moparisthebest/curl
1
0
Fork 0
mirror of https://github.com/moparisthebest/curl synced 2025-02-28 09:21:50 -05:00
Code Issues Releases Wiki Activity

sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616

Browse Source 
RFC 4616 specifies the authzid is optional in the client authentication
message and that the server will derive the authorisation identity
(authzid) from the authentication identity (authcid) when not specified
by the client.
This commit is contained in:
Steve Holme 2019-04-18 21:54:35 +01:00
parent b21701c54b
commit eb84ca3ea8
16 changed files with 29 additions and 29 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/curl_sasl.c
View File

@ -367,7 +367,7 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
sasl->authused = SASL_MECH_PLAIN;
if(force_ir || data->set.sasl_ir)
result = Curl_auth_create_plain_message(data, conn->user, conn->user,
result = Curl_auth_create_plain_message(data, NULL, conn->user,
conn->passwd, &resp, &len);
}
else if(enabledmechs & SASL_MECH_LOGIN) {
@ -450,7 +450,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
*progress = SASL_DONE;
return result;
case SASL_PLAIN:
result = Curl_auth_create_plain_message(data, conn->user, conn->user,
result = Curl_auth_create_plain_message(data, NULL, conn->user,
conn->passwd, &resp, &len);
break;
case SASL_LOGIN:

4
tests/data/test819
View File

@ -14,7 +14,7 @@ RFC4616
<servercmd>
AUTH PLAIN
REPLY AUTHENTICATE +
REPLY dXNlcgB1c2VyAHNlY3JldA== A002 OK AUTHENTICATE completed
REPLY AHVzZXIAc2VjcmV0 A002 OK AUTHENTICATE completed
</servercmd>
<data>
From: me@somewhere
@ -47,7 +47,7 @@ IMAP plain authentication
<protocol>
A001 CAPABILITY
A002 AUTHENTICATE PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
A003 SELECT 819
A004 FETCH 1 BODY[]
A005 LOGOUT

2
tests/data/test825
View File

@ -47,7 +47,7 @@ IMAP plain authentication with initial response
<verify>
<protocol>
A001 CAPABILITY
A002 AUTHENTICATE PLAIN dXNlcgB1c2VyAHNlY3JldA==
A002 AUTHENTICATE PLAIN AHVzZXIAc2VjcmV0
A003 SELECT 825
A004 FETCH 1 BODY[]
A005 LOGOUT

4
tests/data/test833
View File

@ -18,7 +18,7 @@ AUTH CRAM-MD5 PLAIN
REPLY "AUTHENTICATE CRAM-MD5" + Rubbish
REPLY * A002 NO AUTH exchange cancelled by client
REPLY "AUTHENTICATE PLAIN" +
REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
</servercmd>
<data>
From: me@somewhere
@ -56,7 +56,7 @@ A001 CAPABILITY
A002 AUTHENTICATE CRAM-MD5
*
A003 AUTHENTICATE PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
A004 SELECT 833
A005 FETCH 1 BODY[]
A006 LOGOUT

4
tests/data/test834
View File

@ -18,7 +18,7 @@ REPLY "AUTHENTICATE NTLM" +
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish
REPLY * A002 NO AUTH exchange cancelled by client
REPLY "AUTHENTICATE PLAIN" +
REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
</servercmd>
<data>
From: me@somewhere
@ -67,7 +67,7 @@ A002 AUTHENTICATE NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
*
A003 AUTHENTICATE PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
A004 SELECT 834
A005 FETCH 1 BODY[]
A006 LOGOUT

4
tests/data/test835
View File

@ -18,7 +18,7 @@ AUTH DIGEST-MD5 PLAIN
REPLY "AUTHENTICATE DIGEST-MD5" + Rubbish
REPLY * A002 NO AUTH exchange cancelled by client
REPLY "AUTHENTICATE PLAIN" +
REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
</servercmd>
<data>
From: me@somewhere
@ -58,7 +58,7 @@ A001 CAPABILITY
A002 AUTHENTICATE DIGEST-MD5
*
A003 AUTHENTICATE PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
A004 SELECT 835
A005 FETCH 1 BODY[]
A006 LOGOUT

4
tests/data/test865
View File

@ -16,7 +16,7 @@ RFC5034
<servercmd>
AUTH PLAIN
REPLY AUTH +
REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
REPLY AHVzZXIAc2VjcmV0 +OK Login successful
</servercmd>
<data>
From: me@somewhere
@ -49,7 +49,7 @@ pop3://%HOSTIP:%POP3PORT/865 -u user:secret
<protocol>
CAPA
AUTH PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
RETR 865
QUIT
</protocol>

