summaryrefslogtreecommitdiff
path: root/src/ne_private.h
Commit message (Collapse)AuthorAgeFilesLines
* * src/ne_defs.h: Define NE_PRIVATE.joe2009-09-021-3/+4
| | | | | | | | * src/ne_privssl.h, src/ne_ntlm.h, src/ne_private.h: Mark all functions with NE_PRIVATE. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1703 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Security fix for CVE-2009-2474, handling of "NUL" bytes in certificatejoe2009-08-181-4/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | names: * src/ne_private.h (ne__ssl_match_hostname): Take cn len, make cn const. * src/ne_session.c (ne__ssl_match_hostname): Drop handling of unqualified hostnames; check CN length matches. * src/ne_gnutls.c (check_identity): Adjust accordingly. * src/ne_openssl.c (append_dirstring): Use a quoted append for ASCII data. Check for embedded NUL bytes in UTF-8 data. (dup_ia5string): Use quoted append. * test/ssl.c (struct ssl_server_args): Add key field. (ssl_server): Use key field from args. (fail_ssl_request_with_error2): Rename from fail_ssl_request_with_error, add host, fakehost parameters. (fail_ssl_request_with_error): Reimplement using fail_ssl_request_with_error2. (fail_nul_cn, fail_nul_san, nulcn_identity): New tests. * test/nulca.pem, test/nulcn.pem, test/nulsan.pem, test/nulsrv.key: Add test cases, thanks to Tomas Hoger <thoger redhat.com>. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1681 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Add support for configuring a SOCKS proxy for the HTTP session:joe2008-10-091-0/+3
| | | | | | | | | | | | | | | | | * src/ne_request.c (open_connection): Fix non-proxy error path. Establish connection via SOCKS proxy. * src/ne_session.c (ne_session_socks_proxy): New function. * src/ne_session.h (ne_session_socks_proxy): New prototype. * src/ne_private.h (struct ne_session_s): Add socks_ver, socks_user, socks_password fields. * test/request.c (socks_session, socks_proxy): New functions. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1559 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Add support for multiple proxies and differentiate between a SOCKS andjoe2008-10-091-10/+26
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | HTTP proxy (though the former cannot yet be configured or used). Reimplement addrlist support as a "direct" proxy type. * src/ne_private.h (struct host_info): Add proxy enum, network field, next pointer. (struct ne_session_s): Remove addrlist, numaddr, curaddr. Remove proxy field, add proxies, prev_proxy, nexthop fields. Remove use_proxy, add any_proxy_http flag. * src/ne_session.c (free_hostinfo, free_proxies): New functions. (ne_session_destroy): Use the above. (set_hostinfo): Take type argument, set in structure. (ne_session_create): Pass PROXY_NONE to set_hostinfo. (ne_session_proxy): Call free_proxies, set sess->any_proxy_http flag, and adjust for new sess->proxies structure. (ne_set_addrlist): Adjust to set up a "direct" proxy. (ne_fill_proxy_uri): Adjust for proxies structure. (ne_close_connection): Use nexthop hostname for disconnect notifier. * src/ne_session.h (ne_session_proxy, ne_set_addrlist, ne_fill_proxy_uri): Adjust for multi-proxy semantics. * src/ne_request.c (aborted): Use sess->nexthop. (add_fixed_headers): Use new any_proxy_http flag. Reflow code. Set Host header here. (ne_request_create): Use any_proxy_http flag. (build_request): Don't add Host header here. (lookup_host): Don't check addrlist. (ne_begin_request): Use sess->nexthop in place of proxy flag. (resolve_first, resolve_next): Use ->network in place of addrlist; drop session paramater. (do_connect): Do DNS lookup here; adjust for resolve_*; set error message appropriately based on host type, drop error parameter. (open_connection): Support multiple proxies; adjust to use sess->nexthop. * test/request.c (addrlist): New test case. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1557 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* * src/ne_session.c [NE_HAVE_SSL] (ne__ssl_match_hostname): Newjoe2008-07-241-0/+5
| | | | | | | | | | | function, merged from duplicate copies in ne_openssl.c/ne_gnutls.c. * src/ne_private.h (ne__ssl_match_hostname): New prototype. * src/ne_openssl.c, src/ne_gnutls.c (match_hostname): Remove function. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1514 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Fail with a useful error message in the case where a client cert isjoe2008-07-191-0/+3
