '\n';)
  640. wordlen++;
  641. /* Test the word for a matching authentication mechanism */
  642. if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_LOGIN))
  643. pop3c->authmechs |= SASL_MECH_LOGIN;
  644. else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_PLAIN))
  645. pop3c->authmechs |= SASL_MECH_PLAIN;
  646. else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_CRAM_MD5))
  647. pop3c->authmechs |= SASL_MECH_CRAM_MD5;
  648. else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_DIGEST_MD5))
  649. pop3c->authmechs |= SASL_MECH_DIGEST_MD5;
  650. else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_GSSAPI))
  651. pop3c->authmechs |= SASL_MECH_GSSAPI;
  652. else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_EXTERNAL))
  653. pop3c->authmechs |= SASL_MECH_EXTERNAL;
  654. else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_NTLM))
  655. pop3c->authmechs |= SASL_MECH_NTLM;
  656. else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_XOAUTH2))
  657. pop3c->authmechs |= SASL_MECH_XOAUTH2;
  658. line += wordlen;
  659. len -= wordlen;
  660. }
  661. }
  662. }
  663. else if(pop3code == '+') {
  664. if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) {
  665. /* We don't have a SSL/TLS connection yet, but SSL is requested */
  666. if(pop3c->tls_supported)
  667. /* Switch to TLS connection now */
  668. result = pop3_perform_starttls(conn);
  669. else if(data->set.use_ssl == CURLUSESSL_TRY)
  670. /* Fallback and carry on with authentication */
  671. result = pop3_perform_authentication(conn);
  672. else {
  673. failf(data, "STLS not supported.");
  674. result = CURLE_USE_SSL_FAILED;
  675. }
  676. }
  677. else
  678. result = pop3_perform_authentication(conn);
  679. }
  680. else {
  681. /* Clear text is supported when CAPA isn't recognised */
  682. pop3c->authtypes |= POP3_TYPE_CLEARTEXT;
  683. result = pop3_perform_authentication(conn);
  684. }
  685. return result;
  686. }
  687. /* For STARTTLS responses */
  688. static CURLcode pop3_state_starttls_resp(struct connectdata *conn,
  689. int pop3code,
  690. pop3state instate)
  691. {
  692. CURLcode result = CURLE_OK;
  693. struct SessionHandle *data = conn->data;
  694. (void)instate; /* no use for this yet */
  695. if(pop3code != '+') {
  696. if(data->set.use_ssl != CURLUSESSL_TRY) {
  697. failf(data, "STARTTLS denied. %c", pop3code);
  698. result = CURLE_USE_SSL_FAILED;
  699. }
  700. else
  701. result = pop3_perform_authentication(conn);
  702. }
  703. else
  704. result = pop3_perform_upgrade_tls(conn);
  705. return result;
  706. }
  707. /* For AUTH PLAIN (without initial response) responses */
  708. static CURLcode pop3_state_auth_plain_resp(struct connectdata *conn,
  709. int pop3code,
  710. pop3state instate)
  711. {
  712. CURLcode result = CURLE_OK;
  713. struct SessionHandle *data = conn->data;
  714. size_t len = 0;
  715. char *plainauth = NULL;
  716. (void)instate; /* no use for this yet */
  717. if(pop3code != '+') {
  718. failf(data, "Access denied. %c", pop3code);
  719. result = CURLE_LOGIN_DENIED;
  720. }
  721. else {
  722. /* Create the authorisation message */
  723. result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
  724. &plainauth, &len);
  725. if(!result && plainauth) {
  726. /* Send the message */
  727. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", plainauth);
  728. if(!result)
  729. state(conn, POP3_AUTH_FINAL);
  730. }
  731. }
  732. Curl_safefree(plainauth);
  733. return result;
  734. }
  735. /* For AUTH LOGIN (without initial response) responses */
  736. static CURLcode pop3_state_auth_login_resp(struct connectdata *conn,
  737. int pop3code,
  738. pop3state instate)
  739. {
  740. CURLcode result = CURLE_OK;
  741. struct SessionHandle *data = conn->data;
  742. size_t len = 0;
  743. char *authuser = NULL;
  744. (void)instate; /* no use for this yet */
  745. if(pop3code != '+') {
  746. failf(data, "Access denied: %d", pop3code);
  747. result = CURLE_LOGIN_DENIED;
  748. }
  749. else {
  750. /* Create the user message */
  751. result = Curl_sasl_create_login_message(data, conn->user,
  752. &authuser, &len);
  753. if(!result && authuser) {
  754. /* Send the user */
  755. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", authuser);
  756. if(!result)
  757. state(conn, POP3_AUTH_LOGIN_PASSWD);
  758. }
  759. }
  760. Curl_safefree(authuser);
  761. return result;
  762. }
  763. /* For AUTH LOGIN user entry responses */
  764. static CURLcode pop3_state_auth_login_password_resp(struct connectdata *conn,
  765. int pop3code,
  766. pop3state instate)
  767. {
  768. CURLcode result = CURLE_OK;
  769. struct SessionHandle *data = conn->data;
  770. size_t len = 0;
  771. char *authpasswd = NULL;
  772. (void)instate; /* no use for this yet */
  773. if(pop3code != '+') {
  774. failf(data, "Access denied: %d", pop3code);
  775. result = CURLE_LOGIN_DENIED;
  776. }
  777. else {
  778. /* Create the password message */
  779. result = Curl_sasl_create_login_message(data, conn->passwd,
  780. &authpasswd, &len);
  781. if(!result && authpasswd) {
  782. /* Send the password */
  783. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", authpasswd);
  784. if(!result)
  785. state(conn, POP3_AUTH_FINAL);
  786. }
  787. }
  788. Curl_safefree(authpasswd);
  789. return result;
  790. }
  791. #ifndef CURL_DISABLE_CRYPTO_AUTH
  792. /* For AUTH CRAM-MD5 responses */
  793. static CURLcode pop3_state_auth_cram_resp(struct connectdata *conn,
  794. int pop3code,
  795. pop3state instate)
  796. {
  797. CURLcode result = CURLE_OK;
  798. struct SessionHandle *data = conn->data;
  799. char *chlg = NULL;
  800. char *chlg64 = NULL;
  801. char *rplyb64 = NULL;
  802. size_t len = 0;
  803. (void)instate; /* no use for this yet */
  804. if(pop3code != '+') {
  805. failf(data, "Access denied: %d", pop3code);
  806. return CURLE_LOGIN_DENIED;
  807. }
  808. /* Get the challenge message */
  809. pop3_get_message(data->state.buffer, &chlg64);
  810. /* Decode the challenge message */
  811. result = Curl_sasl_decode_cram_md5_message(chlg64, &chlg, &len);
  812. if(result) {
  813. /* Send the cancellation */
