mirror of
https://github.com/moparisthebest/curl
synced 2024-12-22 08:08:50 -05:00
email: Added initial support for cancelling authentication
Should a client application fail to decode an authentication message received from a server, or not support any of the parameters given by the server in the message, then the authentication phrase should be cancelled gracefully by the client rather than simply terminating the connection. The authentication phrase should be cancelled by simply sending a '*' to the server, in response to erroneous data being received, as per RFC-3501, RFC-4954 and RFC-5034. This patch adds the necessary state machine constants and appropriate response handlers in order to add this functionality for the CRAM-MD5, DIGEST-MD5 and NTLM authentication mechanisms.
This commit is contained in:
parent
aa0eaef483
commit
7de4cc35f8
24
lib/imap.c
24
lib/imap.c
@ -426,6 +426,7 @@ static void state(struct connectdata *conn, imapstate newstate)
|
|||||||
"AUTHENTICATE_NTLM",
|
"AUTHENTICATE_NTLM",
|
||||||
"AUTHENTICATE_NTLM_TYPE2MSG",
|
"AUTHENTICATE_NTLM_TYPE2MSG",
|
||||||
"AUTHENTICATE_XOAUTH2",
|
"AUTHENTICATE_XOAUTH2",
|
||||||
|
"AUTHENTICATE_CANCEL",
|
||||||
"AUTHENTICATE_FINAL",
|
"AUTHENTICATE_FINAL",
|
||||||
"LOGIN",
|
"LOGIN",
|
||||||
"LIST",
|
"LIST",
|
||||||
@ -1287,7 +1288,7 @@ static CURLcode imap_state_auth_ntlm_type2msg_resp(struct connectdata *conn,
|
|||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* For AUTH XOAUTH2 (without initial response) responses */
|
/* For AUTHENTICATE XOAUTH2 (without initial response) responses */
|
||||||
static CURLcode imap_state_auth_xoauth2_resp(struct connectdata *conn,
|
static CURLcode imap_state_auth_xoauth2_resp(struct connectdata *conn,
|
||||||
int imapcode,
|
int imapcode,
|
||||||
imapstate instate)
|
imapstate instate)
|
||||||
@ -1325,7 +1326,22 @@ static CURLcode imap_state_auth_xoauth2_resp(struct connectdata *conn,
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* For final responses to the AUTHENTICATE sequence */
|
/* For AUTHENTICATE cancellation responses */
|
||||||
|
static CURLcode imap_state_auth_cancel_resp(struct connectdata *conn,
|
||||||
|
int imapcode,
|
||||||
|
imapstate instate)
|
||||||
|
{
|
||||||
|
struct SessionHandle *data = conn->data;
|
||||||
|
|
||||||
|
(void)imapcode;
|
||||||
|
(void)instate; /* no use for this yet */
|
||||||
|
|
||||||
|
failf(data, "Authentication cancelled");
|
||||||
|
|
||||||
|
return CURLE_LOGIN_DENIED;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* For final responses in the AUTHENTICATE sequence */
|
||||||
static CURLcode imap_state_auth_final_resp(struct connectdata *conn,
|
static CURLcode imap_state_auth_final_resp(struct connectdata *conn,
|
||||||
int imapcode,
|
int imapcode,
|
||||||
imapstate instate)
|
imapstate instate)
|
||||||
@ -1678,6 +1694,10 @@ static CURLcode imap_statemach_act(struct connectdata *conn)
