aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2013-09-08 21:46:32 +0100
committerSteve Holme <steve_holme@hotmail.com>2013-09-08 21:47:56 +0100
commite8313697b6554b4aff021c61add44971815fad59 (patch)
tree4e740421d565b8920349b0e4ea623eb949621d99
parent28427b408326a1e96fa40bedd48fc8d7d242e724 (diff)
ftpserver: Reworked AUTH support to allow for specifying the mechanisms
Renamed SUPPORTAUTH to AUTH and added support for specifying a list of supported SASL mechanisms to return to the client. Additionally added the directive to the FILEFORMAT document.
-rw-r--r--tests/FILEFORMAT3
-rwxr-xr-xtests/ftpserver.pl54
2 files changed, 39 insertions, 18 deletions
diff --git a/tests/FILEFORMAT b/tests/FILEFORMAT
index f5a23abb8..ba3161496 100644
--- a/tests/FILEFORMAT
+++ b/tests/FILEFORMAT
@@ -128,6 +128,9 @@ PASVBADIP
CAPA [capabilities]
- Enables support for and specifies a list of space separated capabilities to
return to the client for the IMAP CAPABILITY and POP3 CAPA commands
+AUTH [mechanisms]
+ - Enables support for SASL authentication and specifies a list of space
+ separated mechanisms for IMAP and POP3
For HTTP/HTTPS:
auth_required if this is set and a POST/PUT is made without auth, the
diff --git a/tests/ftpserver.pl b/tests/ftpserver.pl
index db40a1646..18c8482bc 100755
--- a/tests/ftpserver.pl
+++ b/tests/ftpserver.pl
@@ -139,7 +139,7 @@ my $nodataconn425; # set if ftp srvr doesn't establish data ch and replies 425
my $nodataconn421; # set if ftp srvr doesn't establish data ch and replies 421
my $nodataconn150; # set if ftp srvr doesn't establish data ch and replies 150
my @capabilities; # set if server supports capability commands
-my $support_auth; # set if server supports authentication command
+my @auth_mechs; # set if server supports authentication commands
my %customreply; #
my %customcount; #
my %delayreply; #
@@ -778,7 +778,7 @@ sub fix_imap_params {
sub CAPABILITY_imap {
my ($testno) = @_;
- if(!$capabilities) {
+ if((!$capabilities) && (!$auth_mechs)) {
sendcontrol "$cmdid BAD Command\r\n";
}
else {
@@ -791,8 +791,8 @@ sub CAPABILITY_imap {
$data .= " $c";
}
- if($support_auth) {
- $data .= " AUTH=UNKNOWN";
+ for my $am (@auth_mechs) {
+ $data .= " AUTH=$am";
}
$data .= " pingpong test server\r\n";
@@ -1200,11 +1200,12 @@ sub LOGOUT_imap {
sub CAPA_pop3 {
my ($testno) = @_;
- if(!$capabilities) {
+ if((!$capabilities) && (!$auth_mechs)) {
sendcontrol "-ERR Unsupported command: 'CAPA'\r\n";
}
else {
my @data = ();
+ my $mechs;
# Calculate the CAPA response
push @data, "+OK List of capabilities follows\r\n";
@@ -1213,8 +1214,17 @@ sub CAPA_pop3 {
push @data, "$c\r\n";
}
- if($support_auth) {
- push @data, "SASL UNKNOWN\r\n";
+ for my $am (@auth_mechs) {
+ if(!$mechs) {
+ $mechs = "$am";
+ }
+ else {
+ $mechs .= " $am";
+ }
+ }
+
+ if($mechs) {
+ push @data, "SASL $mechs\r\n";
}
push @data, "IMPLEMENTATION POP3 pingpong test server\r\n";
@@ -1233,19 +1243,27 @@ sub CAPA_pop3 {
sub AUTH_pop3 {
my ($testno) = @_;
- my @data = ();
- if(!$support_auth) {
- push @data, "-ERR Unsupported command: 'AUTH'\r\n";
+ if(!$auth_mechs) {
+ sendcontrol "-ERR Unsupported command: 'AUTH'\r\n";
}
else {
+ my @data = ();
+
+ # Calculate the AUTH response
push @data, "+OK List of supported mechanisms follows\r\n";
- push @data, "UNKNOWN\r\n";
- push @data, ".\r\n";
- }
- for my $d (@data) {
- sendcontrol $d;
+ for my $am (@auth_mechs) {
+ push @data, "$am\r\n";
+ }
+
+ # Send the AUTH response
+ for my $d (@data) {
+ sendcontrol $d;
+ }
+
+ # End with the magic 3-byte end of listing marker
+ sendcontrol ".\r\n";
}
return 0;
@@ -2146,7 +2164,7 @@ sub customize {
$nodataconn421 = 0; # default is to not send 421 without data channel
$nodataconn150 = 0; # default is to not send 150 without data channel
@capabilities = (); # default is to not support capability commands
- $support_auth = 0; # default is to not support authentication command
+ @auth_mechs = (); # default is to not support authentication commands
%customreply = (); #
%customcount = (); #
%delayreply = (); #
@@ -2215,9 +2233,9 @@ sub customize {
logmsg "FTPD: instructed to support CAPABILITY command\n";
@capabilities = split(/ /, $1);
}
- elsif($_ =~ /SUPPORTAUTH/) {
+ elsif($_ =~ /AUTH (.*)/) {
logmsg "FTPD: instructed to support AUTHENTICATION command\n";
- $support_auth=1;
+ @auth_mechs = split(/ /, $1);
}
elsif($_ =~ /NOSAVE/) {
# don't actually store the file we upload - to be used when