  814. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*");
  815. if(!result)
  816. state(conn, POP3_AUTH_CANCEL);
  817. }
  818. else {
  819. /* Create the response message */
  820. result = Curl_sasl_create_cram_md5_message(data, chlg, conn->user,
  821. conn->passwd, &rplyb64, &len);
  822. if(!result && rplyb64) {
  823. /* Send the response */
  824. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64);
  825. if(!result)
  826. state(conn, POP3_AUTH_FINAL);
  827. }
  828. }
  829. Curl_safefree(chlg);
  830. Curl_safefree(rplyb64);
  831. return result;
  832. }
  833. /* For AUTH DIGEST-MD5 challenge responses */
  834. static CURLcode pop3_state_auth_digest_resp(struct connectdata *conn,
  835. int pop3code,
  836. pop3state instate)
  837. {
  838. CURLcode result = CURLE_OK;
  839. struct SessionHandle *data = conn->data;
  840. char *chlg64 = NULL;
  841. char *rplyb64 = NULL;
  842. size_t len = 0;
  843. (void)instate; /* no use for this yet */
  844. if(pop3code != '+') {
  845. failf(data, "Access denied: %d", pop3code);
  846. return CURLE_LOGIN_DENIED;
  847. }
  848. /* Get the challenge message */
  849. pop3_get_message(data->state.buffer, &chlg64);
  850. /* Create the response message */
  851. result = Curl_sasl_create_digest_md5_message(data, chlg64,
  852. conn->user, conn->passwd,
  853. "pop", &rplyb64, &len);
  854. if(result) {
  855. if(result == CURLE_BAD_CONTENT_ENCODING) {
  856. /* Send the cancellation */
  857. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*");
  858. if(!result)
  859. state(conn, POP3_AUTH_CANCEL);
  860. }
  861. }
  862. else {
  863. /* Send the response */
  864. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", rplyb64);
  865. if(!result)
  866. state(conn, POP3_AUTH_DIGESTMD5_RESP);
  867. }
  868. Curl_safefree(rplyb64);
  869. return result;
  870. }
  871. /* For AUTH DIGEST-MD5 challenge-response responses */
  872. static CURLcode pop3_state_auth_digest_resp_resp(struct connectdata *conn,
  873. int pop3code,
  874. pop3state instate)
  875. {
  876. CURLcode result = CURLE_OK;
  877. struct SessionHandle *data = conn->data;
  878. (void)instate; /* no use for this yet */
  879. if(pop3code != '+') {
  880. failf(data, "Authentication failed: %d", pop3code);
  881. result = CURLE_LOGIN_DENIED;
  882. }
  883. else {
  884. /* Send an empty response */
  885. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "");
  886. if(!result)
  887. state(conn, POP3_AUTH_FINAL);
  888. }
  889. return result;
  890. }
  891. #endif
  892. #ifdef USE_NTLM
  893. /* For AUTH NTLM (without initial response) responses */
  894. static CURLcode pop3_state_auth_ntlm_resp(struct connectdata *conn,
  895. int pop3code,
  896. pop3state instate)
  897. {
  898. CURLcode result = CURLE_OK;
  899. struct SessionHandle *data = conn->data;
  900. size_t len = 0;
  901. char *type1msg = NULL;
  902. (void)instate; /* no use for this yet */
  903. if(pop3code != '+') {
  904. failf(data, "Access denied: %d", pop3code);
  905. result = CURLE_LOGIN_DENIED;
  906. }
  907. else {
  908. /* Create the type-1 message */
  909. result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
  910. &conn->ntlm,
  911. &type1msg, &len);
  912. if(!result && type1msg) {
  913. /* Send the message */
  914. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", type1msg);
  915. if(!result)
  916. state(conn, POP3_AUTH_NTLM_TYPE2MSG);
  917. }
  918. }
  919. Curl_safefree(type1msg);
  920. return result;
  921. }
  922. /* For NTLM type-2 responses (sent in reponse to our type-1 message) */
  923. static CURLcode pop3_state_auth_ntlm_type2msg_resp(struct connectdata *conn,
  924. int pop3code,
  925. pop3state instate)
  926. {
  927. CURLcode result = CURLE_OK;
  928. struct SessionHandle *data = conn->data;
  929. char *type2msg = NULL;
  930. char *type3msg = NULL;
  931. size_t len = 0;
  932. (void)instate; /* no use for this yet */
  933. if(pop3code != '+') {
  934. failf(data, "Access denied: %d", pop3code);
  935. result = CURLE_LOGIN_DENIED;
  936. }
  937. else {
  938. /* Get the type-2 message */
  939. pop3_get_message(data->state.buffer, &type2msg);
  940. /* Decode the type-2 message */
  941. result = Curl_sasl_decode_ntlm_type2_message(data, type2msg, &conn->ntlm);
  942. if(result) {
  943. /* Send the cancellation */
  944. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*");
  945. if(!result)
  946. state(conn, POP3_AUTH_CANCEL);
  947. }
  948. else {
  949. /* Create the type-3 message */
  950. result = Curl_sasl_create_ntlm_type3_message(data, conn->user,
  951. conn->passwd, &conn->ntlm,
  952. &type3msg, &len);
  953. if(!result && type3msg) {
  954. /* Send the message */
  955. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", type3msg);
  956. if(!result)
  957. state(conn, POP3_AUTH_FINAL);
  958. }
  959. }
  960. }
  961. Curl_safefree(type3msg);
  962. return result;
  963. }
  964. #endif
  965. #if defined(USE_KRB5)
  966. /* For AUTH GSSAPI (without initial response) responses */
  967. static CURLcode pop3_state_auth_gssapi_resp(struct connectdata *conn,
  968. int pop3code,
  969. pop3state instate)
  970. {
  971. CURLcode result = CURLE_OK;
  972. struct SessionHandle *data = conn->data;
  973. struct pop3_conn *pop3c = &conn->proto.pop3c;
  974. size_t len = 0;
  975. char *respmsg = NULL;
  976. (void)instate; /* no use for this yet */
  977. if(pop3code != '+') {
  978. failf(data, "Access denied: %d", pop3code);
  979. result = CURLE_LOGIN_DENIED;
  980. }
  981. else {
  982. /* Create the initial response message */
  983. result = Curl_sasl_create_gssapi_user_message(data, conn->user,
  984. conn->passwd, "pop",
  985. pop3c->mutual_auth,
  986. NULL, &conn->krb5,
  987. &respmsg, &len);
  988. if(!result && respmsg) {
  989. /* Send the message */
  990. result = Curl_pp_sendf(&pop3c->pp, "%s", respmsg);
  991. if(!result)
  992. state(conn, POP3_AUTH_GSSAPI_TOKEN);
  993. }
  994. }
  995. Curl_safefree(respmsg);
  996. return result;
  997. }
  998. /* For AUTH GSSAPI user token responses */
  999. static CURLcode pop3_state_auth_gssapi_token_resp(struct connectdata *conn,
  1000. int pop3code,
