aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2013-02-03 23:58:03 +0000
committerSteve Holme <steve_holme@hotmail.com>2013-02-03 23:58:03 +0000
commitb4270a9af1d0d9dea5931ca2269ba5c727495208 (patch)
treeb95191da8f40704a96d480b50f2eca7f5230084f /lib
parent6b6bdc83bd364e11dc4e774a021a1ab91ff309a9 (diff)
imap: Fixed no known authentication mechanism when fallback is required
Fixed an issue where (lib)curl is compiled without support for a supported challenge-response based SASL authentication mechanism, such as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN mechanisms and (lib)curl doesn't fallback to Clear Text authentication. Note: In order to fallback to Clear Text authentication properly this fix adds support for the LOGINDISABLED server capability. imap: Fixed no known authentication mechanism when fallback is required Fixed an issue where (lib)curl is compiled without support for a supported challenge-response based SASL authentication mechanism, such as CRAM-MD5 or NTLM, the server doesn't support the LOGIN or PLAIN mechanisms and (lib)curl doesn't fallback to Clear Text authentication. Note: In order to fallback to Clear Text authentication properly this fix adds support for the LOGINDISABLED server capability. Related bug: http://curl.haxx.se/mail/lib-2013-02/0004.html Reported by: Stanislav Ivochkin
Diffstat (limited to 'lib')
-rw-r--r--lib/imap.c21
-rw-r--r--lib/imap.h1
2 files changed, 14 insertions, 8 deletions
diff --git a/lib/imap.c b/lib/imap.c
index 4191f5722..50930f7a4 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -378,8 +378,12 @@ static int imap_endofresp(struct pingpong *pp, int *resp)
line[wordlen] != '\n';)
wordlen++;
+ /* Has the server explicitly disabled the LOGIN command? */
+ if(wordlen == 13 && !memcmp(line, "LOGINDISABLED", 13))
+ imapc->login_disabled = TRUE;
+
/* Do we have an AUTH capability? */
- if(wordlen > 5 && !memcmp(line, "AUTH=", 5)) {
+ else if(wordlen > 5 && !memcmp(line, "AUTH=", 5)) {
line += 5;
len -= 5;
wordlen -= 5;
@@ -548,12 +552,8 @@ static CURLcode imap_authenticate(struct connectdata *conn)
authstate = IMAP_AUTHENTICATE_PLAIN;
imapc->authused = SASL_MECH_PLAIN;
}
- else {
- infof(conn->data, "No known authentication mechanisms supported!\n");
- result = CURLE_LOGIN_DENIED; /* Other mechanisms not supported */
- }
- if(!result) {
+ if(mech) {
const char *str = getcmdid(conn);
result = imap_sendf(conn, str, "%s AUTHENTICATE %s", str, mech);
@@ -561,6 +561,12 @@ static CURLcode imap_authenticate(struct connectdata *conn)
if(!result)
state(conn, authstate);
}
+ else if(!imapc->login_disabled)
+ result = imap_state_login(conn);
+ else {
+ infof(conn->data, "No known authentication mechanisms supported!\n");
+ result = CURLE_LOGIN_DENIED; /* Other mechanisms not supported */
+ }
return result;
}
@@ -660,11 +666,10 @@ static CURLcode imap_state_capability_resp(struct connectdata *conn,
imapstate instate)
{
CURLcode result = CURLE_OK;
- struct imap_conn *imapc = &conn->proto.imapc;
(void)instate; /* no use for this yet */
- if(imapcode == 'O' && imapc->authmechs)
+ if(imapcode == 'O')
result = imap_authenticate(conn);
else
result = imap_state_login(conn);
diff --git a/lib/imap.h b/lib/imap.h
index c33cbed93..533ee4a94 100644
--- a/lib/imap.h
+++ b/lib/imap.h
@@ -62,6 +62,7 @@ struct imap_conn {
int cmdid; /* Next command ID */
const char *idstr; /* String based response ID to wait for */
bool ssldone; /* Is connect() over SSL done? */
+ bool login_disabled; /* LOGIN command explicitly disabled by server */
};
extern const struct Curl_handler Curl_handler_imap;