1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-21 23:58:49 -05:00

imap: Added support for ;auth=<mech> in the URL

Added support for specifying the preferred authentication mechanism in
the URL as per RFC-5092.
This commit is contained in:
Steve Holme 2013-04-13 15:58:15 +01:00
parent 3f7188dd94
commit 00045a3009
2 changed files with 66 additions and 5 deletions

View File

@ -99,6 +99,7 @@ static CURLcode imap_doing(struct connectdata *conn, bool *dophase_done);
static CURLcode imap_setup_connection(struct connectdata *conn);
static char *imap_atom(const char *str);
static CURLcode imap_sendf(struct connectdata *conn, const char *fmt, ...);
static CURLcode imap_parse_url_options(struct connectdata *conn);
static CURLcode imap_parse_url_path(struct connectdata *conn);
static CURLcode imap_parse_custom_request(struct connectdata *conn);
@ -542,12 +543,14 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn)
/* Calculate the supported authentication mechanism by decreasing order of
security */
#ifndef CURL_DISABLE_CRYPTO_AUTH
if(imapc->authmechs & SASL_MECH_DIGEST_MD5) {
if((imapc->authmechs & SASL_MECH_DIGEST_MD5) &&
(imapc->prefmech & SASL_MECH_DIGEST_MD5)) {
mech = "DIGEST-MD5";
state1 = IMAP_AUTHENTICATE_DIGESTMD5;
imapc->authused = SASL_MECH_DIGEST_MD5;
}
else if(imapc->authmechs & SASL_MECH_CRAM_MD5) {
else if((imapc->authmechs & SASL_MECH_CRAM_MD5) &&
(imapc->prefmech & SASL_MECH_CRAM_MD5)) {
mech = "CRAM-MD5";
state1 = IMAP_AUTHENTICATE_CRAMMD5;
imapc->authused = SASL_MECH_CRAM_MD5;
@ -555,7 +558,8 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn)
else
#endif
#ifdef USE_NTLM
if(imapc->authmechs & SASL_MECH_NTLM) {
if((imapc->authmechs & SASL_MECH_NTLM) &&
(imapc->prefmech & SASL_MECH_NTLM)) {
mech = "NTLM";
state1 = IMAP_AUTHENTICATE_NTLM;
state2 = IMAP_AUTHENTICATE_NTLM_TYPE2MSG;
@ -568,7 +572,8 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn)
}
else
#endif
if(imapc->authmechs & SASL_MECH_LOGIN) {
if((imapc->authmechs & SASL_MECH_LOGIN) &&
(imapc->prefmech & SASL_MECH_LOGIN)) {
mech = "LOGIN";
state1 = IMAP_AUTHENTICATE_LOGIN;
state2 = IMAP_AUTHENTICATE_LOGIN_PASSWD;
@ -578,7 +583,8 @@ static CURLcode imap_perform_authenticate(struct connectdata *conn)
result = Curl_sasl_create_login_message(conn->data, conn->user,
&initresp, &len);
}
else if(imapc->authmechs & SASL_MECH_PLAIN) {
else if((imapc->authmechs & SASL_MECH_PLAIN) &&
(imapc->prefmech & SASL_MECH_PLAIN)) {
mech = "PLAIN";
state1 = IMAP_AUTHENTICATE_PLAIN;
state2 = IMAP_AUTHENTICATE_FINAL;
@ -1717,9 +1723,17 @@ static CURLcode imap_connect(struct connectdata *conn, bool *done)
pp->endofresp = imap_endofresp;
pp->conn = conn;
/* Set the default preferred authentication mechanism */
imapc->prefmech = SASL_AUTH_ANY;
/* Initialise the pingpong layer */
Curl_pp_init(pp);
/* Parse the URL options */
result = imap_parse_url_options(conn);
if(result)
return result;
/* Start off waiting for the server greeting response */
state(conn, IMAP_SERVERGREET);
@ -2185,6 +2199,52 @@ static bool imap_is_bchar(char ch)
}
}
/***********************************************************************
*
* imap_parse_url_options()
*
* Parse the URL login options.
*/
static CURLcode imap_parse_url_options(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct imap_conn *imapc = &conn->proto.imapc;
const char *options = conn->options;
const char *ptr = options;
if(options) {
const char *key = ptr;
while(*ptr && *ptr != '=')
ptr++;
if(strnequal(key, "AUTH", 4)) {
const char *value = ptr + 1;
if(strequal(value, "*"))
imapc->prefmech = SASL_AUTH_ANY;
else if(strequal(value, "LOGIN"))
imapc->prefmech = SASL_MECH_LOGIN;
else if(strequal(value, "PLAIN"))
imapc->prefmech = SASL_MECH_PLAIN;
else if(strequal(value, "CRAM-MD5"))
imapc->prefmech = SASL_MECH_CRAM_MD5;
else if(strequal(value, "DIGEST-MD5"))
imapc->prefmech = SASL_MECH_DIGEST_MD5;
else if(strequal(value, "GSSAPI"))
imapc->prefmech = SASL_MECH_GSSAPI;
else if(strequal(value, "NTLM"))
imapc->prefmech = SASL_MECH_NTLM;
else
imapc->prefmech = SASL_AUTH_NONE;
}
else
result = CURLE_URL_MALFORMAT;
}
return result;
}
/***********************************************************************
*
* imap_parse_url_path()

View File

@ -76,6 +76,7 @@ struct imap_conn {
imapstate state; /* Always use imap.c:state() to change state! */
bool ssldone; /* Is connect() over SSL done? */
unsigned int authmechs; /* Accepted authentication mechanisms */
unsigned int prefmech; /* Preferred authentication mechanism */
unsigned int authused; /* Auth mechanism used for the connection */
int cmdid; /* Last used command ID */
char resptag[5]; /* Response tag to wait for */