  1001. pop3state instate)
  1002. {
  1003. CURLcode result = CURLE_OK;
  1004. struct SessionHandle *data = conn->data;
  1005. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1006. char *chlgmsg = NULL;
  1007. char *respmsg = NULL;
  1008. size_t len = 0;
  1009. (void)instate; /* no use for this yet */
  1010. if(pop3code != '+') {
  1011. failf(data, "Access denied: %d", pop3code);
  1012. result = CURLE_LOGIN_DENIED;
  1013. }
  1014. else {
  1015. /* Get the challenge message */
  1016. pop3_get_message(data->state.buffer, &chlgmsg);
  1017. if(pop3c->mutual_auth)
  1018. /* Decode the user token challenge and create the optional response
  1019. message */
  1020. result = Curl_sasl_create_gssapi_user_message(data, NULL, NULL, NULL,
  1021. pop3c->mutual_auth,
  1022. chlgmsg, &conn->krb5,
  1023. &respmsg, &len);
  1024. else
  1025. /* Decode the security challenge and create the response message */
  1026. result = Curl_sasl_create_gssapi_security_message(data, chlgmsg,
  1027. &conn->krb5,
  1028. &respmsg, &len);
  1029. if(result) {
  1030. if(result == CURLE_BAD_CONTENT_ENCODING) {
  1031. /* Send the cancellation */
  1032. result = Curl_pp_sendf(&pop3c->pp, "%s", "*");
  1033. if(!result)
  1034. state(conn, POP3_AUTH_CANCEL);
  1035. }
  1036. }
  1037. else {
  1038. /* Send the response */
  1039. if(respmsg)
  1040. result = Curl_pp_sendf(&pop3c->pp, "%s", respmsg);
  1041. else
  1042. result = Curl_pp_sendf(&pop3c->pp, "%s", "");
  1043. if(!result)
  1044. state(conn, (pop3c->mutual_auth ? POP3_AUTH_GSSAPI_NO_DATA :
  1045. POP3_AUTH_FINAL));
  1046. }
  1047. }
  1048. Curl_safefree(respmsg);
  1049. return result;
  1050. }
  1051. /* For AUTH GSSAPI no data responses */
  1052. static CURLcode pop3_state_auth_gssapi_no_data_resp(struct connectdata *conn,
  1053. int pop3code,
  1054. pop3state instate)
  1055. {
  1056. CURLcode result = CURLE_OK;
  1057. struct SessionHandle *data = conn->data;
  1058. char *chlgmsg = NULL;
  1059. char *respmsg = NULL;
  1060. size_t len = 0;
  1061. (void)instate; /* no use for this yet */
  1062. if(pop3code != '+') {
  1063. failf(data, "Access denied: %d", pop3code);
  1064. result = CURLE_LOGIN_DENIED;
  1065. }
  1066. else {
  1067. /* Get the challenge message */
  1068. pop3_get_message(data->state.buffer, &chlgmsg);
  1069. /* Decode the security challenge and create the security message */
  1070. result = Curl_sasl_create_gssapi_security_message(data, chlgmsg,
  1071. &conn->krb5,
  1072. &respmsg, &len);
  1073. if(result) {
  1074. if(result == CURLE_BAD_CONTENT_ENCODING) {
  1075. /* Send the cancellation */
  1076. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", "*");
  1077. if(!result)
  1078. state(conn, POP3_AUTH_CANCEL);
  1079. }
  1080. }
  1081. else {
  1082. /* Send the response */
  1083. if(respmsg) {
  1084. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", respmsg);
  1085. if(!result)
  1086. state(conn, POP3_AUTH_FINAL);
  1087. }
  1088. }
  1089. }
  1090. Curl_safefree(respmsg);
  1091. return result;
  1092. }
  1093. #endif
  1094. /* For AUTH XOAUTH2 (without initial response) responses */
  1095. static CURLcode pop3_state_auth_xoauth2_resp(struct connectdata *conn,
  1096. int pop3code, pop3state instate)
  1097. {
  1098. CURLcode result = CURLE_OK;
  1099. struct SessionHandle *data = conn->data;
  1100. size_t len = 0;
  1101. char *xoauth = NULL;
  1102. (void)instate; /* no use for this yet */
  1103. if(pop3code != '+') {
  1104. failf(data, "Access denied: %d", pop3code);
  1105. result = CURLE_LOGIN_DENIED;
  1106. }
  1107. else {
  1108. /* Create the authorisation message */
  1109. result = Curl_sasl_create_xoauth2_message(conn->data, conn->user,
  1110. conn->xoauth2_bearer,
  1111. &xoauth, &len);
  1112. if(!result && xoauth) {
  1113. /* Send the message */
  1114. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "%s", xoauth);
  1115. if(!result)
  1116. state(conn, POP3_AUTH_FINAL);
  1117. }
  1118. }
  1119. Curl_safefree(xoauth);
  1120. return result;
  1121. }
  1122. /* For AUTH cancellation responses */
  1123. static CURLcode pop3_state_auth_cancel_resp(struct connectdata *conn,
  1124. int pop3code,
  1125. pop3state instate)
  1126. {
  1127. CURLcode result = CURLE_OK;
  1128. struct SessionHandle *data = conn->data;
  1129. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1130. const char *mech = NULL;
  1131. char *initresp = NULL;
  1132. size_t len = 0;
  1133. pop3state state1 = POP3_STOP;
  1134. pop3state state2 = POP3_STOP;
  1135. (void)pop3code;
  1136. (void)instate; /* no use for this yet */
  1137. /* Remove the offending mechanism from the supported list */
  1138. pop3c->authmechs ^= pop3c->authused;
  1139. /* Calculate alternative SASL login details */
  1140. result = pop3_calc_sasl_details(conn, &mech, &initresp, &len, &state1,
  1141. &state2);
  1142. if(!result) {
  1143. /* Do we have any mechanisms left or can we fallback to another
  1144. authentication type? */
  1145. if(mech) {
  1146. /* Retry SASL based authentication */
  1147. result = pop3_perform_auth(conn, mech, initresp, len, state1, state2);
  1148. Curl_safefree(initresp);
  1149. }
  1150. #ifndef CURL_DISABLE_CRYPTO_AUTH
  1151. else if((pop3c->authtypes & POP3_TYPE_APOP) &&
  1152. (pop3c->preftype & POP3_TYPE_APOP))
  1153. /* Perform APOP authentication */
  1154. result = pop3_perform_apop(conn);
  1155. #endif
  1156. else if((pop3c->authtypes & POP3_TYPE_CLEARTEXT) &&
  1157. (pop3c->preftype & POP3_TYPE_CLEARTEXT))
  1158. /* Perform clear text authentication */
  1159. result = pop3_perform_user(conn);
  1160. else {
  1161. failf(data, "Authentication cancelled");
  1162. result = CURLE_LOGIN_DENIED;
  1163. }
  1164. }
  1165. return result;
  1166. }
  1167. /* For final responses in the AUTH sequence */
  1168. static CURLcode pop3_state_auth_final_resp(struct connectdata *conn,
  1169. int pop3code,
  1170. pop3state instate)
  1171. {
  1172. CURLcode result = CURLE_OK;
  1173. struct SessionHandle *data = conn->data;
  1174. (void)instate; /* no use for this yet */
  1175. if(pop3code != '+') {
  1176. failf(data, "Authentication failed: %d", pop3code);
