diff options
| -rw-r--r-- | lib/imap.c | 44 | ||||
| -rw-r--r-- | lib/imap.h | 9 |
2 files changed, 41 insertions, 12 deletions
diff --git a/lib/imap.c b/lib/imap.c index 0e558ae1a..3cb1e8f84 100644 --- a/lib/imap.c +++ b/lib/imap.c @@ -653,7 +653,7 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn) } if(!result) { - if(mech) { + if(mech && (imapc->preftype & IMAP_TYPE_SASL)) { /* Perform SASL based authentication */ if(initresp) { result = imap_sendf(conn, "AUTHENTICATE %s %s", mech, initresp); @@ -670,7 +670,8 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn) Curl_safefree(initresp); } - else if(!imapc->login_disabled) + else if((!imapc->login_disabled) && + (imapc->preftype & IMAP_TYPE_CLEARTEXT)) /* Perform clear text authentication */ result = imap_perform_login(conn); else { @@ -1837,7 +1838,8 @@ static CURLcode imap_connect(struct connectdata *conn, bool *done) pp->endofresp = imap_endofresp; pp->conn = conn; - /* Set the default preferred authentication mechanism */ + /* Set the default preferred authentication type and mechanism */ + imapc->preftype = IMAP_TYPE_ANY; imapc->prefmech = SASL_AUTH_ANY; /* Initialise the pingpong layer */ @@ -2331,24 +2333,42 @@ static CURLcode imap_parse_url_options(struct connectdata *conn) if(strnequal(key, "AUTH", 4)) { const char *value = ptr + 1; - if(strequal(value, "*")) + if(strequal(value, "*")) { + imapc->preftype = IMAP_TYPE_SASL; imapc->prefmech = SASL_AUTH_ANY; - else if(strequal(value, SASL_MECH_STRING_LOGIN)) + } + else if(strequal(value, SASL_MECH_STRING_LOGIN)) { + imapc->preftype = IMAP_TYPE_SASL; imapc->prefmech = SASL_MECH_LOGIN; - else if(strequal(value, SASL_MECH_STRING_PLAIN)) + } + else if(strequal(value, SASL_MECH_STRING_PLAIN)) { + imapc->preftype = IMAP_TYPE_SASL; imapc->prefmech = SASL_MECH_PLAIN; - else if(strequal(value, SASL_MECH_STRING_CRAM_MD5)) + } + else if(strequal(value, SASL_MECH_STRING_CRAM_MD5)) { + imapc->preftype = IMAP_TYPE_SASL; imapc->prefmech = SASL_MECH_CRAM_MD5; - else if(strequal(value, SASL_MECH_STRING_DIGEST_MD5)) + } + else if(strequal(value, SASL_MECH_STRING_DIGEST_MD5)) { + imapc->preftype = IMAP_TYPE_SASL; imapc->prefmech = SASL_MECH_DIGEST_MD5; - else if(strequal(value, SASL_MECH_STRING_GSSAPI)) + } + else if(strequal(value, SASL_MECH_STRING_GSSAPI)) { + imapc->preftype = IMAP_TYPE_SASL; imapc->prefmech = SASL_MECH_GSSAPI; - else if(strequal(value, SASL_MECH_STRING_NTLM)) + } + else if(strequal(value, SASL_MECH_STRING_NTLM)) { + imapc->preftype = IMAP_TYPE_SASL; imapc->prefmech = SASL_MECH_NTLM; - else if(strequal(value, SASL_MECH_STRING_XOAUTH2)) + } + else if(strequal(value, SASL_MECH_STRING_XOAUTH2)) { + imapc->preftype = IMAP_TYPE_SASL; imapc->prefmech = SASL_MECH_XOAUTH2; - else + } + else { + imapc->preftype = IMAP_TYPE_NONE; imapc->prefmech = SASL_AUTH_NONE; + } } else result = CURLE_URL_MALFORMAT; diff --git a/lib/imap.h b/lib/imap.h index 7c9a72066..95e55bef7 100644 --- a/lib/imap.h +++ b/lib/imap.h @@ -78,6 +78,7 @@ struct imap_conn { imapstate state; /* Always use imap.c:state() to change state! */ bool ssldone; /* Is connect() over SSL done? */ unsigned int authmechs; /* Accepted authentication mechanisms */ + unsigned int preftype; /* Preferred authentication type */ unsigned int prefmech; /* Preferred authentication mechanism */ unsigned int authused; /* Auth mechanism used for the connection */ int cmdid; /* Last used command ID */ @@ -92,4 +93,12 @@ struct imap_conn { extern const struct Curl_handler Curl_handler_imap; extern const struct Curl_handler Curl_handler_imaps; +/* Authentication type flags */ +#define IMAP_TYPE_CLEARTEXT (1 << 0) +#define IMAP_TYPE_SASL (1 << 1) + +/* Authentication type values */ +#define IMAP_TYPE_NONE 0 +#define IMAP_TYPE_ANY ~0U + #endif /* HEADER_CURL_IMAP_H */ |