aboutsummaryrefslogtreecommitdiff
path: root/lib/imap.c
AgeCommit message (Collapse)Author
2013-12-24imap: Fixed auth preference not being honored when CAPABILITY not supportedSteve Holme
If a user indicated they preferred to authenticate using a SASL mechanism, but SASL authentication wasn't supported by the server, curl would always fall back to clear text when CAPABILITY wasn't supported, even though the user didn't want to use this.
2013-12-22email: Fixed segfault introduced in commit 195b63f99c2fe3Steve Holme
2013-12-22code police: fix indent level to silence checksrc complaintsDaniel Stenberg
2013-12-21email: Extended the login options to support multiple auth mechanismsSteve Holme
2013-12-20vtls: renamed sslgen.[ch] to vtls.[ch]Daniel Stenberg
2013-12-20vtls: created subdir, moved sslgen.[ch] there, updated all include linesDaniel Stenberg
2013-12-18imap/pop3/smtp: Added support for SASL authentication downgradesSteve Holme
Added support for downgrading the SASL authentication mechanism when the decoding of CRAM-MD5, DIGEST-MD5 and NTLM messages fails. This enhances the previously added support for graceful cancellation by allowing the client to retry a lesser SASL mechanism such as LOGIN or PLAIN, or even APOP / clear text (in the case of POP3 and IMAP) when supported by the server.
2013-12-18imap: Moved the calculation of SASL login details into a separate functionSteve Holme
2013-12-18imap: Moved the sending of the AUTHENICATE command into a separate functionSteve Holme
2013-12-17email: Renamed *_perform_authenticate() functionsSteve Holme
In preparation for the upcoming SASL downgrade feature renamed the imap__perform_authenticate(), pop3__perform_authenticate() and smtp__perform_authenticate() functions.
2013-12-14imap: Fixed exclude of clear text when using auth=* in commit 75cd7fd66762bbSteve Holme
It is not 100% clear whether * should include clear text LOGIN or not from RFC-5092, however, including it is then consistent with current POP3 behaviour where clear text, APOP or SASL may be chosen.
2013-12-13imap: Fixed incorrect fallback to clear text authenticationSteve Holme
If a specific SASL authentication mechanism was requested by the user as part of the login options but wasn't supported by the server then curl would fallback to clear text, when it shouldn't, rather than reporting "No known authentication mechanisms supported" as the POP3 and SMTP protocols do.
2013-12-04imap/pop3: Post graceful cancellation consistency changesSteve Holme
2013-10-30email: Post graceful SASL authentication cancellation tidy upSteve Holme
2013-10-27email: Added support for cancelling NTLM authenticationSteve Holme
2013-10-27email: Added support for cancelling DIGEST-MD5 authenticationSteve Holme
2013-10-27email: Added support for canceling CRAM-MD5 authenticationSteve Holme
2013-10-27email: Added initial support for cancelling authenticationSteve Holme
Should a client application fail to decode an authentication message received from a server, or not support any of the parameters given by the server in the message, then the authentication phrase should be cancelled gracefully by the client rather than simply terminating the connection. The authentication phrase should be cancelled by simply sending a '*' to the server, in response to erroneous data being received, as per RFC-3501, RFC-4954 and RFC-5034. This patch adds the necessary state machine constants and appropriate response handlers in order to add this functionality for the CRAM-MD5, DIGEST-MD5 and NTLM authentication mechanisms.
2013-10-27email: Moved authentication message parsing into a separate functionSteve Holme
...in preparation for upcoming modifications.
2013-10-26email: Added references to SASL LOGIN authentication draft proposalSteve Holme
2013-10-18email: Fixed QUIT / LOGOUT being sent when SSL connect failsSteve Holme
2013-09-25imap: Added clarification to the code about odd continuation responsesSteve Holme
2013-09-24sasl: Centralised the authentication mechanism stringsSteve Holme
Moved the standard SASL mechanism strings into curl_sasl.h rather than hard coding the same values over and over again in the protocols that use SASL authentication. For more information about the mechanism strings see: http://www.iana.org/assignments/sasl-mechanisms
2013-09-14imap: Fixed response check for NOOP commandSteve Holme
2013-09-11imap: Fixed response check for LSUB and UID commandsSteve Holme
2013-09-10imap/pop3/smtp: Speed up SSL connection initializationJiri Hruska
Don't wait for the next callback call (usually 1 second) before continuing with protocol specific connection initialization.