  1177. result = CURLE_LOGIN_DENIED;
  1178. }
  1179. else
  1180. /* End of connect phase */
  1181. state(conn, POP3_STOP);
  1182. return result;
  1183. }
  1184. #ifndef CURL_DISABLE_CRYPTO_AUTH
  1185. /* For APOP responses */
  1186. static CURLcode pop3_state_apop_resp(struct connectdata *conn, int pop3code,
  1187. pop3state instate)
  1188. {
  1189. CURLcode result = CURLE_OK;
  1190. struct SessionHandle *data = conn->data;
  1191. (void)instate; /* no use for this yet */
  1192. if(pop3code != '+') {
  1193. failf(data, "Authentication failed: %d", pop3code);
  1194. result = CURLE_LOGIN_DENIED;
  1195. }
  1196. else
  1197. /* End of connect phase */
  1198. state(conn, POP3_STOP);
  1199. return result;
  1200. }
  1201. #endif
  1202. /* For USER responses */
  1203. static CURLcode pop3_state_user_resp(struct connectdata *conn, int pop3code,
  1204. pop3state instate)
  1205. {
  1206. CURLcode result = CURLE_OK;
  1207. struct SessionHandle *data = conn->data;
  1208. (void)instate; /* no use for this yet */
  1209. if(pop3code != '+') {
  1210. failf(data, "Access denied. %c", pop3code);
  1211. result = CURLE_LOGIN_DENIED;
  1212. }
  1213. else
  1214. /* Send the PASS command */
  1215. result = Curl_pp_sendf(&conn->proto.pop3c.pp, "PASS %s",
  1216. conn->passwd ? conn->passwd : "");
  1217. if(!result)
  1218. state(conn, POP3_PASS);
  1219. return result;
  1220. }
  1221. /* For PASS responses */
  1222. static CURLcode pop3_state_pass_resp(struct connectdata *conn, int pop3code,
  1223. pop3state instate)
  1224. {
  1225. CURLcode result = CURLE_OK;
  1226. struct SessionHandle *data = conn->data;
  1227. (void)instate; /* no use for this yet */
  1228. if(pop3code != '+') {
  1229. failf(data, "Access denied. %c", pop3code);
  1230. result = CURLE_LOGIN_DENIED;
  1231. }
  1232. else
  1233. /* End of connect phase */
  1234. state(conn, POP3_STOP);
  1235. return result;
  1236. }
  1237. /* For command responses */
  1238. static CURLcode pop3_state_command_resp(struct connectdata *conn,
  1239. int pop3code,
  1240. pop3state instate)
  1241. {
  1242. CURLcode result = CURLE_OK;
  1243. struct SessionHandle *data = conn->data;
  1244. struct POP3 *pop3 = data->req.protop;
  1245. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1246. struct pingpong *pp = &pop3c->pp;
  1247. (void)instate; /* no use for this yet */
  1248. if(pop3code != '+') {
  1249. state(conn, POP3_STOP);
  1250. return CURLE_RECV_ERROR;
  1251. }
  1252. /* This 'OK' line ends with a CR LF pair which is the two first bytes of the
  1253. EOB string so count this is two matching bytes. This is necessary to make
  1254. the code detect the EOB if the only data than comes now is %2e CR LF like
  1255. when there is no body to return. */
  1256. pop3c->eob = 2;
  1257. /* But since this initial CR LF pair is not part of the actual body, we set
  1258. the strip counter here so that these bytes won't be delivered. */
  1259. pop3c->strip = 2;
  1260. if(pop3->transfer == FTPTRANSFER_BODY) {
  1261. /* POP3 download */
  1262. Curl_setup_transfer(conn, FIRSTSOCKET, -1, FALSE, NULL, -1, NULL);
  1263. if(pp->cache) {
  1264. /* The header "cache" contains a bunch of data that is actually body
  1265. content so send it as such. Note that there may even be additional
  1266. "headers" after the body */
  1267. if(!data->set.opt_no_body) {
  1268. result = Curl_pop3_write(conn, pp->cache, pp->cache_size);
  1269. if(result)
  1270. return result;
  1271. }
  1272. /* Free the cache */
  1273. Curl_safefree(pp->cache);
  1274. /* Reset the cache size */
  1275. pp->cache_size = 0;
  1276. }
  1277. }
  1278. /* End of DO phase */
  1279. state(conn, POP3_STOP);
  1280. return result;
  1281. }
  1282. static CURLcode pop3_statemach_act(struct connectdata *conn)
  1283. {
  1284. CURLcode result = CURLE_OK;
  1285. curl_socket_t sock = conn->sock[FIRSTSOCKET];
  1286. int pop3code;
  1287. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1288. struct pingpong *pp = &pop3c->pp;
  1289. size_t nread = 0;
  1290. /* Busy upgrading the connection; right now all I/O is SSL/TLS, not POP3 */
  1291. if(pop3c->state == POP3_UPGRADETLS)
  1292. return pop3_perform_upgrade_tls(conn);
  1293. /* Flush any data that needs to be sent */
  1294. if(pp->sendleft)
  1295. return Curl_pp_flushsend(pp);
  1296. do {
  1297. /* Read the response from the server */
  1298. result = Curl_pp_readresp(sock, pp, &pop3code, &nread);
  1299. if(result)
  1300. return result;
  1301. if(!pop3code)
  1302. break;
  1303. /* We have now received a full POP3 server response */
  1304. switch(pop3c->state) {
  1305. case POP3_SERVERGREET:
  1306. result = pop3_state_servergreet_resp(conn, pop3code, pop3c->state);
  1307. break;
  1308. case POP3_CAPA:
  1309. result = pop3_state_capa_resp(conn, pop3code, pop3c->state);
  1310. break;
  1311. case POP3_STARTTLS:
  1312. result = pop3_state_starttls_resp(conn, pop3code, pop3c->state);
  1313. break;
  1314. case POP3_AUTH_PLAIN:
  1315. result = pop3_state_auth_plain_resp(conn, pop3code, pop3c->state);
  1316. break;
  1317. case POP3_AUTH_LOGIN:
  1318. result = pop3_state_auth_login_resp(conn, pop3code, pop3c->state);
  1319. break;
  1320. case POP3_AUTH_LOGIN_PASSWD:
  1321. result = pop3_state_auth_login_password_resp(conn, pop3code,
  1322. pop3c->state);
  1323. break;
  1324. #ifndef CURL_DISABLE_CRYPTO_AUTH
  1325. case POP3_AUTH_CRAMMD5:
  1326. result = pop3_state_auth_cram_resp(conn, pop3code, pop3c->state);
  1327. break;
  1328. case POP3_AUTH_DIGESTMD5:
  1329. result = pop3_state_auth_digest_resp(conn, pop3code, pop3c->state);
  1330. break;
  1331. case POP3_AUTH_DIGESTMD5_RESP:
  1332. result = pop3_state_auth_digest_resp_resp(conn, pop3code, pop3c->state);
  1333. break;
  1334. #endif
  1335. #ifdef USE_NTLM
  1336. case POP3_AUTH_NTLM:
  1337. result = pop3_state_auth_ntlm_resp(conn, pop3code, pop3c->state);
  1338. break;
  1339. case POP3_AUTH_NTLM_TYPE2MSG:
  1340. result = pop3_state_auth_ntlm_type2msg_resp(conn, pop3code,
  1341. pop3c->state);
  1342. break;
  1343. #endif
  1344. #if defined(USE_KRB5)
  1345. case POP3_AUTH_GSSAPI:
