Age | Commit message (Collapse) | Author |
|
Added support for downgrading the SASL authentication mechanism when the
decoding of CRAM-MD5, DIGEST-MD5 and NTLM messages fails. This enhances
the previously added support for graceful cancellation by allowing the
client to retry a lesser SASL mechanism such as LOGIN or PLAIN, or even
APOP / clear text (in the case of POP3 and IMAP) when supported by the
server.
|
|
|
|
|
|
In preparation for the upcoming SASL downgrade feature renamed the
imap__perform_authenticate(), pop3__perform_authenticate() and
smtp__perform_authenticate() functions.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Should a client application fail to decode an authentication message
received from a server, or not support any of the parameters given by
the server in the message, then the authentication phrase should be
cancelled gracefully by the client rather than simply terminating the
connection.
The authentication phrase should be cancelled by simply sending a '*'
to the server, in response to erroneous data being received, as per
RFC-3501, RFC-4954 and RFC-5034.
This patch adds the necessary state machine constants and appropriate
response handlers in order to add this functionality for the CRAM-MD5,
DIGEST-MD5 and NTLM authentication mechanisms.
|
|
...in preparation for upcoming modifications.
|
|
|
|
|
|
Moved the standard SASL mechanism strings into curl_sasl.h rather than
hard coding the same values over and over again in the protocols that
use SASL authentication.
For more information about the mechanism strings see:
http://www.iana.org/assignments/sasl-mechanisms
|
|
Added the ability to use an XOAUTH2 bearer token [RFC6750] with POP3 for
authentication using RFC6749 "OAuth 2.0 Authorization Framework".
The bearer token is expected to be valid for the user specified in
conn->user. If CURLOPT_XOAUTH2_BEARER is defined and the connection has
an advertised auth mechanism of "XOAUTH2", the user and access token are
formatted as a base64 encoded string and sent to the server as
"AUTH XOAUTH2 <bearer token>".
|
|
Don't wait for the next callback call (usually 1 second) before
continuing with protocol specific connection initialization.
|
|
All protocol handler structs are now opaque (void *) in the
SessionHandle struct and moved in the request-specific sub-struct
'SingleRequest'. The intension is to keep the protocol specific
knowledge in their own dedicated source files [protocol].c etc.
There's some "leakage" where this policy is violated, to be addressed at
a later point in time.
|
|
1 - always allocate the struct in protocol->setup_connection. Some
protocol handlers had to get this function added.
2 - always free at the end of a request. This is also an attempt to keep
less memory in the handle after it is completed.
|
|
|
|
|
|
|
|
Removed the hard returns from imap and pop3 by using the same style for
sending the authentication string as smtp. Moved the "Other mechanisms
not supported" check in smtp to match that of imap and pop3 to provide
consistency between the three email protocols.
|
|
Added 255 octet limit check as per Section 4. Paragraph 8 of RFC-5034.
|
|
Allowed the user to specify whether to send the client's intial response
in the AUTH command via CURLOPT_SASL_IR.
|
|
|
|
Updated the coding style, in this function, to be consistent with other
response functions rather then performing a hard return on failure.
|
|
Standardised the naming of all perform based functions to be in the form
pop3_perform_something() following the changes made to IMAP.
|
|
|
|
|
|
Started to apply the same tidy up to the POP3 code as applied to the
IMAP code in the 7.30.0 release.
|
|
Added support for specifying the preferred authentication type and SASL
mechanism in the URL as per RFC-2384.
|
|
|
|
|
|
|
|
Following commit e450f66a02d8 and the changes in the multi interface
being used internally, from 7.29.0, the transfer cancellation in
pop3_dophase_done() is no longer required.
|
|
Don't initiate a transfer when using --ftp-list.
|
|
|
|
Updated the function description comments following commit 4838d196fdbf.
|
|
Moved the blocking state machine to the disconnect functions so that the
logout / quit functions are only responsible for sending the actual
command needed to logout or quit.
Additionally removed the hard return on failure.
|
|
Added comments and simplified convoluted dophase_done comparison.
|
|
|
|
Removed unwanted braces and added variable initialisation.
|
|
Optimised the result test in each of the block_statemach() functions.
|
|
Some state changes would be performed after a failure test that
performed a hard return, whilst others would be performed within a test
for success. Updated the code, for consistency, so all instances are
performed within a success test.
|
|
Updated pop3 code following recent imap changes.
|
|
Small tidy up to keep some comments consistant across each of the email
protocols.
|
|
|
|
Following commit afad1ce753a1 corrected the debug message in state()
from AUTH to AUTH_FINAL.
|