aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/curl_sasl.h35
-rw-r--r--lib/imap.c42
-rw-r--r--lib/pop3.c42
-rw-r--r--lib/smtp.c42
4 files changed, 88 insertions, 73 deletions
diff --git a/lib/curl_sasl.h b/lib/curl_sasl.h
index 1cac8fd63..2b6a5a26a 100644
--- a/lib/curl_sasl.h
+++ b/lib/curl_sasl.h
@@ -24,20 +24,35 @@
#include "pingpong.h"
-/* Authentication mechanism flags */
-#define SASL_MECH_LOGIN (1 << 0)
-#define SASL_MECH_PLAIN (1 << 1)
-#define SASL_MECH_CRAM_MD5 (1 << 2)
-#define SASL_MECH_DIGEST_MD5 (1 << 3)
-#define SASL_MECH_GSSAPI (1 << 4)
-#define SASL_MECH_EXTERNAL (1 << 5)
-#define SASL_MECH_NTLM (1 << 6)
-#define SASL_MECH_XOAUTH2 (1 << 7)
-
/* Authentication mechanism values */
#define SASL_AUTH_NONE 0
#define SASL_AUTH_ANY ~0U
+/* Authentication mechanism flags */
+#define SASL_MECH_LOGIN (1 << 0)
+#define SASL_MECH_PLAIN (1 << 1)
+#define SASL_MECH_CRAM_MD5 (1 << 2)
+#define SASL_MECH_DIGEST_MD5 (1 << 3)
+#define SASL_MECH_GSSAPI (1 << 4)
+#define SASL_MECH_EXTERNAL (1 << 5)
+#define SASL_MECH_NTLM (1 << 6)
+#define SASL_MECH_XOAUTH2 (1 << 7)
+
+/* Authentication mechanism strings */
+#define SASL_MECH_STRING_LOGIN "LOGIN"
+#define SASL_MECH_STRING_PLAIN "PLAIN"
+#define SASL_MECH_STRING_CRAM_MD5 "CRAM-MD5"
+#define SASL_MECH_STRING_DIGEST_MD5 "DIGEST-MD5"
+#define SASL_MECH_STRING_GSSAPI "GSSAPI"
+#define SASL_MECH_STRING_EXTERNAL "EXTERNAL"
+#define SASL_MECH_STRING_NTLM "NTLM"
+#define SASL_MECH_STRING_XOAUTH2 "XOAUTH2"
+
+/* This is used to test whether the line starts with the given mechanism */
+#define sasl_mech_equal(line, wordlen, mech) \
+ (wordlen == (sizeof(mech) - 1) / sizeof(char) && \
+ !memcmp(line, mech, wordlen))
+
/* This is used to generate a base64 encoded PLAIN authentication message */
CURLcode Curl_sasl_create_plain_message(struct SessionHandle *data,
const char *userp,
diff --git a/lib/imap.c b/lib/imap.c
index 7c0bf5c0e..5d3a1a17e 100644
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -555,13 +555,13 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn)
#ifndef CURL_DISABLE_CRYPTO_AUTH
if((imapc->authmechs & SASL_MECH_DIGEST_MD5) &&
(imapc->prefmech & SASL_MECH_DIGEST_MD5)) {
- mech = "DIGEST-MD5";
+ mech = SASL_MECH_STRING_DIGEST_MD5;
state1 = IMAP_AUTHENTICATE_DIGESTMD5;
imapc->authused = SASL_MECH_DIGEST_MD5;
}
else if((imapc->authmechs & SASL_MECH_CRAM_MD5) &&
(imapc->prefmech & SASL_MECH_CRAM_MD5)) {
- mech = "CRAM-MD5";
+ mech = SASL_MECH_STRING_CRAM_MD5;
state1 = IMAP_AUTHENTICATE_CRAMMD5;
imapc->authused = SASL_MECH_CRAM_MD5;
}
@@ -570,7 +570,7 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn)
#ifdef USE_NTLM
if((imapc->authmechs & SASL_MECH_NTLM) &&
(imapc->prefmech & SASL_MECH_NTLM)) {
- mech = "NTLM";
+ mech = SASL_MECH_STRING_NTLM;
state1 = IMAP_AUTHENTICATE_NTLM;
state2 = IMAP_AUTHENTICATE_NTLM_TYPE2MSG;
imapc->authused = SASL_MECH_NTLM;
@@ -585,7 +585,7 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn)
if(((imapc->authmechs & SASL_MECH_XOAUTH2) &&
(imapc->prefmech & SASL_MECH_XOAUTH2) &&
(imapc->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
- mech = "XOAUTH2";
+ mech = SASL_MECH_STRING_XOAUTH2;