  1346. result = pop3_state_auth_gssapi_resp(conn, pop3code, pop3c->state);
  1347. break;
  1348. case POP3_AUTH_GSSAPI_TOKEN:
  1349. result = pop3_state_auth_gssapi_token_resp(conn, pop3code, pop3c->state);
  1350. break;
  1351. case POP3_AUTH_GSSAPI_NO_DATA:
  1352. result = pop3_state_auth_gssapi_no_data_resp(conn, pop3code,
  1353. pop3c->state);
  1354. break;
  1355. #endif
  1356. case POP3_AUTH_XOAUTH2:
  1357. result = pop3_state_auth_xoauth2_resp(conn, pop3code, pop3c->state);
  1358. break;
  1359. case POP3_AUTH_CANCEL:
  1360. result = pop3_state_auth_cancel_resp(conn, pop3code, pop3c->state);
  1361. break;
  1362. case POP3_AUTH_FINAL:
  1363. result = pop3_state_auth_final_resp(conn, pop3code, pop3c->state);
  1364. break;
  1365. #ifndef CURL_DISABLE_CRYPTO_AUTH
  1366. case POP3_APOP:
  1367. result = pop3_state_apop_resp(conn, pop3code, pop3c->state);
  1368. break;
  1369. #endif
  1370. case POP3_USER:
  1371. result = pop3_state_user_resp(conn, pop3code, pop3c->state);
  1372. break;
  1373. case POP3_PASS:
  1374. result = pop3_state_pass_resp(conn, pop3code, pop3c->state);
  1375. break;
  1376. case POP3_COMMAND:
  1377. result = pop3_state_command_resp(conn, pop3code, pop3c->state);
  1378. break;
  1379. case POP3_QUIT:
  1380. /* fallthrough, just stop! */
  1381. default:
  1382. /* internal error */
  1383. state(conn, POP3_STOP);
  1384. break;
  1385. }
  1386. } while(!result && pop3c->state != POP3_STOP && Curl_pp_moredata(pp));
  1387. return result;
  1388. }
  1389. /* Called repeatedly until done from multi.c */
  1390. static CURLcode pop3_multi_statemach(struct connectdata *conn, bool *done)
  1391. {
  1392. CURLcode result = CURLE_OK;
  1393. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1394. if((conn->handler->flags & PROTOPT_SSL) && !pop3c->ssldone) {
  1395. result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &pop3c->ssldone);
  1396. if(result || !pop3c->ssldone)
  1397. return result;
  1398. }
  1399. result = Curl_pp_statemach(&pop3c->pp, FALSE);
  1400. *done = (pop3c->state == POP3_STOP) ? TRUE : FALSE;
  1401. return result;
  1402. }
  1403. static CURLcode pop3_block_statemach(struct connectdata *conn)
  1404. {
  1405. CURLcode result = CURLE_OK;
  1406. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1407. while(pop3c->state != POP3_STOP && !result)
  1408. result = Curl_pp_statemach(&pop3c->pp, TRUE);
  1409. return result;
  1410. }
  1411. /* Allocate and initialize the POP3 struct for the current SessionHandle if
  1412. required */
  1413. static CURLcode pop3_init(struct connectdata *conn)
  1414. {
  1415. CURLcode result = CURLE_OK;
  1416. struct SessionHandle *data = conn->data;
  1417. struct POP3 *pop3;
  1418. pop3 = data->req.protop = calloc(sizeof(struct POP3), 1);
  1419. if(!pop3)
  1420. result = CURLE_OUT_OF_MEMORY;
  1421. return result;
  1422. }
  1423. /* For the POP3 "protocol connect" and "doing" phases only */
  1424. static int pop3_getsock(struct connectdata *conn, curl_socket_t *socks,
  1425. int numsocks)
  1426. {
  1427. return Curl_pp_getsock(&conn->proto.pop3c.pp, socks, numsocks);
  1428. }
  1429. /***********************************************************************
  1430. *
  1431. * pop3_connect()
  1432. *
  1433. * This function should do everything that is to be considered a part of the
  1434. * connection phase.
  1435. *
  1436. * The variable 'done' points to will be TRUE if the protocol-layer connect
  1437. * phase is done when this function returns, or FALSE if not.
  1438. */
  1439. static CURLcode pop3_connect(struct connectdata *conn, bool *done)
  1440. {
  1441. CURLcode result = CURLE_OK;
  1442. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1443. struct pingpong *pp = &pop3c->pp;
  1444. *done = FALSE; /* default to not done yet */
  1445. /* We always support persistent connections in POP3 */
  1446. connkeep(conn, "POP3 default");
  1447. /* Set the default response time-out */
  1448. pp->response_time = RESP_TIMEOUT;
  1449. pp->statemach_act = pop3_statemach_act;
  1450. pp->endofresp = pop3_endofresp;
  1451. pp->conn = conn;
  1452. /* Set the default preferred authentication type and mechanism */
  1453. pop3c->preftype = POP3_TYPE_ANY;
  1454. pop3c->prefmech = SASL_AUTH_ANY;
  1455. /* Initialise the pingpong layer */
  1456. Curl_pp_init(pp);
  1457. /* Parse the URL options */
  1458. result = pop3_parse_url_options(conn);
  1459. if(result)
  1460. return result;
  1461. /* Start off waiting for the server greeting response */
  1462. state(conn, POP3_SERVERGREET);
  1463. result = pop3_multi_statemach(conn, done);
  1464. return result;
  1465. }
  1466. /***********************************************************************
  1467. *
  1468. * pop3_done()
  1469. *
  1470. * The DONE function. This does what needs to be done after a single DO has
  1471. * performed.
  1472. *
  1473. * Input argument is already checked for validity.
  1474. */
  1475. static CURLcode pop3_done(struct connectdata *conn, CURLcode status,
  1476. bool premature)
  1477. {
  1478. CURLcode result = CURLE_OK;
  1479. struct SessionHandle *data = conn->data;
  1480. struct POP3 *pop3 = data->req.protop;
  1481. (void)premature;
  1482. if(!pop3)
  1483. /* When the easy handle is removed from the multi interface while libcurl
  1484. is still trying to resolve the host name, the POP3 struct is not yet
  1485. initialized. However, the removal action calls Curl_done() which in
  1486. turn calls this function, so we simply return success. */
  1487. return CURLE_OK;
  1488. if(status) {
  1489. connclose(conn, "POP3 done with bad status");
  1490. result = status; /* use the already set error code */
  1491. }
  1492. /* Cleanup our per-request based variables */
  1493. Curl_safefree(pop3->id);
  1494. Curl_safefree(pop3->custom);
  1495. /* Clear the transfer mode for the next request */
  1496. pop3->transfer = FTPTRANSFER_BODY;
  1497. return result;
  1498. }
  1499. /***********************************************************************
  1500. *
  1501. * pop3_perform()
  1502. *
  1503. * This is the actual DO function for POP3. Get a message/listing according to
  1504. * the options previously setup.
