diff options
| author | Steve Holme <steve_holme@hotmail.com> | 2013-02-03 23:58:03 +0000 |
|---|---|---|
| committer | Steve Holme <steve_holme@hotmail.com> | 2013-02-03 23:58:03 +0000 |
| commit | b4270a9af1d0d9dea5931ca2269ba5c727495208 (patch) | |
| tree | b95191da8f40704a96d480b50f2eca7f5230084f | |
| parent | 6b6bdc83bd364e11dc4e774a021a1ab91ff309a9 (diff) | |
imap: Fixed no known authentication mechanism when fallback is required
Fixed an issue where (lib)curl is compiled without support for a
supported challenge-response based SASL authentication mechanism, such
as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
mechanisms and (lib)curl doesn't fallback to Clear Text authentication.
Note: In order to fallback to Clear Text authentication properly this
fix adds support for the LOGINDISABLED server capability.
imap: Fixed no known authentication mechanism when fallback is required
Fixed an issue where (lib)curl is compiled without support for a
supported challenge-response based SASL authentication mechanism, such
as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN
mechanisms and (lib)curl doesn't fallback to Clear Text authentication.
Note: In order to fallback to Clear Text authentication properly this
fix adds support for the LOGINDISABLED server capability.
Related bug: http://curl.haxx.se/mail/lib-2013-02/0004.html
Reported by: Stanislav Ivochkin
| -rw-r--r-- | lib/imap.c | 21 | ||||
| -rw-r--r-- | lib/imap.h | 1 |
2 files changed, 14 insertions, 8 deletions
diff --git a/lib/imap.c b/lib/imap.c index 4191f5722..50930f7a4 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -378,8 +378,12 @@ static int imap_endofresp(struct pingpong *pp, int *resp) line[wordlen] != '\n';) wordlen++; + /* Has the server explicitly disabled the LOGIN command? */ + if(wordlen == 13 && !memcmp(line, "LOGINDISABLED", 13)) + imapc->login_disabled = TRUE; + /* Do we have an AUTH capability? */ - if(wordlen > 5 && !memcmp(line, "AUTH=", 5)) { + else if(wordlen > 5 && !memcmp(line, "AUTH=", 5)) { line += 5; len -= 5; wordlen -= 5; @@ -548,12 +552,8 @@ static CURLcode imap_authenticate(struct connectdata *conn) authstate = IMAP_AUTHENTICATE_PLAIN; imapc->authused = SASL_MECH_PLAIN; } - else { - infof(conn->data, "No known authentication mechanisms supported!\n"); - result = CURLE_LOGIN_DENIED; /* Other mechanisms not supported */ - } - if(!result) { + if(mech) { const char *str = getcmdid(conn); result = imap_sendf(conn, str, "%s AUTHENTICATE %s", str, mech); @@ -561,6 +561,12 @@ static CURLcode imap_authenticate(struct connectdata *conn) if(!result) state(conn, authstate); } + else if(!imapc->login_disabled) + result = imap_state_login(conn); + else { + infof(conn->data, "No known authentication mechanisms supported!\n"); + result = CURLE_LOGIN_DENIED; /* Other mechanisms not supported */ + } return result; } @@ -660,11 +666,10 @@ static CURLcode imap_state_capability_resp(struct connectdata *conn, imapstate instate) { CURLcode result = CURLE_OK; - struct imap_conn *imapc = &conn->proto.imapc; (void)instate; /* no use for this yet */ - if(imapcode == 'O' && imapc->authmechs) + if(imapcode == 'O') result = imap_authenticate(conn); else result = imap_state_login(conn); diff --git a/lib/imap.h b/lib/imap.h index c33cbed93..533ee4a94 100644 --- a/lib/imap.h +++ b/lib/imap.h @@ -62,6 +62,7 @@ struct imap_conn { int cmdid; /* Next command ID */ const char *idstr; /* String based response ID to wait for */ bool ssldone; /* Is connect() over SSL done? */ + bool login_disabled; /* LOGIN command explicitly disabled by server */ }; extern const struct Curl_handler Curl_handler_imap; |