From de97b5fcefb110f3f34338b8292652340ddb1f63 Mon Sep 17 00:00:00 2001 From: Patrick Monnerat Date: Wed, 21 Feb 2018 17:42:25 +0100 Subject: [PATCH] sasl: prefer PLAIN mechanism over LOGIN SASL PLAIN is a standard, LOGIN only a draft. The LOGIN draft says PLAIN should be used instead if available. --- lib/curl_sasl.c | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index 550433d67..7052bd913 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012 - 2017, Daniel Stenberg, , et al. + * Copyright (C) 2012 - 2018, Daniel Stenberg, , et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -361,15 +361,6 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, conn->oauth_bearer, &resp, &len); } - else if(enabledmechs & SASL_MECH_LOGIN) { - mech = SASL_MECH_STRING_LOGIN; - state1 = SASL_LOGIN; - state2 = SASL_LOGIN_PASSWD; - sasl->authused = SASL_MECH_LOGIN; - - if(force_ir || data->set.sasl_ir) - result = Curl_auth_create_login_message(data, conn->user, &resp, &len); - } else if(enabledmechs & SASL_MECH_PLAIN) { mech = SASL_MECH_STRING_PLAIN; state1 = SASL_PLAIN; @@ -379,6 +370,15 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, result = Curl_auth_create_plain_message(data, conn->user, conn->passwd, &resp, &len); } + else if(enabledmechs & SASL_MECH_LOGIN) { + mech = SASL_MECH_STRING_LOGIN; + state1 = SASL_LOGIN; + state2 = SASL_LOGIN_PASSWD; + sasl->authused = SASL_MECH_LOGIN; + + if(force_ir || data->set.sasl_ir) + result = Curl_auth_create_login_message(data, conn->user, &resp, &len); + } } if(!result && mech) {