  1505. */
  1506. static CURLcode pop3_perform(struct connectdata *conn, bool *connected,
  1507. bool *dophase_done)
  1508. {
  1509. /* This is POP3 and no proxy */
  1510. CURLcode result = CURLE_OK;
  1511. struct POP3 *pop3 = conn->data->req.protop;
  1512. DEBUGF(infof(conn->data, "DO phase starts\n"));
  1513. if(conn->data->set.opt_no_body) {
  1514. /* Requested no body means no transfer */
  1515. pop3->transfer = FTPTRANSFER_INFO;
  1516. }
  1517. *dophase_done = FALSE; /* not done yet */
  1518. /* Start the first command in the DO phase */
  1519. result = pop3_perform_command(conn);
  1520. if(result)
  1521. return result;
  1522. /* Run the state-machine */
  1523. result = pop3_multi_statemach(conn, dophase_done);
  1524. *connected = conn->bits.tcpconnect[FIRSTSOCKET];
  1525. if(*dophase_done)
  1526. DEBUGF(infof(conn->data, "DO phase is complete\n"));
  1527. return result;
  1528. }
  1529. /***********************************************************************
  1530. *
  1531. * pop3_do()
  1532. *
  1533. * This function is registered as 'curl_do' function. It decodes the path
  1534. * parts etc as a wrapper to the actual DO function (pop3_perform).
  1535. *
  1536. * The input argument is already checked for validity.
  1537. */
  1538. static CURLcode pop3_do(struct connectdata *conn, bool *done)
  1539. {
  1540. CURLcode result = CURLE_OK;
  1541. *done = FALSE; /* default to false */
  1542. /* Parse the URL path */
  1543. result = pop3_parse_url_path(conn);
  1544. if(result)
  1545. return result;
  1546. /* Parse the custom request */
  1547. result = pop3_parse_custom_request(conn);
  1548. if(result)
  1549. return result;
  1550. result = pop3_regular_transfer(conn, done);
  1551. return result;
  1552. }
  1553. /***********************************************************************
  1554. *
  1555. * pop3_disconnect()
  1556. *
  1557. * Disconnect from an POP3 server. Cleanup protocol-specific per-connection
  1558. * resources. BLOCKING.
  1559. */
  1560. static CURLcode pop3_disconnect(struct connectdata *conn, bool dead_connection)
  1561. {
  1562. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1563. /* We cannot send quit unconditionally. If this connection is stale or
  1564. bad in any way, sending quit and waiting around here will make the
  1565. disconnect wait in vain and cause more problems than we need to. */
  1566. /* The POP3 session may or may not have been allocated/setup at this
  1567. point! */
  1568. if(!dead_connection && pop3c->pp.conn && pop3c->pp.conn->bits.protoconnstart)
  1569. if(!pop3_perform_quit(conn))
  1570. (void)pop3_block_statemach(conn); /* ignore errors on QUIT */
  1571. /* Disconnect from the server */
  1572. Curl_pp_disconnect(&pop3c->pp);
  1573. /* Cleanup the SASL module */
  1574. Curl_sasl_cleanup(conn, pop3c->authused);
  1575. /* Cleanup our connection based variables */
  1576. Curl_safefree(pop3c->apoptimestamp);
  1577. return CURLE_OK;
  1578. }
  1579. /* Call this when the DO phase has completed */
  1580. static CURLcode pop3_dophase_done(struct connectdata *conn, bool connected)
  1581. {
  1582. (void)conn;
  1583. (void)connected;
  1584. return CURLE_OK;
  1585. }
  1586. /* Called from multi.c while DOing */
  1587. static CURLcode pop3_doing(struct connectdata *conn, bool *dophase_done)
  1588. {
  1589. CURLcode result = pop3_multi_statemach(conn, dophase_done);
  1590. if(result)
  1591. DEBUGF(infof(conn->data, "DO phase failed\n"));
  1592. else if(*dophase_done) {
  1593. result = pop3_dophase_done(conn, FALSE /* not connected */);
  1594. DEBUGF(infof(conn->data, "DO phase is complete\n"));
  1595. }
  1596. return result;
  1597. }
  1598. /***********************************************************************
  1599. *
  1600. * pop3_regular_transfer()
  1601. *
  1602. * The input argument is already checked for validity.
  1603. *
  1604. * Performs all commands done before a regular transfer between a local and a
  1605. * remote host.
  1606. */
  1607. static CURLcode pop3_regular_transfer(struct connectdata *conn,
  1608. bool *dophase_done)
  1609. {
  1610. CURLcode result = CURLE_OK;
  1611. bool connected = FALSE;
  1612. struct SessionHandle *data = conn->data;
  1613. /* Make sure size is unknown at this point */
  1614. data->req.size = -1;
  1615. /* Set the progress data */
  1616. Curl_pgrsSetUploadCounter(data, 0);
  1617. Curl_pgrsSetDownloadCounter(data, 0);
  1618. Curl_pgrsSetUploadSize(data, -1);
  1619. Curl_pgrsSetDownloadSize(data, -1);
  1620. /* Carry out the perform */
  1621. result = pop3_perform(conn, &connected, dophase_done);
  1622. /* Perform post DO phase operations if necessary */
  1623. if(!result && *dophase_done)
  1624. result = pop3_dophase_done(conn, connected);
  1625. return result;
  1626. }
  1627. static CURLcode pop3_setup_connection(struct connectdata *conn)
  1628. {
  1629. struct SessionHandle *data = conn->data;
  1630. /* Initialise the POP3 layer */
  1631. CURLcode result = pop3_init(conn);
  1632. if(result)
  1633. return result;
  1634. if(conn->bits.httpproxy && !data->set.tunnel_thru_httpproxy) {
  1635. /* Unless we have asked to tunnel POP3 operations through the proxy, we
  1636. switch and use HTTP operations only */
  1637. #ifndef CURL_DISABLE_HTTP
  1638. if(conn->handler == &Curl_handler_pop3)
  1639. conn->handler = &Curl_handler_pop3_proxy;
  1640. else {
  1641. #ifdef USE_SSL
  1642. conn->handler = &Curl_handler_pop3s_proxy;
  1643. #else
  1644. failf(data, "POP3S not supported!");
  1645. return CURLE_UNSUPPORTED_PROTOCOL;
  1646. #endif
  1647. }
  1648. /* set it up as an HTTP connection instead */
  1649. return conn->handler->setup_connection(conn);
  1650. #else
  1651. failf(data, "POP3 over http proxy requires HTTP support built-in!");
  1652. return CURLE_UNSUPPORTED_PROTOCOL;
  1653. #endif
  1654. }
  1655. data->state.path++; /* don't include the initial slash */
  1656. return CURLE_OK;
  1657. }
  1658. /***********************************************************************
  1659. *
  1660. * pop3_parse_url_options()
  1661. *
  1662. * Parse the URL login options.