|
|||||||
result = imap_state_auth_xoauth2_resp(conn, imapcode, imapc->state);
|
result = imap_state_auth_xoauth2_resp(conn, imapcode, imapc->state);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case IMAP_AUTHENTICATE_CANCEL:
|
||||||
|
result = imap_state_auth_cancel_resp(conn, imapcode, imapc->state);
|
||||||
|
break;
|
||||||
|
|
||||||
case IMAP_AUTHENTICATE_FINAL:
|
case IMAP_AUTHENTICATE_FINAL:
|
||||||
result = imap_state_auth_final_resp(conn, imapcode, imapc->state);
|
result = imap_state_auth_final_resp(conn, imapcode, imapc->state);
|
||||||
break;
|
break;
|
||||||
|
@ -44,6 +44,7 @@ typedef enum {
|
|||||||
IMAP_AUTHENTICATE_NTLM,
|
IMAP_AUTHENTICATE_NTLM,
|
||||||
IMAP_AUTHENTICATE_NTLM_TYPE2MSG,
|
IMAP_AUTHENTICATE_NTLM_TYPE2MSG,
|
||||||
IMAP_AUTHENTICATE_XOAUTH2,
|
IMAP_AUTHENTICATE_XOAUTH2,
|
||||||
|
IMAP_AUTHENTICATE_CANCEL,
|
||||||
IMAP_AUTHENTICATE_FINAL,
|
IMAP_AUTHENTICATE_FINAL,
|
||||||
IMAP_LOGIN,
|
IMAP_LOGIN,
|
||||||
IMAP_LIST,
|
IMAP_LIST,
|
||||||
|
22
lib/pop3.c
22
lib/pop3.c
@ -405,6 +405,7 @@ static void state(struct connectdata *conn, pop3state newstate)
|
|||||||
"AUTH_NTLM",
|
"AUTH_NTLM",
|
||||||
"AUTH_NTLM_TYPE2MSG",
|
"AUTH_NTLM_TYPE2MSG",
|
||||||
"AUTH_XOAUTH2",
|
"AUTH_XOAUTH2",
|
||||||
|
"AUTH_CANCEL",
|
||||||
"AUTH_FINAL",
|
"AUTH_FINAL",
|
||||||
"APOP",
|
"APOP",
|
||||||
"USER",
|
"USER",
|
||||||
@ -1182,7 +1183,22 @@ static CURLcode pop3_state_auth_xoauth2_resp(struct connectdata *conn,
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* For final responses to the AUTH sequence */
|
/* For AUTH cancellation responses */
|
||||||
|
static CURLcode pop3_state_auth_cancel_resp(struct connectdata *conn,
|
||||||
|
int pop3code,
|
||||||
|
pop3state instate)
|
||||||
|
{
|
||||||
|
struct SessionHandle *data = conn->data;
|
||||||
|
|
||||||
|
(void)pop3code;
|
||||||
|
(void)instate; /* no use for this yet */
|
||||||
|
|
||||||
|
failf(data, "Authentication cancelled");
|
||||||
|
|
||||||
|
return CURLE_LOGIN_DENIED;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* For final responses in the AUTH sequence */
|
||||||
static CURLcode pop3_state_auth_final_resp(struct connectdata *conn,
|
static CURLcode pop3_state_auth_final_resp(struct connectdata *conn,
|
||||||
int pop3code,
|
int pop3code,
|
||||||
pop3state instate)
|
pop3state instate)
|
||||||
@ -1404,6 +1420,10 @@ static CURLcode pop3_statemach_act(struct connectdata *conn)
|
|||||||
result = pop3_state_auth_xoauth2_resp(conn, pop3code, pop3c->state);
|
result = pop3_state_auth_xoauth2_resp(conn, pop3code, pop3c->state);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case POP3_AUTH_CANCEL:
|
||||||
|
result = pop3_state_auth_cancel_resp(conn, pop3code, pop3c->state);
|
||||||
|
break;
|
||||||
|
|
||||||
case POP3_AUTH_FINAL:
|
case POP3_AUTH_FINAL:
|
||||||
result = pop3_state_auth_final_resp(conn, pop3code, pop3c->state);
|
