1
0
mirror of https://github.com/moparisthebest/curl synced 2024-12-22 08:08:50 -05:00

ftpserver: Reworked AUTH support to allow for specifying the mechanisms

Renamed SUPPORTAUTH to AUTH and added support for specifying a list of
supported SASL mechanisms to return to the client.

Additionally added the directive to the FILEFORMAT document.
This commit is contained in:
Steve Holme 2013-09-08 21:46:32 +01:00
parent 28427b4083
commit e8313697b6
2 changed files with 40 additions and 19 deletions

View File

@ -128,6 +128,9 @@ PASVBADIP
CAPA [capabilities] CAPA [capabilities]
- Enables support for and specifies a list of space separated capabilities to - Enables support for and specifies a list of space separated capabilities to
return to the client for the IMAP CAPABILITY and POP3 CAPA commands return to the client for the IMAP CAPABILITY and POP3 CAPA commands
AUTH [mechanisms]
- Enables support for SASL authentication and specifies a list of space
separated mechanisms for IMAP and POP3
For HTTP/HTTPS: For HTTP/HTTPS:
auth_required if this is set and a POST/PUT is made without auth, the auth_required if this is set and a POST/PUT is made without auth, the

View File

@ -139,7 +139,7 @@ my $nodataconn425; # set if ftp srvr doesn't establish data ch and replies 425
my $nodataconn421; # set if ftp srvr doesn't establish data ch and replies 421 my $nodataconn421; # set if ftp srvr doesn't establish data ch and replies 421
my $nodataconn150; # set if ftp srvr doesn't establish data ch and replies 150 my $nodataconn150; # set if ftp srvr doesn't establish data ch and replies 150
my @capabilities; # set if server supports capability commands my @capabilities; # set if server supports capability commands
my $support_auth; # set if server supports authentication command my @auth_mechs; # set if server supports authentication commands
my %customreply; # my %customreply; #
my %customcount; # my %customcount; #
my %delayreply; # my %delayreply; #
@ -778,7 +778,7 @@ sub fix_imap_params {
sub CAPABILITY_imap { sub CAPABILITY_imap {
my ($testno) = @_; my ($testno) = @_;
if(!$capabilities) { if((!$capabilities) && (!$auth_mechs)) {
sendcontrol "$cmdid BAD Command\r\n"; sendcontrol "$cmdid BAD Command\r\n";
} }
else { else {
@ -791,8 +791,8 @@ sub CAPABILITY_imap {
$data .= " $c"; $data .= " $c";
} }
if($support_auth) { for my $am (@auth_mechs) {
$data .= " AUTH=UNKNOWN"; $data .= " AUTH=$am";
} }
$data .= " pingpong test server\r\n"; $data .= " pingpong test server\r\n";
@ -1200,11 +1200,12 @@ sub LOGOUT_imap {
sub CAPA_pop3 { sub CAPA_pop3 {
my ($testno) = @_; my ($testno) = @_;
if(!$capabilities) { if((!$capabilities) && (!$auth_mechs)) {
sendcontrol "-ERR Unsupported command: 'CAPA'\r\n"; sendcontrol "-ERR Unsupported command: 'CAPA'\r\n";
} }
else { else {
my @data = (); my @data = ();
my $mechs;
# Calculate the CAPA response # Calculate the CAPA response
push @data, "+OK List of capabilities follows\r\n"; push @data, "+OK List of capabilities follows\r\n";
@ -1213,8 +1214,17 @@ sub CAPA_pop3 {
push @data, "$c\r\n"; push @data, "$c\r\n";
} }
if($support_auth) { for my $am (@auth_mechs) {
push @data, "SASL UNKNOWN\r\n"; if(!$mechs) {
$mechs = "$am";
}
else {
$mechs .= " $am";
}
}
if($mechs) {
push @data, "SASL $mechs\r\n";
} }
push @data, "IMPLEMENTATION POP3 pingpong test server\r\n"; push @data, "IMPLEMENTATION POP3 pingpong test server\r\n";
@ -1233,21 +1243,29 @@ sub CAPA_pop3 {
sub AUTH_pop3 { sub AUTH_pop3 {
my ($testno) = @_; my ($testno) = @_;
my @data = ();
if(!$support_auth) { if(!$auth_mechs) {
push @data, "-ERR Unsupported command: 'AUTH'\r\n"; sendcontrol "-ERR Unsupported command: 'AUTH'\r\n";
} }
else { else {
my @data = ();
# Calculate the AUTH response
push @data, "+OK List of supported mechanisms follows\r\n"; push @data, "+OK List of supported mechanisms follows\r\n";
push @data, "UNKNOWN\r\n";
push @data, ".\r\n"; for my $am (@auth_mechs) {
push @data, "$am\r\n";
} }
# Send the AUTH response
for my $d (@data) { for my $d (@data) {
sendcontrol $d; sendcontrol $d;
} }
# End with the magic 3-byte end of listing marker
sendcontrol ".\r\n";
}
return 0; return 0;
} }
@ -2146,7 +2164,7 @@ sub customize {
$nodataconn421 = 0; # default is to not send 421 without data channel $nodataconn421 = 0; # default is to not send 421 without data channel
$nodataconn150 = 0; # default is to not send 150 without data channel $nodataconn150 = 0; # default is to not send 150 without data channel
@capabilities = (); # default is to not support capability commands @capabilities = (); # default is to not support capability commands
$support_auth = 0; # default is to not support authentication command @auth_mechs = (); # default is to not support authentication commands
%customreply = (); # %customreply = (); #
%customcount = (); # %customcount = (); #
%delayreply = (); # %delayreply = (); #
@ -2215,9 +2233,9 @@ sub customize {
logmsg "FTPD: instructed to support CAPABILITY command\n"; logmsg "FTPD: instructed to support CAPABILITY command\n";
@capabilities = split(/ /, $1); @capabilities = split(/ /, $1);
} }
elsif($_ =~ /SUPPORTAUTH/) { elsif($_ =~ /AUTH (.*)/) {
logmsg "FTPD: instructed to support AUTHENTICATION command\n"; logmsg "FTPD: instructed to support AUTHENTICATION command\n";
$support_auth=1; @auth_mechs = split(/ /, $1);
} }
elsif($_ =~ /NOSAVE/) { elsif($_ =~ /NOSAVE/) {
# don't actually store the file we upload - to be used when # don't actually store the file we upload - to be used when