  1663. */
  1664. static CURLcode pop3_parse_url_options(struct connectdata *conn)
  1665. {
  1666. CURLcode result = CURLE_OK;
  1667. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1668. const char *options = conn->options;
  1669. const char *ptr = options;
  1670. bool reset = TRUE;
  1671. while(ptr && *ptr) {
  1672. const char *key = ptr;
  1673. while(*ptr && *ptr != '=')
  1674. ptr++;
  1675. if(strnequal(key, "AUTH", 4)) {
  1676. size_t len = 0;
  1677. const char *value = ++ptr;
  1678. if(reset) {
  1679. reset = FALSE;
  1680. pop3c->preftype = POP3_TYPE_NONE;
  1681. pop3c->prefmech = SASL_AUTH_NONE;
  1682. }
  1683. while(*ptr && *ptr != ';') {
  1684. ptr++;
  1685. len++;
  1686. }
  1687. if(strnequal(value, "*", len)) {
  1688. pop3c->preftype = POP3_TYPE_ANY;
  1689. pop3c->prefmech = SASL_AUTH_ANY;
  1690. }
  1691. else if(strnequal(value, "+APOP", len)) {
  1692. pop3c->preftype = POP3_TYPE_APOP;
  1693. pop3c->prefmech = SASL_AUTH_NONE;
  1694. }
  1695. else if(strnequal(value, SASL_MECH_STRING_LOGIN, len)) {
  1696. pop3c->preftype = POP3_TYPE_SASL;
  1697. pop3c->prefmech |= SASL_MECH_LOGIN;
  1698. }
  1699. else if(strnequal(value, SASL_MECH_STRING_PLAIN, len)) {
  1700. pop3c->preftype = POP3_TYPE_SASL;
  1701. pop3c->prefmech |= SASL_MECH_PLAIN;
  1702. }
  1703. else if(strnequal(value, SASL_MECH_STRING_CRAM_MD5, len)) {
  1704. pop3c->preftype = POP3_TYPE_SASL;
  1705. pop3c->prefmech |= SASL_MECH_CRAM_MD5;
  1706. }
  1707. else if(strnequal(value, SASL_MECH_STRING_DIGEST_MD5, len)) {
  1708. pop3c->preftype = POP3_TYPE_SASL;
  1709. pop3c->prefmech |= SASL_MECH_DIGEST_MD5;
  1710. }
  1711. else if(strnequal(value, SASL_MECH_STRING_GSSAPI, len)) {
  1712. pop3c->preftype = POP3_TYPE_SASL;
  1713. pop3c->prefmech |= SASL_MECH_GSSAPI;
  1714. }
  1715. else if(strnequal(value, SASL_MECH_STRING_NTLM, len)) {
  1716. pop3c->preftype = POP3_TYPE_SASL;
  1717. pop3c->prefmech |= SASL_MECH_NTLM;
  1718. }
  1719. else if(strnequal(value, SASL_MECH_STRING_XOAUTH2, len)) {
  1720. pop3c->preftype = POP3_TYPE_SASL;
  1721. pop3c->prefmech |= SASL_MECH_XOAUTH2;
  1722. }
  1723. if(*ptr == ';')
  1724. ptr++;
  1725. }
  1726. else
  1727. result = CURLE_URL_MALFORMAT;
  1728. }
  1729. return result;
  1730. }
  1731. /***********************************************************************
  1732. *
  1733. * pop3_parse_url_path()
  1734. *
  1735. * Parse the URL path into separate path components.
  1736. */
  1737. static CURLcode pop3_parse_url_path(struct connectdata *conn)
  1738. {
  1739. /* The POP3 struct is already initialised in pop3_connect() */
  1740. struct SessionHandle *data = conn->data;
  1741. struct POP3 *pop3 = data->req.protop;
  1742. const char *path = data->state.path;
  1743. /* URL decode the path for the message ID */
  1744. return Curl_urldecode(data, path, 0, &pop3->id, NULL, TRUE);
  1745. }
  1746. /***********************************************************************
  1747. *
  1748. * pop3_parse_custom_request()
  1749. *
  1750. * Parse the custom request.
  1751. */
  1752. static CURLcode pop3_parse_custom_request(struct connectdata *conn)
  1753. {
  1754. CURLcode result = CURLE_OK;
  1755. struct SessionHandle *data = conn->data;
  1756. struct POP3 *pop3 = data->req.protop;
  1757. const char *custom = data->set.str[STRING_CUSTOMREQUEST];
  1758. /* URL decode the custom request */
  1759. if(custom)
  1760. result = Curl_urldecode(data, custom, 0, &pop3->custom, NULL, TRUE);
  1761. return result;
  1762. }
  1763. /***********************************************************************
  1764. *
  1765. * pop3_calc_sasl_details()
  1766. *
  1767. * Calculate the required login details for SASL authentication.
  1768. */
  1769. static CURLcode pop3_calc_sasl_details(struct connectdata *conn,
  1770. const char **mech,
  1771. char **initresp, size_t *len,
  1772. pop3state *state1, pop3state *state2)
  1773. {
  1774. CURLcode result = CURLE_OK;
  1775. struct SessionHandle *data = conn->data;
  1776. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1777. /* Calculate the supported authentication mechanism, by decreasing order of
  1778. security, as well as the initial response where appropriate */
  1779. #if defined(USE_KRB5)
  1780. if((pop3c->authmechs & SASL_MECH_GSSAPI) &&
  1781. (pop3c->prefmech & SASL_MECH_GSSAPI)) {
  1782. pop3c->mutual_auth = FALSE; /* TODO: Calculate mutual authentication */
  1783. *mech = SASL_MECH_STRING_GSSAPI;
  1784. *state1 = POP3_AUTH_GSSAPI;
  1785. *state2 = POP3_AUTH_GSSAPI_TOKEN;
  1786. pop3c->authused = SASL_MECH_GSSAPI;
  1787. if(data->set.sasl_ir)
  1788. result = Curl_sasl_create_gssapi_user_message(data, conn->user,
  1789. conn->passwd, "pop",
  1790. pop3c->mutual_auth,
  1791. NULL, &conn->krb5,
  1792. initresp, len);
  1793. }
  1794. else
  1795. #endif
  1796. #ifndef CURL_DISABLE_CRYPTO_AUTH
  1797. if((pop3c->authmechs & SASL_MECH_DIGEST_MD5) &&
  1798. (pop3c->prefmech & SASL_MECH_DIGEST_MD5)) {
  1799. *mech = SASL_MECH_STRING_DIGEST_MD5;
  1800. *state1 = POP3_AUTH_DIGESTMD5;
  1801. pop3c->authused = SASL_MECH_DIGEST_MD5;
  1802. }
  1803. else if((pop3c->authmechs & SASL_MECH_CRAM_MD5) &&
  1804. (pop3c->prefmech & SASL_MECH_CRAM_MD5)) {
  1805. *mech = SASL_MECH_STRING_CRAM_MD5;
  1806. *state1 = POP3_AUTH_CRAMMD5;
  1807. pop3c->authused = SASL_MECH_CRAM_MD5;
  1808. }
  1809. else
  1810. #endif
  1811. #ifdef USE_NTLM
  1812. if((pop3c->authmechs & SASL_MECH_NTLM) &&
