1
0
mirror of https://github.com/moparisthebest/curl synced 2025-01-06 11:28:07 -05:00

pop3: Fixed APOP being determined by CAPA response rather than by timestamp

This commit replaces that of 9f260b5d66 because according to RFC-2449,
section 6, there is no APOP capability "...even though APOP is an
optional command in [POP3].  Clients discover server support of APOP by
the presence in the greeting banner of an initial challenge enclosed in
angle brackets."
This commit is contained in:
Steve Holme 2013-12-24 16:32:48 +00:00
parent 82bf8edff3
commit 6f2d5f0562
3 changed files with 32 additions and 27 deletions

View File

@ -15,7 +15,7 @@ This release includes the following changes:
This release includes the following bugfixes: This release includes the following bugfixes:
o curl_easy_setopt: Fixed OAuth 2.0 Bearer option name [1] o curl_easy_setopt: Fixed OAuth 2.0 Bearer option name [1]
o pop3: Fixed selection of APOP when server replies with an invalid timestamp o pop3: pop3: Fixed APOP being determined by CAPA response rather than by timestamp
o o
This release includes the following known bugs: This release includes the following known bugs:

View File

@ -561,8 +561,7 @@ static CURLcode pop3_perform_authentication(struct connectdata *conn)
} }
#ifndef CURL_DISABLE_CRYPTO_AUTH #ifndef CURL_DISABLE_CRYPTO_AUTH
else if((pop3c->authtypes & POP3_TYPE_APOP) && else if((pop3c->authtypes & POP3_TYPE_APOP) &&
(pop3c->preftype & POP3_TYPE_APOP) && (pop3c->preftype & POP3_TYPE_APOP))
(pop3c->apoptimestamp))
/* Perform APOP authentication */ /* Perform APOP authentication */
result = pop3_perform_apop(conn); result = pop3_perform_apop(conn);
#endif #endif
@ -658,8 +657,9 @@ static CURLcode pop3_state_servergreet_resp(struct connectdata *conn,
result = CURLE_FTP_WEIRD_SERVER_REPLY; result = CURLE_FTP_WEIRD_SERVER_REPLY;
} }
else { else {
/* Look for the APOP timestamp */ /* Does the server support APOP authentication? */
if(len >= 4 && line[len - 2] == '>') { if(len >= 4 && line[len - 2] == '>') {
/* Look for the APOP timestamp */
for(i = 3; i < len - 2; ++i) { for(i = 3; i < len - 2; ++i) {
if(line[i] == '<') { if(line[i] == '<') {
/* Calculate the length of the timestamp */ /* Calculate the length of the timestamp */
@ -676,6 +676,9 @@ static CURLcode pop3_state_servergreet_resp(struct connectdata *conn,
/* Copy the timestamp */ /* Copy the timestamp */
memcpy(pop3c->apoptimestamp, line + i, timestamplen); memcpy(pop3c->apoptimestamp, line + i, timestamplen);
pop3c->apoptimestamp[timestamplen] = '\0'; pop3c->apoptimestamp[timestamplen] = '\0';
/* Store the APOP capability */
pop3c->authtypes |= POP3_TYPE_APOP;
break; break;
} }
} }
@ -710,10 +713,6 @@ static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code,
else if(len >= 4 && !memcmp(line, "USER", 4)) else if(len >= 4 && !memcmp(line, "USER", 4))
pop3c->authtypes |= POP3_TYPE_CLEARTEXT; pop3c->authtypes |= POP3_TYPE_CLEARTEXT;
/* Does the server support APOP authentication? */
else if(len >= 4 && !memcmp(line, "APOP", 4))
pop3c->authtypes |= POP3_TYPE_APOP;
/* Does the server support SASL based authentication? */ /* Does the server support SASL based authentication? */
else if(len >= 5 && !memcmp(line, "SASL ", 5)) { else if(len >= 5 && !memcmp(line, "SASL ", 5)) {
pop3c->authtypes |= POP3_TYPE_SASL; pop3c->authtypes |= POP3_TYPE_SASL;
@ -1201,8 +1200,7 @@ static CURLcode pop3_state_auth_cancel_resp(struct connectdata *conn,
} }
#ifndef CURL_DISABLE_CRYPTO_AUTH #ifndef CURL_DISABLE_CRYPTO_AUTH
else if((pop3c->authtypes & POP3_TYPE_APOP) && else if((pop3c->authtypes & POP3_TYPE_APOP) &&
(pop3c->preftype & POP3_TYPE_APOP) && (pop3c->preftype & POP3_TYPE_APOP))
(pop3c->apoptimestamp))
/* Perform APOP authentication */ /* Perform APOP authentication */
result = pop3_perform_apop(conn); result = pop3_perform_apop(conn);
#endif #endif

View File

@ -1707,32 +1707,39 @@ my $username;
sub CAPA_pop3 { sub CAPA_pop3 {
my ($testno) = @_; my ($testno) = @_;
my @list = ();
my $mechs;
if((!@capabilities) && (!@auth_mechs)) { # Calculate the capability list based on the specified capabilities
# (except APOP) and any authentication mechanisms
for my $c (@capabilities) {
push @list, "$c\r\n" unless $c eq "APOP";
}
for my $am (@auth_mechs) {
if(!$mechs) {
$mechs = "$am";
}
else {
$mechs .= " $am";
}
}
if($mechs) {
push @list, "SASL $mechs\r\n";
}
if(!@list) {
sendcontrol "-ERR Unrecognized command\r\n"; sendcontrol "-ERR Unrecognized command\r\n";
} }
else { else {
my @data = (); my @data = ();
my $mechs;
# Calculate the CAPA response # Calculate the CAPA response
push @data, "+OK List of capabilities follows\r\n"; push @data, "+OK List of capabilities follows\r\n";
for my $c (@capabilities) { for my $l (@list) {
push @data, "$c\r\n"; push @data, "$l\r\n";
}
for my $am (@auth_mechs) {
if(!$mechs) {
$mechs = "$am";
}
else {
$mechs .= " $am";
}
}
if($mechs) {
push @data, "SASL $mechs\r\n";
} }
push @data, "IMPLEMENTATION POP3 pingpong test server\r\n"; push @data, "IMPLEMENTATION POP3 pingpong test server\r\n";