state1 = IMAP_AUTHENTICATE_XOAUTH2;
state2 = IMAP_AUTHENTICATE_FINAL;
imapc->authused = SASL_MECH_XOAUTH2;
@@ -597,7 +597,7 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn)
}
else if((imapc->authmechs & SASL_MECH_LOGIN) &&
(imapc->prefmech & SASL_MECH_LOGIN)) {
- mech = "LOGIN";
+ mech = SASL_MECH_STRING_LOGIN;
state1 = IMAP_AUTHENTICATE_LOGIN;
state2 = IMAP_AUTHENTICATE_LOGIN_PASSWD;
imapc->authused = SASL_MECH_LOGIN;
@@ -608,7 +608,7 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn)
}
else if((imapc->authmechs & SASL_MECH_PLAIN) &&
(imapc->prefmech & SASL_MECH_PLAIN)) {
- mech = "PLAIN";
+ mech = SASL_MECH_STRING_PLAIN;
state1 = IMAP_AUTHENTICATE_PLAIN;
state2 = IMAP_AUTHENTICATE_FINAL;
imapc->authused = SASL_MECH_PLAIN;
@@ -885,21 +885,21 @@ static CURLcode imap_state_capability_resp(struct connectdata *conn,
wordlen -= 5;
/* Test the word for a matching authentication mechanism */
- if(wordlen == 5 && !memcmp(line, "LOGIN", 5))
+ if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_LOGIN))
imapc->authmechs |= SASL_MECH_LOGIN;
- if(wordlen == 5 && !memcmp(line, "PLAIN", 5))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_PLAIN))
imapc->authmechs |= SASL_MECH_PLAIN;
- else if(wordlen == 8 && !memcmp(line, "CRAM-MD5", 8))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_CRAM_MD5))
imapc->authmechs |= SASL_MECH_CRAM_MD5;
- else if(wordlen == 10 && !memcmp(line, "DIGEST-MD5", 10))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_DIGEST_MD5))
imapc->authmechs |= SASL_MECH_DIGEST_MD5;
- else if(wordlen == 6 && !memcmp(line, "GSSAPI", 6))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_GSSAPI))
imapc->authmechs |= SASL_MECH_GSSAPI;
- else if(wordlen == 8 && !memcmp(line, "EXTERNAL", 8))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_EXTERNAL))
imapc->authmechs |= SASL_MECH_EXTERNAL;
- else if(wordlen == 4 && !memcmp(line, "NTLM", 4))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_NTLM))
imapc->authmechs |= SASL_MECH_NTLM;
- else if(wordlen == 7 && !memcmp(line, "XOAUTH2", 7))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_XOAUTH2))
imapc->authmechs |= SASL_MECH_XOAUTH2;
}
@@ -2275,19 +2275,19 @@ static CURLcode imap_parse_url_options(struct connectdata *conn)
if(strequal(value, "*"))
imapc->prefmech = SASL_AUTH_ANY;
- else if(strequal(value, "LOGIN"))
+ else if(strequal(value, SASL_MECH_STRING_LOGIN))
imapc->prefmech = SASL_MECH_LOGIN;
- else if(strequal(value, "PLAIN"))
+ else if(strequal(value, SASL_MECH_STRING_PLAIN))
imapc->prefmech = SASL_MECH_PLAIN;
- else if(strequal(value, "CRAM-MD5"))
+ else if(strequal(value, SASL_MECH_STRING_CRAM_MD5))
imapc->prefmech = SASL_MECH_CRAM_MD5;
- else if(strequal(value, "DIGEST-MD5"))
+ else if(strequal(value, SASL_MECH_STRING_DIGEST_MD5))
imapc->prefmech = SASL_MECH_DIGEST_MD5;
- else if(strequal(value, "GSSAPI"))
+ else if(strequal(value, SASL_MECH_STRING_GSSAPI))
imapc->prefmech = SASL_MECH_GSSAPI;
- else if(strequal(value, "NTLM"))
+ else if(strequal(value, SASL_MECH_STRING_NTLM))
imapc->prefmech = SASL_MECH_NTLM;
- else if(strequal(value, "XOAUTH2"))
+ else if(strequal(value, SASL_MECH_STRING_XOAUTH2))