2013-09-09imap: Fixed calculation of transfer when partial FETCH receivedSteve Holme
The transfer size would be calculated incorrectly if the email contained within the FETCH response, had been partially received by the pingpong layer. As such the following, example output, would be seen if the amount remaining was smaller than the amount received: * Excess found in a non pipelined read: excess = 1394, size = 262, maxdownload = 262, bytecount = 1374 * transfer closed with -1112 bytes remaining to read Bug: http://curl.haxx.se/mail/lib-2013-08/0170.html Reported-by: John Dunn
2013-09-04SASL: fix compiler warningsDaniel Stenberg
comparison between signed and unsigned integer expressions suggest parentheses around '&&' within '||' (twice)
2013-09-04imap/smtp: Fixed incorrect SASL mechanism selection with XOAUTH2 serversSteve Holme
XOAUTH2 would be selected in preference to LOGIN and PLAIN if the IMAP or SMTP server advertised support for it even though a user's password was supplied but bearer token wasn't. Modified the selection logic so that XOAUTH2 will only be selected if the server supports it and A) The curl user/libcurl programmer has specifically asked for XOAUTH via the ;AUTH=XOAUTH login option or 2) The bearer token is specified. Obviously if XOAUTH is asked for via the login option but no token is specified the user will receive a authentication failure which makes more sense than no known authentication mechanisms supported!
2013-08-31imap: Fixed response check for EXPUNGE commandSteve Holme
2013-08-26imap: added basic SASL XOAUTH2 supportKyle L. Huff
Added the ability to use an XOAUTH2 bearer token [RFC6750] with IMAP for authentication using RFC6749 "OAuth 2.0 Authorization Framework". The bearer token is expected to be valid for the user specified in conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has an advertised auth mechanism of "XOAUTH2", the user and access token are formatted as a base64 encoded string and sent to the server as "A001 AUTHENTICATE XOAUTH2 <bearer token>".
2013-08-19imap: Fixed response check for SEARCH commandAlex McLellan
Adding this line allows libcurl to return the server response when performing a search command via a custom request.
2013-08-12SessionHandle: the protocol specific pointer is now a void *Daniel Stenberg
All protocol handler structs are now opaque (void *) in the SessionHandle struct and moved in the request-specific sub-struct 'SingleRequest'. The intension is to keep the protocol specific knowledge in their own dedicated source files [protocol].c etc. There's some "leakage" where this policy is violated, to be addressed at a later point in time.
2013-08-12urldata: clean up the use of the protocol specific structsDaniel Stenberg
1 - always allocate the struct in protocol->setup_connection. Some protocol handlers had to get this function added. 2 - always free at the end of a request. This is also an attempt to keep less memory in the handle after it is completed.
2013-08-09comments: remove old and wrong multi/easy interface statementsDaniel Stenberg
2013-07-24string formatting: fix zero-length printf format stringYang Tse
2013-07-24imap.c: imap_sendf() fix va_start/va_end matchingYang Tse
2013-07-24string formatting: fix 25+ printf-style format stringsYang Tse
2013-04-28email: Tidy up of *_perform_authenticate()Steve Holme
Removed the hard returns from imap and pop3 by using the same style for sending the authentication string as smtp. Moved the "Other mechanisms not supported" check in smtp to match that of imap and pop3 to provide consistency between the three email protocols.
2013-04-27imap: Added support for overriding the SASL initial responseSteve Holme
In addition to checking for the SASL-IR capability the user can override the sending of the client's initial response in the AUTHENTICATION command with the use of CURLOPT_SASL_IR should the server erroneously not report SASL-IR when it does support it.
2013-04-13imap: Added support for ;auth=<mech> in the URLSteve Holme
Added support for specifying the preferred authentication mechanism in the URL as per RFC-5092.
2013-04-12imap: Added function description to imap_parse_custom_request()Steve Holme
2013-04-12imap: Moved utility functions to end of imap.c (Part 3/3)Steve Holme
Moved imap_is_bchar() be with the other utility based functions.
2013-04-12imap: Moved utility functions to end of imap.c (Part 2/3)Steve Holme
Moved imap_parse_url_path() and imap_parse_custom_request() to the end of the file allowing all utility functions to be grouped together.
2013-04-12imap: Moved utility functions to end of imap.c (Part 1/3)Steve Holme
Moved imap_atom() and imap_sendf() to the end of the file allowing all utility functions to be grouped together.
2013-04-12imap: Corrected function description for imap_connect()Steve Holme
2013-03-17imap: Fixed incorrect initial response generation for SASL AUTHENTICATESteve Holme
Fixed incorrect initial response generation for the NTLM and LOGIN SASL authentication mechanisms when the SASL-IR was detected. Introduced in commit: 6da7dc026c14.
2013-03-10imap: Reworked some function descriptionsSteve Holme
2013-03-10imap: Added some missing comments to imap_sendf()Steve Holme
2013-03-09email: Removed hard returns from init functionsSteve Holme