1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00

imap: Added support for SASL-IR extension (Part 2)

Modified imap_authenticate() to add support for sending the initial
response with the AUTHENTICATE command, as per RFC4959.
This commit is contained in:
Steve Holme 2013-02-07 21:06:53 +00:00
parent e07385f853
commit 6da7dc026c

View File

@ -523,19 +523,22 @@ static CURLcode imap_authenticate(struct connectdata *conn)
CURLcode result = CURLE_OK; CURLcode result = CURLE_OK;
struct imap_conn *imapc = &conn->proto.imapc; struct imap_conn *imapc = &conn->proto.imapc;
const char *mech = NULL; const char *mech = NULL;
imapstate authstate = IMAP_STOP; char *initresp = NULL;
size_t len = 0;
imapstate authstate1 = IMAP_STOP;
imapstate authstate2 = IMAP_STOP;
/* Calculate the supported authentication mechanism by decreasing order of /* Calculate the supported authentication mechanism by decreasing order of
security */ security */
#ifndef CURL_DISABLE_CRYPTO_AUTH #ifndef CURL_DISABLE_CRYPTO_AUTH
if(imapc->authmechs & SASL_MECH_DIGEST_MD5) { if(imapc->authmechs & SASL_MECH_DIGEST_MD5) {
mech = "DIGEST-MD5"; mech = "DIGEST-MD5";
authstate = IMAP_AUTHENTICATE_DIGESTMD5; authstate1 = IMAP_AUTHENTICATE_DIGESTMD5;
imapc->authused = SASL_MECH_DIGEST_MD5; imapc->authused = SASL_MECH_DIGEST_MD5;
} }
else if(imapc->authmechs & SASL_MECH_CRAM_MD5) { else if(imapc->authmechs & SASL_MECH_CRAM_MD5) {
mech = "CRAM-MD5"; mech = "CRAM-MD5";
authstate = IMAP_AUTHENTICATE_CRAMMD5; authstate1 = IMAP_AUTHENTICATE_CRAMMD5;
imapc->authused = SASL_MECH_CRAM_MD5; imapc->authused = SASL_MECH_CRAM_MD5;
} }
else else
@ -543,28 +546,56 @@ static CURLcode imap_authenticate(struct connectdata *conn)
#ifdef USE_NTLM #ifdef USE_NTLM
if(imapc->authmechs & SASL_MECH_NTLM) { if(imapc->authmechs & SASL_MECH_NTLM) {
mech = "NTLM"; mech = "NTLM";
authstate = IMAP_AUTHENTICATE_NTLM; authstate1 = IMAP_AUTHENTICATE_NTLM;
authstate2 = IMAP_AUTHENTICATE_NTLM_TYPE2MSG;
imapc->authused = SASL_MECH_NTLM; imapc->authused = SASL_MECH_NTLM;
if(imapc->ir_supported)
result = Curl_sasl_create_login_message(conn->data, conn->user,
&initresp, &len);
} }
else else
#endif #endif
if(imapc->authmechs & SASL_MECH_LOGIN) { if(imapc->authmechs & SASL_MECH_LOGIN) {
mech = "LOGIN"; mech = "LOGIN";
authstate = IMAP_AUTHENTICATE_LOGIN; authstate1 = IMAP_AUTHENTICATE_LOGIN;
authstate2 = IMAP_AUTHENTICATE_LOGIN_PASSWD;
imapc->authused = SASL_MECH_LOGIN; imapc->authused = SASL_MECH_LOGIN;
if(imapc->ir_supported)
result = Curl_sasl_create_plain_message(conn->data, conn->user,
conn->passwd, &initresp, &len);
} }
else if(imapc->authmechs & SASL_MECH_PLAIN) { else if(imapc->authmechs & SASL_MECH_PLAIN) {
mech = "PLAIN"; mech = "PLAIN";
authstate = IMAP_AUTHENTICATE_PLAIN; authstate1 = IMAP_AUTHENTICATE_PLAIN;
authstate2 = IMAP_AUTHENTICATE;
imapc->authused = SASL_MECH_PLAIN; imapc->authused = SASL_MECH_PLAIN;
if(imapc->ir_supported)
result = Curl_sasl_create_plain_message(conn->data, conn->user,
conn->passwd, &initresp, &len);
} }
if(mech) { if(result)
/* Perform SASL based authentication */ return result;
result = imap_sendf(conn, "AUTHENTICATE %s", mech);
if(!result) if(mech) {
state(conn, authstate); if(initresp) {
/* Perform SASL based authentication */
result = imap_sendf(conn, "AUTHENTICATE %s %s", mech, initresp);
if(!result)
state(conn, authstate2);
}
else {
result = imap_sendf(conn, "AUTHENTICATE %s", mech);
if(!result)
state(conn, authstate1);
}
Curl_safefree(initresp);
} }
else if(!imapc->login_disabled) else if(!imapc->login_disabled)
/* Perform clear text authentication */ /* Perform clear text authentication */