IMAP/POP3/SMTP: use a per-connection sub-structure for SASL parameters.

author Patrick Monnerat <pm@datasphere.ch>

Tue, 20 Jan 2015 13:14:26 +0000 (14:14 +0100)

committer Patrick Monnerat <pm@datasphere.ch>

Tue, 20 Jan 2015 13:14:26 +0000 (14:14 +0100)
author Patrick Monnerat <pm@datasphere.ch>
Tue, 20 Jan 2015 13:14:26 +0000 (14:14 +0100)
committer Patrick Monnerat <pm@datasphere.ch>
Tue, 20 Jan 2015 13:14:26 +0000 (14:14 +0100)
diff --git a/lib/curl_sasl.h b/lib/curl_sasl.h

index 369751ceea73c3bf086d7dc7af7e7693a76b9ff6..a83a326a4301456a5bfc7a0648377a5f1ae013a3 100644 (file)
--- a/lib/curl_sasl.h
+++ b/lib/curl_sasl.h
@@ -68,6 +68,14 @@ enum {
    CURLDIGESTALGO_MD5SESS
  };
  
+/* Per-connection parameters */
+struct SASL {
+  unsigned int authmechs;  /* Accepted authentication mechanisms */
+  unsigned int prefmech;   /* Preferred authentication mechanism */
+  unsigned int authused;   /* Auth mechanism used for the connection */
+  bool mutual_auth;        /* Mutual authentication enabled (GSSAPI only) */
+};
+
  /* This is used to test whether the line starts with the given mechanism */
  #define sasl_mech_equal(line, wordlen, mech) \
    (wordlen == (sizeof(mech) - 1) / sizeof(char) && \
diff --git a/lib/imap.c b/lib/imap.c

index 767ac804b37043582ceca727ffdbc5c7a8793a8f..4087fa66abe32ba203bbc6cbe141ce992518f043 100644 (file)
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -471,9 +471,9 @@ static CURLcode imap_perform_capability(struct connectdata *conn)
    CURLcode result = CURLE_OK;
    struct imap_conn *imapc = &conn->proto.imapc;
  
-  imapc->authmechs = 0;         /* No known authentication mechanisms yet */
-  imapc->authused = 0;          /* Clear the authentication mechanism used */
-  imapc->tls_supported = FALSE; /* Clear the TLS capability */
+  imapc->sasl.authmechs = SASL_AUTH_NONE; /* No known auth. mechanisms yet */
+  imapc->sasl.authused = SASL_AUTH_NONE;  /* Clear the auth. mechanism used */
+  imapc->tls_supported = FALSE;           /* Clear the TLS capability */
  
    /* Send the CAPABILITY command */
    result = imap_sendf(conn, "CAPABILITY");
@@ -919,21 +919,21 @@ static CURLcode imap_state_capability_resp(struct connectdata *conn,
  
          /* Test the word for a matching authentication mechanism */
          if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_LOGIN))
-          imapc->authmechs |= SASL_MECH_LOGIN;
+          imapc->sasl.authmechs |= SASL_MECH_LOGIN;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_PLAIN))
-          imapc->authmechs |= SASL_MECH_PLAIN;
+          imapc->sasl.authmechs |= SASL_MECH_PLAIN;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_CRAM_MD5))
-          imapc->authmechs |= SASL_MECH_CRAM_MD5;
+          imapc->sasl.authmechs |= SASL_MECH_CRAM_MD5;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_DIGEST_MD5))
-          imapc->authmechs |= SASL_MECH_DIGEST_MD5;
+          imapc->sasl.authmechs |= SASL_MECH_DIGEST_MD5;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_GSSAPI))
-          imapc->authmechs |= SASL_MECH_GSSAPI;
+          imapc->sasl.authmechs |= SASL_MECH_GSSAPI;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_EXTERNAL))
-          imapc->authmechs |= SASL_MECH_EXTERNAL;
+          imapc->sasl.authmechs |= SASL_MECH_EXTERNAL;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_NTLM))
-          imapc->authmechs |= SASL_MECH_NTLM;
+          imapc->sasl.authmechs |= SASL_MECH_NTLM;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_XOAUTH2))
-          imapc->authmechs |= SASL_MECH_XOAUTH2;
+          imapc->sasl.authmechs |= SASL_MECH_XOAUTH2;
        }
  