imapc->prefmech = SASL_MECH_XOAUTH2;
else
imapc->prefmech = SASL_AUTH_NONE;
diff --git a/lib/pop3.c b/lib/pop3.c
index bb3ed31cc..a77193384 100644
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -313,21 +313,21 @@ static bool pop3_endofresp(struct connectdata *conn, char *line, size_t len,
wordlen++;
/* Test the word for a matching authentication mechanism */
- if(wordlen == 5 && !memcmp(line, "LOGIN", 5))
+ if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_LOGIN))
pop3c->authmechs |= SASL_MECH_LOGIN;
- else if(wordlen == 5 && !memcmp(line, "PLAIN", 5))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_PLAIN))
pop3c->authmechs |= SASL_MECH_PLAIN;
- else if(wordlen == 8 && !memcmp(line, "CRAM-MD5", 8))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_CRAM_MD5))
pop3c->authmechs |= SASL_MECH_CRAM_MD5;
- else if(wordlen == 10 && !memcmp(line, "DIGEST-MD5", 10))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_DIGEST_MD5))
pop3c->authmechs |= SASL_MECH_DIGEST_MD5;
- else if(wordlen == 6 && !memcmp(line, "GSSAPI", 6))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_GSSAPI))
pop3c->authmechs |= SASL_MECH_GSSAPI;
- else if(wordlen == 8 && !memcmp(line, "EXTERNAL", 8))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_EXTERNAL))
pop3c->authmechs |= SASL_MECH_EXTERNAL;
- else if(wordlen == 4 && !memcmp(line, "NTLM", 4))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_NTLM))
pop3c->authmechs |= SASL_MECH_NTLM;
- else if(wordlen == 7 && !memcmp(line, "XOAUTH2", 7))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_XOAUTH2))
pop3c->authmechs |= SASL_MECH_XOAUTH2;
line += wordlen;
@@ -576,13 +576,13 @@ static CURLcode pop3_perform_authenticate(struct connectdata *conn)
#ifndef CURL_DISABLE_CRYPTO_AUTH
if((pop3c->authmechs & SASL_MECH_DIGEST_MD5) &&
(pop3c->prefmech & SASL_MECH_DIGEST_MD5)) {
- mech = "DIGEST-MD5";
+ mech = SASL_MECH_STRING_DIGEST_MD5;
state1 = POP3_AUTH_DIGESTMD5;
pop3c->authused = SASL_MECH_DIGEST_MD5;
}
else if((pop3c->authmechs & SASL_MECH_CRAM_MD5) &&
(pop3c->prefmech & SASL_MECH_CRAM_MD5)) {
- mech = "CRAM-MD5";
+ mech = SASL_MECH_STRING_CRAM_MD5;
state1 = POP3_AUTH_CRAMMD5;
pop3c->authused = SASL_MECH_CRAM_MD5;
}
@@ -591,7 +591,7 @@ static CURLcode pop3_perform_authenticate(struct connectdata *conn)
#ifdef USE_NTLM
if((pop3c->authmechs & SASL_MECH_NTLM) &&
(pop3c->prefmech & SASL_MECH_NTLM)) {
- mech = "NTLM";
+ mech = SASL_MECH_STRING_NTLM;
state1 = POP3_AUTH_NTLM;
state2 = POP3_AUTH_NTLM_TYPE2MSG;
pop3c->authused = SASL_MECH_NTLM;
@@ -606,7 +606,7 @@ static CURLcode pop3_perform_authenticate(struct connectdata *conn)
if(((pop3c->authmechs & SASL_MECH_XOAUTH2) &&
(pop3c->prefmech & SASL_MECH_XOAUTH2) &&
(pop3c->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
- mech = "XOAUTH2";
+ mech = SASL_MECH_STRING_XOAUTH2;
state1 = POP3_AUTH_XOAUTH2;
state2 = POP3_AUTH_FINAL;
pop3c->authused = SASL_MECH_XOAUTH2;
@@ -618,7 +618,7 @@ static CURLcode pop3_perform_authenticate(struct connectdata *conn)
}
else if((pop3c->authmechs & SASL_MECH_LOGIN) &&
(pop3c->prefmech & SASL_MECH_LOGIN)) {
- mech = "LOGIN";
+ mech = SASL_MECH_STRING_LOGIN;