result = pop3_state_auth_final_resp(conn, pop3code, pop3c->state);
|
||||||
break;
|
break;
|
||||||
|
@ -44,6 +44,7 @@ typedef enum {
|
|||||||
POP3_AUTH_NTLM,
|
POP3_AUTH_NTLM,
|
||||||
POP3_AUTH_NTLM_TYPE2MSG,
|
POP3_AUTH_NTLM_TYPE2MSG,
|
||||||
POP3_AUTH_XOAUTH2,
|
POP3_AUTH_XOAUTH2,
|
||||||
|
POP3_AUTH_CANCEL,
|
||||||
POP3_AUTH_FINAL,
|
POP3_AUTH_FINAL,
|
||||||
POP3_APOP,
|
POP3_APOP,
|
||||||
POP3_USER,
|
POP3_USER,
|
||||||
|
22
lib/smtp.c
22
lib/smtp.c
@ -363,6 +363,7 @@ static void state(struct connectdata *conn, smtpstate newstate)
|
|||||||
"AUTH_NTLM",
|
"AUTH_NTLM",
|
||||||
"AUTH_NTLM_TYPE2MSG",
|
"AUTH_NTLM_TYPE2MSG",
|
||||||
"AUTH_XOAUTH2",
|
"AUTH_XOAUTH2",
|
||||||
|
"AUTH_CANCEL",
|
||||||
"AUTH_FINAL",
|
"AUTH_FINAL",
|
||||||
"MAIL",
|
"MAIL",
|
||||||
"RCPT",
|
"RCPT",
|
||||||
@ -1163,7 +1164,22 @@ static CURLcode smtp_state_auth_xoauth2_resp(struct connectdata *conn,
|
|||||||
return result;
|
return result;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* For the final responses to the AUTH sequence */
|
/* For AUTH cancellation responses */
|
||||||
|
static CURLcode smtp_state_auth_cancel_resp(struct connectdata *conn,
|
||||||
|
int smtpcode,
|
||||||
|
smtpstate instate)
|
||||||
|
{
|
||||||
|
struct SessionHandle *data = conn->data;
|
||||||
|
|
||||||
|
(void)smtpcode;
|
||||||
|
(void)instate; /* no use for this yet */
|
||||||
|
|
||||||
|
failf(data, "Authentication cancelled");
|
||||||
|
|
||||||
|
return CURLE_LOGIN_DENIED;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* For final responses in the AUTH sequence */
|
||||||
static CURLcode smtp_state_auth_final_resp(struct connectdata *conn,
|
static CURLcode smtp_state_auth_final_resp(struct connectdata *conn,
|
||||||
int smtpcode,
|
int smtpcode,
|
||||||
smtpstate instate)
|
smtpstate instate)
|
||||||
@ -1375,6 +1391,10 @@ static CURLcode smtp_statemach_act(struct connectdata *conn)
|
|||||||
result = smtp_state_auth_xoauth2_resp(conn, smtpcode, smtpc->state);
|
result = smtp_state_auth_xoauth2_resp(conn, smtpcode, smtpc->state);
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case SMTP_AUTH_CANCEL:
|
||||||
|
result = smtp_state_auth_cancel_resp(conn, smtpcode, smtpc->state);
|
||||||
|
break;
|
||||||
|
|
||||||
case SMTP_AUTH_FINAL:
|
case SMTP_AUTH_FINAL:
|
||||||
result = smtp_state_auth_final_resp(conn, smtpcode, smtpc->state);
|
result = smtp_state_auth_final_resp(conn, smtpcode, smtpc->state);
|
||||||
break;
|
break;
|
||||||
|
@ -45,6 +45,7 @@ typedef enum {
|
|||||||
SMTP_AUTH_NTLM,
|
SMTP_AUTH_NTLM,
|
||||||
SMTP_AUTH_NTLM_TYPE2MSG,
|
SMTP_AUTH_NTLM_TYPE2MSG,
|
||||||
SMTP_AUTH_XOAUTH2,
|
SMTP_AUTH_XOAUTH2,
|
||||||
|
SMTP_AUTH_CANCEL,
|
||||||
SMTP_AUTH_FINAL,
|
SMTP_AUTH_FINAL,
|
||||||
SMTP_MAIL, /* MAIL FROM */
|
SMTP_MAIL, /* MAIL FROM */
|
||||||
SMTP_RCPT, /* RCPT TO */
|
SMTP_RCPT, /* RCPT TO */
|
||||||
|
Loading…
Reference in New Issue
Block a user