  1813. (pop3c->prefmech & SASL_MECH_NTLM)) {
  1814. *mech = SASL_MECH_STRING_NTLM;
  1815. *state1 = POP3_AUTH_NTLM;
  1816. *state2 = POP3_AUTH_NTLM_TYPE2MSG;
  1817. pop3c->authused = SASL_MECH_NTLM;
  1818. if(data->set.sasl_ir)
  1819. result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
  1820. &conn->ntlm,
  1821. initresp, len);
  1822. }
  1823. else
  1824. #endif
  1825. if(((pop3c->authmechs & SASL_MECH_XOAUTH2) &&
  1826. (pop3c->prefmech & SASL_MECH_XOAUTH2) &&
  1827. (pop3c->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
  1828. *mech = SASL_MECH_STRING_XOAUTH2;
  1829. *state1 = POP3_AUTH_XOAUTH2;
  1830. *state2 = POP3_AUTH_FINAL;
  1831. pop3c->authused = SASL_MECH_XOAUTH2;
  1832. if(data->set.sasl_ir)
  1833. result = Curl_sasl_create_xoauth2_message(data, conn->user,
  1834. conn->xoauth2_bearer,
  1835. initresp, len);
  1836. }
  1837. else if((pop3c->authmechs & SASL_MECH_LOGIN) &&
  1838. (pop3c->prefmech & SASL_MECH_LOGIN)) {
  1839. *mech = SASL_MECH_STRING_LOGIN;
  1840. *state1 = POP3_AUTH_LOGIN;
  1841. *state2 = POP3_AUTH_LOGIN_PASSWD;
  1842. pop3c->authused = SASL_MECH_LOGIN;
  1843. if(data->set.sasl_ir)
  1844. result = Curl_sasl_create_login_message(data, conn->user, initresp, len);
  1845. }
  1846. else if((pop3c->authmechs & SASL_MECH_PLAIN) &&
  1847. (pop3c->prefmech & SASL_MECH_PLAIN)) {
  1848. *mech = SASL_MECH_STRING_PLAIN;
  1849. *state1 = POP3_AUTH_PLAIN;
  1850. *state2 = POP3_AUTH_FINAL;
  1851. pop3c->authused = SASL_MECH_PLAIN;
  1852. if(data->set.sasl_ir)
  1853. result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
  1854. initresp, len);
  1855. }
  1856. return result;
  1857. }
  1858. /***********************************************************************
  1859. *
  1860. * Curl_pop3_write()
  1861. *
  1862. * This function scans the body after the end-of-body and writes everything
  1863. * until the end is found.
  1864. */
  1865. CURLcode Curl_pop3_write(struct connectdata *conn, char *str, size_t nread)
  1866. {
  1867. /* This code could be made into a special function in the handler struct */
  1868. CURLcode result = CURLE_OK;
  1869. struct SessionHandle *data = conn->data;
  1870. struct SingleRequest *k = &data->req;
  1871. struct pop3_conn *pop3c = &conn->proto.pop3c;
  1872. bool strip_dot = FALSE;
  1873. size_t last = 0;
  1874. size_t i;
  1875. /* Search through the buffer looking for the end-of-body marker which is
  1876. 5 bytes (0d 0a 2e 0d 0a). Note that a line starting with a dot matches
  1877. the eob so the server will have prefixed it with an extra dot which we
  1878. need to strip out. Additionally the marker could of course be spread out
  1879. over 5 different data chunks. */
  1880. for(i = 0; i < nread; i++) {
  1881. size_t prev = pop3c->eob;
  1882. switch(str[i]) {
  1883. case 0x0d:
  1884. if(pop3c->eob == 0) {
  1885. pop3c->eob++;
  1886. if(i) {
  1887. /* Write out the body part that didn't match */
  1888. result = Curl_client_write(conn, CLIENTWRITE_BODY, &str[last],
  1889. i - last);
  1890. if(result)
  1891. return result;
  1892. last = i;
  1893. }
  1894. }
  1895. else if(pop3c->eob == 3)
  1896. pop3c->eob++;
  1897. else
  1898. /* If the character match wasn't at position 0 or 3 then restart the
  1899. pattern matching */
  1900. pop3c->eob = 1;
  1901. break;
  1902. case 0x0a:
  1903. if(pop3c->eob == 1 || pop3c->eob == 4)
  1904. pop3c->eob++;
  1905. else
  1906. /* If the character match wasn't at position 1 or 4 then start the
  1907. search again */
  1908. pop3c->eob = 0;
  1909. break;
  1910. case 0x2e:
  1911. if(pop3c->eob == 2)
  1912. pop3c->eob++;
  1913. else if(pop3c->eob == 3) {
  1914. /* We have an extra dot after the CRLF which we need to strip off */
  1915. strip_dot = TRUE;
  1916. pop3c->eob = 0;
  1917. }
  1918. else
  1919. /* If the character match wasn't at position 2 then start the search
  1920. again */
  1921. pop3c->eob = 0;
  1922. break;
  1923. default:
  1924. pop3c->eob = 0;
  1925. break;
  1926. }
  1927. /* Did we have a partial match which has subsequently failed? */
  1928. if(prev && prev >= pop3c->eob) {
  1929. /* Strip can only be non-zero for the very first mismatch after CRLF
  1930. and then both prev and strip are equal and nothing will be output
  1931. below */
  1932. while(prev && pop3c->strip) {
  1933. prev--;
  1934. pop3c->strip--;
  1935. }
  1936. if(prev) {
  1937. /* If the partial match was the CRLF and dot then only write the CRLF
  1938. as the server would have inserted the dot */
  1939. result = Curl_client_write(conn, CLIENTWRITE_BODY, (char*)POP3_EOB,
  1940. strip_dot ? prev - 1 : prev);
  1941. if(result)
  1942. return result;
  1943. last = i;
  1944. strip_dot = FALSE;
  1945. }
  1946. }
  1947. }
  1948. if(pop3c->eob == POP3_EOB_LEN) {
  1949. /* We have a full match so the transfer is done, however we must transfer
  1950. the CRLF at the start of the EOB as this is considered to be part of the
  1951. message as per RFC-1939, sect. 3 */
  1952. result = Curl_client_write(conn, CLIENTWRITE_BODY, (char *)POP3_EOB, 2);
  1953. k->keepon &= ~KEEP_RECV;
  1954. pop3c->eob = 0;
  1955. return result;
  1956. }
  1957. if(pop3c->eob)
  1958. /* While EOB is matching nothing should be output */
  1959. return CURLE_OK;
  1960. if(nread - last) {
  1961. result = Curl_client_write(conn, CLIENTWRITE_BODY, &str[last],
  1962. nread - last);
  1963. }
  1964. return result;
  1965. }
  1966. #endif /* CURL_DISABLE_POP3 */