state1 = POP3_AUTH_LOGIN;
state2 = POP3_AUTH_LOGIN_PASSWD;
pop3c->authused = SASL_MECH_LOGIN;
@@ -629,7 +629,7 @@ static CURLcode pop3_perform_authenticate(struct connectdata *conn)
}
else if((pop3c->authmechs & SASL_MECH_PLAIN) &&
(pop3c->prefmech & SASL_MECH_PLAIN)) {
- mech = "PLAIN";
+ mech = SASL_MECH_STRING_PLAIN;
state1 = POP3_AUTH_PLAIN;
state2 = POP3_AUTH_FINAL;
pop3c->authused = SASL_MECH_PLAIN;
@@ -1788,31 +1788,31 @@ static CURLcode pop3_parse_url_options(struct connectdata *conn)
pop3c->preftype = POP3_TYPE_APOP;
pop3c->prefmech = SASL_AUTH_NONE;
}
- else if(strequal(value, "LOGIN")) {
+ else if(strequal(value, SASL_MECH_STRING_LOGIN)) {
pop3c->preftype = POP3_TYPE_SASL;
pop3c->prefmech = SASL_MECH_LOGIN;
}
- else if(strequal(value, "PLAIN")) {
+ else if(strequal(value, SASL_MECH_STRING_PLAIN)) {
pop3c->preftype = POP3_TYPE_SASL;
pop3c->prefmech = SASL_MECH_PLAIN;
}
- else if(strequal(value, "CRAM-MD5")) {
+ else if(strequal(value, SASL_MECH_STRING_CRAM_MD5)) {
pop3c->preftype = POP3_TYPE_SASL;
pop3c->prefmech = SASL_MECH_CRAM_MD5;
}
- else if(strequal(value, "DIGEST-MD5")) {
+ else if(strequal(value, SASL_MECH_STRING_DIGEST_MD5)) {
pop3c->preftype = POP3_TYPE_SASL;
pop3c->prefmech = SASL_MECH_DIGEST_MD5;
}
- else if(strequal(value, "GSSAPI")) {
+ else if(strequal(value, SASL_MECH_STRING_GSSAPI)) {
pop3c->preftype = POP3_TYPE_SASL;
pop3c->prefmech = SASL_MECH_GSSAPI;
}
- else if(strequal(value, "NTLM")) {
+ else if(strequal(value, SASL_MECH_STRING_NTLM)) {
pop3c->preftype = POP3_TYPE_SASL;
pop3c->prefmech = SASL_MECH_NTLM;
}
- else if(strequal(value, "XOAUTH2")) {
+ else if(strequal(value, SASL_MECH_STRING_XOAUTH2)) {
pop3c->preftype = POP3_TYPE_SASL;
pop3c->prefmech = SASL_MECH_XOAUTH2;
}
diff --git a/lib/smtp.c b/lib/smtp.c
index 2d4055c24..9626a30d8 100644
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -277,21 +277,21 @@ static bool smtp_endofresp(struct connectdata *conn, char *line, size_t len,
wordlen++;
/* Test the word for a matching authentication mechanism */
- if(wordlen == 5 && !memcmp(line, "LOGIN", 5))
+ if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_LOGIN))
smtpc->authmechs |= SASL_MECH_LOGIN;
- else if(wordlen == 5 && !memcmp(line, "PLAIN", 5))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_PLAIN))
smtpc->authmechs |= SASL_MECH_PLAIN;
- else if(wordlen == 8 && !memcmp(line, "CRAM-MD5", 8))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_CRAM_MD5))
smtpc->authmechs |= SASL_MECH_CRAM_MD5;
- else if(wordlen == 10 && !memcmp(line, "DIGEST-MD5", 10))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_DIGEST_MD5))
smtpc->authmechs |= SASL_MECH_DIGEST_MD5;
- else if(wordlen == 6 && !memcmp(line, "GSSAPI", 6))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_GSSAPI))
smtpc->authmechs |= SASL_MECH_GSSAPI;
- else if(wordlen == 8 && !memcmp(line, "EXTERNAL", 8))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_EXTERNAL))
smtpc->authmechs |= SASL_MECH_EXTERNAL;
- else if(wordlen == 4 && !memcmp(line, "NTLM", 4))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_NTLM))
smtpc->authmechs |= SASL_MECH_NTLM;