        line += wordlen;
@@ -1321,7 +1321,7 @@ static CURLcode imap_state_auth_gssapi_resp(struct connectdata *conn,
      /* Create the initial response message */
      result = Curl_sasl_create_gssapi_user_message(data, conn->user,
                                                    conn->passwd, "imap",
-                                                  imapc->mutual_auth,
+                                                  imapc->sasl.mutual_auth,
                                                    NULL, &conn->krb5,
                                                    &respmsg, &len);
      if(!result && respmsg) {
@@ -1360,11 +1360,11 @@ static CURLcode imap_state_auth_gssapi_token_resp(struct connectdata *conn,
      /* Get the challenge message */
      imap_get_message(data->state.buffer, &chlgmsg);
  
-    if(imapc->mutual_auth)
+    if(imapc->sasl.mutual_auth)
        /* Decode the user token challenge and create the optional response
           message */
        result = Curl_sasl_create_gssapi_user_message(data, NULL, NULL, NULL,
-                                                    imapc->mutual_auth,
+                                                    imapc->sasl.mutual_auth,
                                                      chlgmsg, &conn->krb5,
                                                      &respmsg, &len);
      else
@@ -1390,8 +1390,8 @@ static CURLcode imap_state_auth_gssapi_token_resp(struct connectdata *conn,
          result = Curl_pp_sendf(&imapc->pp, "%s", "");
  
        if(!result)
-        state(conn, (imapc->mutual_auth ? IMAP_AUTHENTICATE_GSSAPI_NO_DATA :
-                                          IMAP_AUTHENTICATE_FINAL));
+        state(conn, imapc->sasl.mutual_auth? IMAP_AUTHENTICATE_GSSAPI_NO_DATA:
+                                             IMAP_AUTHENTICATE_FINAL);
      }
    }
  
@@ -1504,7 +1504,7 @@ static CURLcode imap_state_auth_cancel_resp(struct connectdata *conn,
    (void)instate; /* no use for this yet */
  
    /* Remove the offending mechanism from the supported list */
-  imapc->authmechs ^= imapc->authused;
+  imapc->sasl.authmechs ^= imapc->sasl.authused;
  
    /* Calculate alternative SASL login details */
    result = imap_calc_sasl_details(conn, &mech, &initresp, &len, &state1,
@@ -2061,7 +2061,7 @@ static CURLcode imap_connect(struct connectdata *conn, bool *done)
  
    /* Set the default preferred authentication type and mechanism */
    imapc->preftype = IMAP_TYPE_ANY;
-  imapc->prefmech = SASL_AUTH_ANY;
+  imapc->sasl.prefmech = SASL_AUTH_ANY;
  
    /* Initialise the pingpong layer */
    Curl_pp_init(pp);
@@ -2274,7 +2274,7 @@ static CURLcode imap_disconnect(struct connectdata *conn, bool dead_connection)
    Curl_pp_disconnect(&imapc->pp);
  
    /* Cleanup the SASL module */
-  Curl_sasl_cleanup(conn, imapc->authused);
+  Curl_sasl_cleanup(conn, imapc->sasl.authused);
  
    /* Cleanup our connection based variables */
    Curl_safefree(imapc->mailbox);
@@ -2565,7 +2565,7 @@ static CURLcode imap_parse_url_options(struct connectdata *conn)
        if(reset) {
          reset = FALSE;
          imapc->preftype = IMAP_TYPE_NONE;
-        imapc->prefmech = SASL_AUTH_NONE;
+        imapc->sasl.prefmech = SASL_AUTH_NONE;
        }
  
        while(*ptr && *ptr != ';') {
@@ -2575,35 +2575,35 @@ static CURLcode imap_parse_url_options(struct connectdata *conn)
  