2
tests/data/test871
View File

@ -48,7 +48,7 @@ pop3://%HOSTIP:%POP3PORT/871 -u user:secret --sasl-ir
<verify>
<protocol>
CAPA
AUTH PLAIN dXNlcgB1c2VyAHNlY3JldA==
AUTH PLAIN AHVzZXIAc2VjcmV0
RETR 871
QUIT
</protocol>

4
tests/data/test879
View File

@ -20,7 +20,7 @@ AUTH CRAM-MD5 PLAIN
REPLY "AUTH CRAM-MD5" + Rubbish
REPLY * -ERR AUTH exchange cancelled by client
REPLY "AUTH PLAIN" +
REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
REPLY AHVzZXIAc2VjcmV0 +OK Login successful
</servercmd>
<data>
From: me@somewhere
@ -58,7 +58,7 @@ CAPA
AUTH CRAM-MD5
*
AUTH PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
RETR 879
QUIT
</protocol>

4
tests/data/test880
View File

@ -20,7 +20,7 @@ REPLY "AUTH NTLM" +
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish
REPLY * -ERR AUTH exchange cancelled by client
REPLY "AUTH PLAIN" +
REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
REPLY AHVzZXIAc2VjcmV0 +OK Login successful
</servercmd>
<data>
From: me@somewhere
@ -69,7 +69,7 @@ AUTH NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
*
AUTH PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
RETR 880
QUIT
</protocol>

4
tests/data/test881
View File

@ -20,7 +20,7 @@ AUTH DIGEST-MD5 PLAIN
REPLY "AUTH DIGEST-MD5" + Rubbish
REPLY * -ERR AUTH exchange cancelled by client
REPLY "AUTH PLAIN" +
REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
REPLY AHVzZXIAc2VjcmV0 +OK Login successful
</servercmd>
<data>
From: me@somewhere
@ -60,7 +60,7 @@ CAPA
AUTH DIGEST-MD5
*
AUTH PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
RETR 881
QUIT
</protocol>

4
tests/data/test903
View File

@ -15,7 +15,7 @@ RFC4954
<servercmd>
AUTH PLAIN
REPLY AUTH 334 PLAIN supported
REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
REPLY AHVzZXIAc2VjcmV0 235 Authenticated
</servercmd>
</reply>
@ -42,7 +42,7 @@ smtp://%HOSTIP:%SMTPPORT/903 --mail-rcpt recipient@example.com --mail-from sende
<protocol>
EHLO 903
AUTH PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA

2
tests/data/test919
View File

@ -41,7 +41,7 @@ smtp://%HOSTIP:%SMTPPORT/919 --mail-rcpt recipient@example.com --mail-from sende
<verify>
<protocol>
EHLO 919
AUTH PLAIN dXNlcgB1c2VyAHNlY3JldA==
AUTH PLAIN AHVzZXIAc2VjcmV0
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA

4
tests/data/test935
View File

@ -19,7 +19,7 @@ AUTH CRAM-MD5 PLAIN
REPLY "AUTH CRAM-MD5" 334 Rubbish
REPLY * 501 AUTH exchange cancelled by client
REPLY "AUTH PLAIN" 334 PLAIN supported
REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
REPLY AHVzZXIAc2VjcmV0 235 Authenticated
</servercmd>
</reply>
@ -51,7 +51,7 @@ EHLO 935
AUTH CRAM-MD5
*
AUTH PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA

4
tests/data/test936
View File

@ -19,7 +19,7 @@ REPLY "AUTH NTLM" 334 NTLM supported
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 334 Rubbish
REPLY * 501 AUTH exchange cancelled by client
REPLY "AUTH PLAIN" 334 PLAIN supported
REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
REPLY AHVzZXIAc2VjcmV0 235 Authenticated
</servercmd>
</reply>
@ -62,7 +62,7 @@ AUTH NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
*
AUTH PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA

4
tests/data/test937
View File

@ -19,7 +19,7 @@ AUTH DIGEST-MD5 PLAIN
REPLY "AUTH DIGEST-MD5" 334 Rubbish
REPLY * 501 AUTH exchange cancelled by client
REPLY "AUTH PLAIN" 334 PLAIN supported
REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
REPLY AHVzZXIAc2VjcmV0 235 Authenticated
</servercmd>
</reply>
@ -53,7 +53,7 @@ EHLO 937
AUTH DIGEST-MD5
*
AUTH PLAIN
dXNlcgB1c2VyAHNlY3JldA==
AHVzZXIAc2VjcmV0
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA