aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2013-09-04 21:27:01 +0100
committerSteve Holme <steve_holme@hotmail.com>2013-09-04 21:27:01 +0100
commit9e8ced98906b50dfa5864f2e609ec603e5342c0e (patch)
tree5e1e2f700e9ba7847cda7f300a0c5639125e68a3
parent698e3bdf82b3db038387bbf5fa42be99e60b7338 (diff)
imap/smtp: Fixed incorrect SASL mechanism selection with XOAUTH2 servers
XOAUTH2 would be selected in preference to LOGIN and PLAIN if the IMAP or SMTP server advertised support for it even though a user's password was supplied but bearer token wasn't. Modified the selection logic so that XOAUTH2 will only be selected if the server supports it and A) The curl user/libcurl programmer has specifically asked for XOAUTH via the ;AUTH=XOAUTH login option or 2) The bearer token is specified. Obviously if XOAUTH is asked for via the login option but no token is specified the user will receive a authentication failure which makes more sense than no known authentication mechanisms supported!
-rw-r--r--lib/imap.c4
-rw-r--r--lib/smtp.c4
2 files changed, 4 insertions, 4 deletions
diff --git a/lib/imap.c b/lib/imap.c
index 22a0c4246..6b6d4ce45 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -579,9 +579,9 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn)
}
else
#endif
-
if((imapc->authmechs & SASL_MECH_XOAUTH2) &&
- (imapc->prefmech & SASL_MECH_XOAUTH2)) {
+ (imapc->prefmech & SASL_MECH_XOAUTH2) &&
+ (imapc->prefmech != SASL_AUTH_ANY) || conn->xoauth2_bearer) {
mech = "XOAUTH2";
state1 = IMAP_AUTHENTICATE_XOAUTH2;
state2 = IMAP_AUTHENTICATE_FINAL;
diff --git a/lib/smtp.c b/lib/smtp.c
index f2c79794c..c3650e1d9 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -500,9 +500,9 @@ static CURLcode smtp_perform_authenticate(struct connectdata *conn)
}
else
#endif
-
if((smtpc->authmechs & SASL_MECH_XOAUTH2) &&
- (smtpc->prefmech & SASL_MECH_XOAUTH2)) {
+ (smtpc->prefmech & SASL_MECH_XOAUTH2) &&
+ (smtpc->prefmech != SASL_AUTH_ANY) || conn->xoauth2_bearer) {
mech = "XOAUTH2";
state1 = SMTP_AUTH_XOAUTH2;
state2 = SMTP_AUTH_FINAL;