        if(strnequal(value, "*", len)) {
          imapc->preftype = IMAP_TYPE_ANY;
-        imapc->prefmech = SASL_AUTH_ANY;
+        imapc->sasl.prefmech = SASL_AUTH_ANY;
        }
        else if(strnequal(value, SASL_MECH_STRING_LOGIN, len)) {
          imapc->preftype = IMAP_TYPE_SASL;
-        imapc->prefmech |= SASL_MECH_LOGIN;
+        imapc->sasl.prefmech |= SASL_MECH_LOGIN;
        }
        else if(strnequal(value, SASL_MECH_STRING_PLAIN, len)) {
          imapc->preftype = IMAP_TYPE_SASL;
-        imapc->prefmech |= SASL_MECH_PLAIN;
+        imapc->sasl.prefmech |= SASL_MECH_PLAIN;
        }
        else if(strnequal(value, SASL_MECH_STRING_CRAM_MD5, len)) {
          imapc->preftype = IMAP_TYPE_SASL;
-        imapc->prefmech |= SASL_MECH_CRAM_MD5;
+        imapc->sasl.prefmech |= SASL_MECH_CRAM_MD5;
        }
        else if(strnequal(value, SASL_MECH_STRING_DIGEST_MD5, len)) {
          imapc->preftype = IMAP_TYPE_SASL;
-        imapc->prefmech |= SASL_MECH_DIGEST_MD5;
+        imapc->sasl.prefmech |= SASL_MECH_DIGEST_MD5;
        }
        else if(strnequal(value, SASL_MECH_STRING_GSSAPI, len)) {
          imapc->preftype = IMAP_TYPE_SASL;
-        imapc->prefmech |= SASL_MECH_GSSAPI;
+        imapc->sasl.prefmech |= SASL_MECH_GSSAPI;
        }
        else if(strnequal(value, SASL_MECH_STRING_NTLM, len)) {
          imapc->preftype = IMAP_TYPE_SASL;
-        imapc->prefmech |= SASL_MECH_NTLM;
+        imapc->sasl.prefmech |= SASL_MECH_NTLM;
        }
        else if(strnequal(value, SASL_MECH_STRING_XOAUTH2, len)) {
          imapc->preftype = IMAP_TYPE_SASL;
-        imapc->prefmech |= SASL_MECH_XOAUTH2;
+        imapc->sasl.prefmech |= SASL_MECH_XOAUTH2;
        }
  
        if(*ptr == ';')
@@ -2803,46 +2803,46 @@ static CURLcode imap_calc_sasl_details(struct connectdata *conn,
    /* Calculate the supported authentication mechanism, by decreasing order of
       security, as well as the initial response where appropriate */
  #if defined(USE_KERBEROS5)
-    if((imapc->authmechs & SASL_MECH_GSSAPI) &&
-       (imapc->prefmech & SASL_MECH_GSSAPI)) {
-    imapc->mutual_auth = FALSE; /* TODO: Calculate mutual authentication */
+    if((imapc->sasl.authmechs & SASL_MECH_GSSAPI) &&
+       (imapc->sasl.prefmech & SASL_MECH_GSSAPI)) {
+    imapc->sasl.mutual_auth = FALSE; /* TODO: Calculate mutual auth. */
  
      *mech = SASL_MECH_STRING_GSSAPI;
      *state1 = IMAP_AUTHENTICATE_GSSAPI;
      *state2 = IMAP_AUTHENTICATE_GSSAPI_TOKEN;
-    imapc->authused = SASL_MECH_GSSAPI;
+    imapc->sasl.authused = SASL_MECH_GSSAPI;
  