| | | | | | | | | | | | | | | | | | | | requested during handshake, none can be provided, and the handshake fails: * src/ne_private.h (struct ne_session_s): Add ssl_cc_requested field. * src/ne_openssl.c (provide_client_cert): Set ssl_cc_requested if no cert is provided. (ne__negotiate_ssl): Clear ssl_cc_requested before handshake. Use different, more useful error message if handshake fails and flag is now set. * test/ssl.c (struct ssl_server_args): Add fail_silently flag. (ssl_server): Exit with success if handshake fails and above flag set. (no_client_cert): New test case. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1505 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Add a close-connection hook (thanks to Robert J. van der Boon):joe2008-02-081-1/+2
| | | | | | | | | | | | | | | | * src/ne_private.h (struct ne_session_s): Add close_conn_hooks. * src/ne_session.c (ne_hook_close_conn, ne_unhook_close_conn): New functions. (ne_close_connection): Run close_conn hooks. * src/ne_request.h (ne_hook_close_conn, ne_unhook_close_conn): New prototypes. * test/request.c (hook_close_conn, hooks): Add tests. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1344 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Adjust PKCS#11 interfaces to allow a single provider to be sharedjoe2008-02-071-4/+0
| | | | | | | | | | | | | | | | | | | | | | between sessions: * src/ne_session.c (ne_ssl_set_pkcs11_pin): Removed function. * src/ne_private.h (struct ne_session_s): Remove PKCS#11 pin callback. * src/ne_pkcs11.c (pk11_find_x509): Take provider object and set client cert. (pk11_find_pkey): Take provider object and set private key. (find_client_cert): Take provider object and pass through. (pk11_sign_callback, pk11_login, pk11_provide): Take provider object, adjust accordingly. (pk11_init, ne_ssl_pkcs11_provider_init, ne_ssl_nsspk11_provider_init, ne_ssl_pkcs11_provider_destroy, ne_ssl_pkcs11_provider_pin): New functions. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1333 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Initial support for PKCS#11, based on the pakchois PKCS#11 library:joe2008-02-061-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | * src/ne_pkcs11.c, src/ne_pkcs11: New files. * src/ne_gnutls.c (struct ne_ssl_client_cert_s): Add keyless flag. (dup_client_cert): Support keyless clicerts. (ne__ssl_clicert_exkey_import): New function. (provide_client_cert): Use proper GnuTLS error codes in failure cases. * src/ne_privssl.h (ne__ssl_clicert_exkey_import) [HAVE_GNUTLS]: Add prototype. * src/ne_private.h: Include ne_pkcs11.h. (struct ne_session_s): Add pin callback and userdata. * src/ne_session.c (ne_ssl_set_pkcs11_pin): New function. * src/Makefile.in, neon.mak: Build ne_pkcs11.c. * macros/neon.m4 (NEON_SSL): Check for pakchois. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1329 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* * src/ne_private.h (struct ne_session_s): Add local_addr field.joe2008-01-301-1/+4
| | | | | | | | | | | | | | * src/ne_session.c (ne_set_localaddr): New prototype. * src/ne_session.c (ne_set_localaddr): New function. * src/ne_request.c (do_connect): Call ne_sock_prebind if local_addr is non-NULL. * test/request.c (local_addr): New test case. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1302 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Add support for configurable socket connect timeouts:joe2006-12-281-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * src/ne_socket.h (ne_sock_connect_timeout): New function. (ne_sock_connect): Clarify timeout handling. * src/ne_socket.c: Define USE_NONBLOCKING_CONNECT if appropriate. Define NE_ISINPROGRESS. (struct ne_socket_s): Add cotimeout field. (timed_connect): New function. (connect_socket): Renamed from raw_connect; use timed_connect; takes socket structure and sets ->error string on failure. (ne_sock_connect): Adapt to use connect_socket. (ne_sock_connect_timeout): New function. * src/ne_private.h (struct ne_session_s): Add cotimeout field. * src/ne_session.h (ne_set_connect_timeout): New prototype... * src/ne_session.c (ne_set_connect_timeout): ...implement it. * src/ne_request.c (do_connect): Set socket timeout if appropriate. * macros/neon.m4 (LIBNEON_SOURCE_CHECKS): Check for fcntl, getsockopt, fcntl.h and socklen_t. * test/socket.c (connect_timeout): Add test (disabled by default). git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1119 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Add add new type-safer notification/status API:joe2006-10-241-0/+2
