aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/curl_sasl.c10
-rw-r--r--lib/setopt.c6
-rw-r--r--lib/url.c9
-rw-r--r--lib/urldata.h4
4 files changed, 24 insertions, 5 deletions
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index 018e4228b..0aa1f5bb7 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -370,8 +370,9 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
sasl->authused = SASL_MECH_PLAIN;
if(force_ir || data->set.sasl_ir)
- result = Curl_auth_create_plain_message(data, NULL, conn->user,
- conn->passwd, &resp, &len);
+ result = Curl_auth_create_plain_message(data, conn->sasl_authzid,
+ conn->user, conn->passwd,
+ &resp, &len);
}
else if(enabledmechs & SASL_MECH_LOGIN) {
mech = SASL_MECH_STRING_LOGIN;
@@ -453,8 +454,9 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
*progress = SASL_DONE;
return result;
case SASL_PLAIN:
- result = Curl_auth_create_plain_message(data, NULL, conn->user,
- conn->passwd, &resp, &len);
+ result = Curl_auth_create_plain_message(data, conn->sasl_authzid,
+ conn->user, conn->passwd,
+ &resp, &len);
break;
case SASL_LOGIN:
result = Curl_auth_create_login_message(data, conn->user, &resp, &len);
diff --git a/lib/setopt.c b/lib/setopt.c
index 64a6b010d..91251bd7b 100644
--- a/lib/setopt.c
+++ b/lib/setopt.c
@@ -2402,6 +2402,12 @@ CURLcode Curl_vsetopt(struct Curl_easy *data, CURLoption option, va_list param)
break;
#endif
+ case CURLOPT_SASL_AUTHZID:
+ /* Authorisation identity (identity to act as) */
+ result = Curl_setstropt(&data->set.str[STRING_SASL_AUTHZID],
+ va_arg(param, char *));
+ break;
+
case CURLOPT_SASL_IR:
/* Enable/disable SASL initial response */
data->set.sasl_ir = (0 != va_arg(param, long)) ? TRUE : FALSE;
diff --git a/lib/url.c b/lib/url.c
index 05fc0e50e..c61319b3b 100644
--- a/lib/url.c
+++ b/lib/url.c
@@ -715,6 +715,7 @@ static void conn_free(struct connectdata *conn)
Curl_safefree(conn->user);
Curl_safefree(conn->passwd);
Curl_safefree(conn->oauth_bearer);
+ Curl_safefree(conn->sasl_authzid);
Curl_safefree(conn->options);
Curl_safefree(conn->http_proxy.user);
Curl_safefree(conn->socks_proxy.user);
@@ -3492,6 +3493,14 @@ static CURLcode create_conn(struct Curl_easy *data,
}
}
+ if(data->set.str[STRING_SASL_AUTHZID]) {
+ conn->sasl_authzid = strdup(data->set.str[STRING_SASL_AUTHZID]);
+ if(!conn->sasl_authzid) {
+ result = CURLE_OUT_OF_MEMORY;
+ goto out;
+ }
+ }
+
#ifdef USE_UNIX_SOCKETS
if(data->set.str[STRING_UNIX_SOCKET_PATH]) {
conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]);
diff --git a/lib/urldata.h b/lib/urldata.h
index b9daf12de..b3b1263c6 100644
--- a/lib/urldata.h
+++ b/lib/urldata.h
@@ -875,7 +875,8 @@ struct connectdata {
char *passwd; /* password string, allocated */
char *options; /* options string, allocated */
- char *oauth_bearer; /* bearer token for OAuth 2.0, allocated */
+ char *oauth_bearer; /* bearer token for OAuth 2.0, allocated */
+ char *sasl_authzid; /* authorisation identity string, allocated */
int httpversion; /* the HTTP version*10 reported by the server */
int rtspversion; /* the RTSP version*10 reported by the server */
@@ -1498,6 +1499,7 @@ enum dupstring {
#ifdef USE_ALTSVC
STRING_ALTSVC, /* CURLOPT_ALTSVC */
#endif
+ STRING_SASL_AUTHZID, /* CURLOPT_SASL_AUTHZID */
/* -- end of zero-terminated strings -- */
STRING_LASTZEROTERMINATED,