- else if(wordlen == 7 && !memcmp(line, "XOAUTH2", 7))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_XOAUTH2))
smtpc->authmechs |= SASL_MECH_XOAUTH2;
line += wordlen;
@@ -473,13 +473,13 @@ static CURLcode smtp_perform_authenticate(struct connectdata *conn)
#ifndef CURL_DISABLE_CRYPTO_AUTH
if((smtpc->authmechs & SASL_MECH_DIGEST_MD5) &&
(smtpc->prefmech & SASL_MECH_DIGEST_MD5)) {
- mech = "DIGEST-MD5";
+ mech = SASL_MECH_STRING_DIGEST_MD5;
state1 = SMTP_AUTH_DIGESTMD5;
smtpc->authused = SASL_MECH_DIGEST_MD5;
}
else if((smtpc->authmechs & SASL_MECH_CRAM_MD5) &&
(smtpc->prefmech & SASL_MECH_CRAM_MD5)) {
- mech = "CRAM-MD5";
+ mech = SASL_MECH_STRING_CRAM_MD5;
state1 = SMTP_AUTH_CRAMMD5;
smtpc->authused = SASL_MECH_CRAM_MD5;
}
@@ -488,7 +488,7 @@ static CURLcode smtp_perform_authenticate(struct connectdata *conn)
#ifdef USE_NTLM
if((smtpc->authmechs & SASL_MECH_NTLM) &&
(smtpc->prefmech & SASL_MECH_NTLM)) {
- mech = "NTLM";
+ mech = SASL_MECH_STRING_NTLM;
state1 = SMTP_AUTH_NTLM;
state2 = SMTP_AUTH_NTLM_TYPE2MSG;
smtpc->authused = SASL_MECH_NTLM;
@@ -503,7 +503,7 @@ static CURLcode smtp_perform_authenticate(struct connectdata *conn)
if(((smtpc->authmechs & SASL_MECH_XOAUTH2) &&
(smtpc->prefmech & SASL_MECH_XOAUTH2) &&
(smtpc->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
- mech = "XOAUTH2";
+ mech = SASL_MECH_STRING_XOAUTH2;
state1 = SMTP_AUTH_XOAUTH2;
state2 = SMTP_AUTH_FINAL;
smtpc->authused = SASL_MECH_XOAUTH2;
@@ -515,7 +515,7 @@ static CURLcode smtp_perform_authenticate(struct connectdata *conn)
}
else if((smtpc->authmechs & SASL_MECH_LOGIN) &&
(smtpc->prefmech & SASL_MECH_LOGIN)) {
- mech = "LOGIN";
+ mech = SASL_MECH_STRING_LOGIN;
state1 = SMTP_AUTH_LOGIN;
state2 = SMTP_AUTH_LOGIN_PASSWD;
smtpc->authused = SASL_MECH_LOGIN;
@@ -526,7 +526,7 @@ static CURLcode smtp_perform_authenticate(struct connectdata *conn)
}
else if((smtpc->authmechs & SASL_MECH_PLAIN) &&
(smtpc->prefmech & SASL_MECH_PLAIN)) {
- mech = "PLAIN";
+ mech = SASL_MECH_STRING_PLAIN;
state1 = SMTP_AUTH_PLAIN;
state2 = SMTP_AUTH_FINAL;
smtpc->authused = SASL_MECH_PLAIN;
@@ -1786,19 +1786,19 @@ static CURLcode smtp_parse_url_options(struct connectdata *conn)
if(strequal(value, "*"))
smtpc->prefmech = SASL_AUTH_ANY;
- else if(strequal(value, "LOGIN"))
+ else if(strequal(value, SASL_MECH_STRING_LOGIN))
smtpc->prefmech = SASL_MECH_LOGIN;
- else if(strequal(value, "PLAIN"))
+ else if(strequal(value, SASL_MECH_STRING_PLAIN))
smtpc->prefmech = SASL_MECH_PLAIN;
- else if(strequal(value, "CRAM-MD5"))
+ else if(strequal(value, SASL_MECH_STRING_CRAM_MD5))
smtpc->prefmech = SASL_MECH_CRAM_MD5;
- else if(strequal(value, "DIGEST-MD5"))
+ else if(strequal(value, SASL_MECH_STRING_DIGEST_MD5))
smtpc->prefmech = SASL_MECH_DIGEST_MD5;
- else if(strequal(value, "GSSAPI"))
+ else if(strequal(value, SASL_MECH_STRING_GSSAPI))
smtpc->prefmech = SASL_MECH_GSSAPI;
- else if(strequal(value, "NTLM"))
+ else if(strequal(value, SASL_MECH_STRING_NTLM))
smtpc->prefmech = SASL_MECH_NTLM;
- else if(strequal(value, "XOAUTH2"))
+ else if(strequal(value, SASL_MECH_STRING_XOAUTH2))
smtpc->prefmech = SASL_MECH_XOAUTH2;
else
smtpc->prefmech = SASL_AUTH_NONE;