xref: /third_party/curl/lib/krb5.c

65 static CURLcode ftpsend(struct Curl_easy *data, struct connectdata *conn,
93     result = Curl_nwrite(data, FIRSTSOCKET, sptr, write_len,
103     Curl_debug(data, CURLINFO_HEADER_OUT, sptr, (size_t)bytes_written);
193 krb5_auth(void *app_data, struct Curl_easy *data, struct connectdata *conn)
201   const char *service = data->set.str[STRING_SERVICE_NAME] ?
202                         data->set.str[STRING_SERVICE_NAME] :
232       result = ftpsend(data, conn, "AUTH GSSAPI");
236       if(Curl_GetFTPResponse(data, &nread, NULL))
258         failf(data, "Error importing service name %s@%s", service, host);
266     infof(data, "Trying against %s", (char *)output_buffer.value);
276       maj = Curl_gss_init_sec_context(data,
293         infof(data, "Error creating security context");
304           infof(data, "base64-encoding: %s", curl_easy_strerror(result));
311           result = ftpsend(data, conn, cmd);
323         if(Curl_GetFTPResponse(data, &nread, NULL)) {
332             infof(data, "Server didn't accept auth data");
346             failf(data, "base64-decoding: %s", curl_easy_strerror(result));
437 static int ftp_send_command(struct Curl_easy *data, const char *message, ...)
440 static int ftp_send_command(struct Curl_easy *data, const char *message, ...)
451   if(ftpsend(data, data->conn, print_buffer)) {
455     if(Curl_GetFTPResponse(data, &nread, &ftp_code))
466 socket_read(struct Curl_easy *data, int sockindex, void *to, size_t len)
473     nread = Curl_conn_recv(data, sockindex, to_p, len, &result);
492 socket_write(struct Curl_easy *data, int sockindex, const void *to,
500     written = Curl_conn_send(data, sockindex, to_p, len, &result);
514 static CURLcode read_data(struct Curl_easy *data, int sockindex,
517   struct connectdata *conn = data->conn;
522   result = socket_read(data, sockindex, &len, sizeof(len));
532       buf->data = Curl_saferealloc(buf->data, len);
534   if(!len || !buf->data)
537   result = socket_read(data, sockindex, buf->data, len);
540   nread = conn->mech->decode(conn->app_data, buf->data, len,
550 buffer_read(struct krb5buffer *buf, void *data, size_t len)
554   memcpy(data, (char *)buf->data + buf->index, len);
560 static ssize_t sec_recv(struct Curl_easy *data, int sockindex,
565   struct connectdata *conn = data->conn;
571     return Curl_conn_recv(data, sockindex, buffer, len, err);
584     if(read_data(data, sockindex, &conn->in_buffer))
601 static void do_sec_send(struct Curl_easy *data, struct connectdata *conn,
636         socket_write(data, fd, enc, 4);
638         socket_write(data, fd, mic, 4);
640       socket_write(data, fd, cmd_buffer, cmd_size);
641       socket_write(data, fd, "\r\n", 2);
642       infof(data, "Send: %s%s", prot_level == PROT_PRIVATE?enc:mic,
649     socket_write(data, fd, &htonl_bytes, sizeof(htonl_bytes));
650     socket_write(data, fd, buffer, curlx_sitouz(bytes));
655 static ssize_t sec_write(struct Curl_easy *data, struct connectdata *conn,
666     do_sec_send(data, conn, fd, buffer, curlx_sztosi(len));
675 static ssize_t sec_send(struct Curl_easy *data, int sockindex,
678   struct connectdata *conn = data->conn;
681   return sec_write(data, conn, fd, buffer, len);
684 int Curl_sec_read_msg(struct Curl_easy *data, struct connectdata *conn,
695   (void) data;
722     Curl_debug(data, CURLINFO_HEADER_IN, buf, decoded_len + 1);
740 static int sec_set_protection_level(struct Curl_easy *data)
743   struct connectdata *conn = data->conn;
749     infof(data, "Trying to change the protection level after the"
750                 " completion of the data exchange.");
764     code = ftp_send_command(data, "PBSZ %u", buffer_size);
769       failf(data, "Failed to set the protection's buffer size.");
786   code = ftp_send_command(data, "PROT %c", level_to_char(level));
792     failf(data, "Failed to set the protection level.");
814 static CURLcode choose_mech(struct Curl_easy *data, struct connectdata *conn)
822     failf(data, "Failed realloc of size %zu", mech->size);
831       infof(data, "Failed initialization for %s. Skipping it.",
837   infof(data, "Trying mechanism %s...", mech->name);
838   ret = ftp_send_command(data, "AUTH %s", mech->name);
845       infof(data, "Mechanism %s is not supported by the server (server "
849       infof(data, "Mechanism %s was rejected by the server (server returned "
854         infof(data, "server does not support the security extensions");
863   ret = mech->auth(conn->app_data, data, conn);
881     (void)sec_set_protection_level(data);
888 Curl_sec_login(struct Curl_easy *data, struct connectdata *conn)
890   return choose_mech(data, conn);
901   if(conn->in_buffer.data) {
902     free(conn->in_buffer.data);
903     conn->in_buffer.data = NULL;

Indexes created Thu Nov 07 10:32:03 CST 2024