aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2013-04-27 11:53:59 +0100
committerSteve Holme <steve_holme@hotmail.com>2013-04-27 12:07:39 +0100
commit7cb6c3137009fa0b37acf977119f7b3d481b8ba2 (patch)
tree2a436bd9cde2ae1082850d8fd64d29694de47f75
parent5d3a031ca719ae05edff8b6af40b7f8dc7223024 (diff)
pop3: Added support for enabling the SASL initial response
Allowed the user to specify whether to send the client's intial response in the AUTH command via CURLOPT_SASL_IR.
-rw-r--r--lib/pop3.c59
1 files changed, 47 insertions, 12 deletions
diff --git a/lib/pop3.c b/lib/pop3.c
index 05d934585..339d6e4ee 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -550,9 +550,13 @@ static CURLcode pop3_perform_apop(struct connectdata *conn)
static CURLcode pop3_perform_authenticate(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
struct pop3_conn *pop3c = &conn->proto.pop3c;
const char *mech = NULL;
- pop3state authstate = POP3_STOP;
+ char *initresp = NULL;
+ size_t len = 0;
+ pop3state state1 = POP3_STOP;
+ pop3state state2 = POP3_STOP;
/* Check we have a username and password to authenticate with and end the
connect phase if we don't */
@@ -569,13 +573,13 @@ static CURLcode pop3_perform_authenticate(struct connectdata *conn)
if((pop3c->authmechs & SASL_MECH_DIGEST_MD5) &&
(pop3c->prefmech & SASL_MECH_DIGEST_MD5)) {
mech = "DIGEST-MD5";
- authstate = POP3_AUTH_DIGESTMD5;
+ state1 = POP3_AUTH_DIGESTMD5;
pop3c->authused = SASL_MECH_DIGEST_MD5;
}
else if((pop3c->authmechs & SASL_MECH_CRAM_MD5) &&
(pop3c->prefmech & SASL_MECH_CRAM_MD5)) {
mech = "CRAM-MD5";
- authstate = POP3_AUTH_CRAMMD5;
+ state1 = POP3_AUTH_CRAMMD5;
pop3c->authused = SASL_MECH_CRAM_MD5;
}
else
@@ -584,31 +588,62 @@ static CURLcode pop3_perform_authenticate(struct connectdata *conn)
if((pop3c->authmechs & SASL_MECH_NTLM) &&
(pop3c->prefmech & SASL_MECH_NTLM)) {
mech = "NTLM";
- authstate = POP3_AUTH_NTLM;
+ state1 = POP3_AUTH_NTLM;
+ state2 = POP3_AUTH_NTLM_TYPE2MSG;
pop3c->authused = SASL_MECH_NTLM;
+
+ if(data->set.sasl_ir)
+ result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
+ &conn->ntlm,
+ &initresp, &len);
}
else
#endif
if((pop3c->authmechs & SASL_MECH_LOGIN) &&
(pop3c->prefmech & SASL_MECH_LOGIN)) {
mech = "LOGIN";
- authstate = POP3_AUTH_LOGIN;
+ state1 = POP3_AUTH_LOGIN;
+ state2 = POP3_AUTH_LOGIN_PASSWD;
pop3c->authused = SASL_MECH_LOGIN;
+
+ if(data->set.sasl_ir)
+ result = Curl_sasl_create_login_message(conn->data, conn->user,
+ &initresp, &len);
}
else if((pop3c->authmechs & SASL_MECH_PLAIN) &&
(pop3c->prefmech & SASL_MECH_PLAIN)) {
mech = "PLAIN";
- authstate = POP3_AUTH_PLAIN;
+ state1 = POP3_AUTH_PLAIN;
+ state2 = POP3_AUTH_FINAL;
pop3c->authused = SASL_MECH_PLAIN;
+
+ if(data->set.sasl_ir)
+ result = Curl_sasl_create_plain_message(conn->data, conn->user,
+ conn->passwd, &initresp,
+ &len);
}
}
+ if(result)
+ return result;
+
if(mech && (pop3c->preftype & POP3_TYPE_SASL)) {
/* Perform SASL based authentication */
- result = Curl_pp_sendf(&pop3c->pp, "AUTH %s", mech);
+ if(initresp) {
+ result = Curl_pp_sendf(&pop3c->pp, "AUTH %s %s", mech, initresp);
- if(!result)
- state(conn, authstate);
+ if(!result)
+ state(conn, state2);
+ }
+ else {
+ /* Perform SASL based authentication */
+ result = Curl_pp_sendf(&pop3c->pp, "AUTH %s", mech);
+
+ if(!result)
+ state(conn, state1);
+ }
+
+ Curl_safefree(initresp);
}
#ifndef CURL_DISABLE_CRYPTO_AUTH
else if((pop3c->authtypes & POP3_TYPE_APOP) &&
@@ -763,7 +798,7 @@ static CURLcode pop3_state_starttls_resp(struct connectdata *conn,
return result;
}
-/* For AUTH PLAIN responses */
+/* For AUTH PLAIN (without initial response) responses */
static CURLcode pop3_state_auth_plain_resp(struct connectdata *conn,
int pop3code,
pop3state instate)
@@ -800,7 +835,7 @@ static CURLcode pop3_state_auth_plain_resp(struct connectdata *conn,
return result;
}
-/* For AUTH LOGIN responses */
+/* For AUTH LOGIN (without initial response) responses */
static CURLcode pop3_state_auth_login_resp(struct connectdata *conn,
int pop3code,
pop3state instate)
@@ -997,7 +1032,7 @@ static CURLcode pop3_state_auth_digest_resp_resp(struct connectdata *conn,
#endif
#ifdef USE_NTLM
-/* For AUTH NTLM responses */
+/* For AUTH NTLM (without initial response) responses */
static CURLcode pop3_state_auth_ntlm_resp(struct connectdata *conn,
int pop3code,
pop3state instate)