| | | | | | | | | | | | | | | | | | | | | | | * src/ne_session.h (ne_notify_status): Redefine callback type, passing pointer to ne_session_status_info structure. * src/ne_request.c (notify_status): Invoke notify callback, and progress callback as appropriate. (send_request_body, ne_read_response_block, lookup_host, ne_begin_request, do_connect): Adjust to set up and invoke the notify callback. * src/ne_openssl.c (ne__negotiate_ssl): Drop notify callback invocation. * src/ne_private.h (struct ne_session_s): Store status union. * macros/neon.m4: Define NE_FMT_NE_OFF_T. * test/request.c (status_cb, status): Add new test. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1094 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Add new hook which runs after the headers have been read:joe2006-09-261-2/+2
| | | | | | | | | | | | | | | | | | | | | * src/ne_request.h (ne_post_headers_fn, ne_hook_post_headers): Add type, prototype. * src/ne_private.h (struct ne_session_s): Add post_headers_hooks field. * src/ne_request.c (ne_begin_request): Run post_headers hooks. * src/ne_session.c (ne_session_destroy): Destroy post_headers hooks. (ne_hook_post_headers, ne_unhook_post_headers): New functions. * test/request.c (status_to_string): New function. (hook_post_send): Use it. (hook_post_headers): New function. (hooks): Test post_headers hook. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@1075 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* * src/ne_private.h (struct ne_session_s): Remove use of bitfields.joe2006-03-071-3/+3
| | | | | | | | | | * src/ne_auth.c (struct auth_session_s): Likewise. * src/ne_request.c (struct body_reader, struct ne_request_s): Likewise. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@994 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* * src/ne_session.c (ne__ssl_set_verify_err): Moved here...joe2006-02-271-0/+3
| | | | | | | | | | | | * src/ne_openssl.c (verify_err): ... from here. (check_certificate): Use it. * src/ne_gnutls.c (check_certificate): Use it on verification failure. * src/ne_private.h (ne__ssl_set_verify_err): Add prototype. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@955 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* * src/ne_session.h (ne_set_session_flag): New enum.joe2006-02-251-2/+3
| | | | | | | | | | | | | | | | | | | | | | | (ne_set_session_flag, ne_get_session_flag): New prototypes. (ne_set_persist): Removed prototype. * src/ne_session.c (ne_set_session_flag, ne_get_session_flag): New functions. (ne_set_persist): Removed function. * src/ne_private.h (ne_session): Replace no_persist field with flags array. * src/ne_request.c (add_fixed_headers, ne_end_request): Use flags array. (ne_begin_request): Remove redunant check for no_persist flag; send_request() will only return NE_RETRY if a persistent connection was reused. * test/session.c (flags): New test case. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@943 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* * src/ne_request.c (open_connection, do_connect): Take session pointerjoe2005-11-241-1/+1
| | | | | | | | | | | | | | as argument not request. * src/ne_openssl.c (ne__negotiate_ssl): Take session pointer as argument not request. * src/ne_gnutls.c (ne__negotiate_ssl): Likewise. * src/ne_private.h (ne__negotiate_ssl): Update prototype. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@755 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* * src/ne_private.h (struct ne_session_s): Use 512-byte buffer forjoe2005-10-091-1/+1
| | | | | | | error string. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@730 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* * src/ne_private.h (ne__pull_request_body): Remove prototype.joe2005-02-261-5/+1
| | | | | | | | | | | | | | | | * src/ne_request.h: Require that request-body-provider callback sets the session error string if returning errors. * src/ne_request.c (struct ne_request_s): Remove body_progress field. (send_request_body): Combine old ne__pull_request_body, send_request_body and send_with_progress functions into one. Fix error handling confusion between provider errors and socket errors; move NE_RETRY handling here and take a retry flag. (send_request): Update to pass retry flag to send_request_body and remove NE_RETRY handling on errors from same. git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@501 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Merge trunk up to current neon CVS HEAD.joe2004-10-021-8/+11
| | | | git-svn-id: http://svn.webdav.org/repos/projects/neon/trunk@256 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Import neon-0.24.1.joe2004-10-021-1/+1
| | | | git-svn-id: http://svn.webdav.org/repos/projects/neon/branches/0.24.x@244 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845
* Import neon 0.24.0 to begin 0.24.x branch.joe2004-10-021-0/+118
git-svn-id: http://svn.webdav.org/repos/projects/neon/branches/0.24.x@243 61a7d7f5-40b7-0310-9c16-bb0ea8cb1845