      if(imapc->ir_supported || data->set.sasl_ir)
        result = Curl_sasl_create_gssapi_user_message(data, conn->user,
                                                      conn->passwd, "imap",
-                                                    imapc->mutual_auth,
+                                                    imapc->sasl.mutual_auth,
                                                      NULL, &conn->krb5,
                                                      initresp, len);
    }
    else
  #endif
  #ifndef CURL_DISABLE_CRYPTO_AUTH
-  if((imapc->authmechs & SASL_MECH_DIGEST_MD5) &&
-     (imapc->prefmech & SASL_MECH_DIGEST_MD5)) {
+  if((imapc->sasl.authmechs & SASL_MECH_DIGEST_MD5) &&
+     (imapc->sasl.prefmech & SASL_MECH_DIGEST_MD5)) {
      *mech = SASL_MECH_STRING_DIGEST_MD5;
      *state1 = IMAP_AUTHENTICATE_DIGESTMD5;
-    imapc->authused = SASL_MECH_DIGEST_MD5;
+    imapc->sasl.authused = SASL_MECH_DIGEST_MD5;
    }
-  else if((imapc->authmechs & SASL_MECH_CRAM_MD5) &&
-          (imapc->prefmech & SASL_MECH_CRAM_MD5)) {
+  else if((imapc->sasl.authmechs & SASL_MECH_CRAM_MD5) &&
+          (imapc->sasl.prefmech & SASL_MECH_CRAM_MD5)) {
      *mech = SASL_MECH_STRING_CRAM_MD5;
      *state1 = IMAP_AUTHENTICATE_CRAMMD5;
-    imapc->authused = SASL_MECH_CRAM_MD5;
+    imapc->sasl.authused = SASL_MECH_CRAM_MD5;
    }
    else
  #endif
  #ifdef USE_NTLM
-    if((imapc->authmechs & SASL_MECH_NTLM) &&
-       (imapc->prefmech & SASL_MECH_NTLM)) {
+    if((imapc->sasl.authmechs & SASL_MECH_NTLM) &&
+       (imapc->sasl.prefmech & SASL_MECH_NTLM)) {
      *mech = SASL_MECH_STRING_NTLM;
      *state1 = IMAP_AUTHENTICATE_NTLM;
      *state2 = IMAP_AUTHENTICATE_NTLM_TYPE2MSG;
-    imapc->authused = SASL_MECH_NTLM;
+    imapc->sasl.authused = SASL_MECH_NTLM;
  
      if(imapc->ir_supported || data->set.sasl_ir)
        result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
@@ -2851,35 +2851,35 @@ static CURLcode imap_calc_sasl_details(struct connectdata *conn,
    }
    else
  #endif
-  if(((imapc->authmechs & SASL_MECH_XOAUTH2) &&
-      (imapc->prefmech & SASL_MECH_XOAUTH2) &&
-      (imapc->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
+  if(((imapc->sasl.authmechs & SASL_MECH_XOAUTH2) &&
+      (imapc->sasl.prefmech & SASL_MECH_XOAUTH2) &&
+      (imapc->sasl.prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
      *mech = SASL_MECH_STRING_XOAUTH2;
      *state1 = IMAP_AUTHENTICATE_XOAUTH2;
      *state2 = IMAP_AUTHENTICATE_FINAL;
-    imapc->authused = SASL_MECH_XOAUTH2;
+    imapc->sasl.authused = SASL_MECH_XOAUTH2;
  
      if(imapc->ir_supported || data->set.sasl_ir)
        result = Curl_sasl_create_xoauth2_message(data, conn->user,
                                                  conn->xoauth2_bearer,
                                                  initresp, len);
    }
-  else if((imapc->authmechs & SASL_MECH_LOGIN) &&
-          (imapc->prefmech & SASL_MECH_LOGIN)) {
+  else if((imapc->sasl.authmechs & SASL_MECH_LOGIN) &&
+          (imapc->sasl.prefmech & SASL_MECH_LOGIN)) {
      *mech = SASL_MECH_STRING_LOGIN;
      *state1 = IMAP_AUTHENTICATE_LOGIN;
      *state2 = IMAP_AUTHENTICATE_LOGIN_PASSWD;
-    imapc->authused = SASL_MECH_LOGIN;
+    imapc->sasl.authused = SASL_MECH_LOGIN;
  
      if(imapc->ir_supported || data->set.sasl_ir)
        result = Curl_sasl_create_login_message(data, conn->user, initresp, len);
    }
-  else if((imapc->authmechs & SASL_MECH_PLAIN) &&
-          (imapc->prefmech & SASL_MECH_PLAIN)) {
+  else if((imapc->sasl.authmechs & SASL_MECH_PLAIN) &&
+          (imapc->sasl.prefmech & SASL_MECH_PLAIN)) {
      *mech = SASL_MECH_STRING_PLAIN;
      *state1 = IMAP_AUTHENTICATE_PLAIN;
      *state2 = IMAP_AUTHENTICATE_FINAL;
-    imapc->authused = SASL_MECH_PLAIN;
+    imapc->sasl.authused = SASL_MECH_PLAIN;
  
      if(imapc->ir_supported || data->set.sasl_ir)
        result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
diff --git a/lib/imap.h b/lib/imap.h

index 768fc4b8c1236a341bd95f9053b0722129c206dd..81af6a290263989e7a948984cff047bf1a7edcc7 100644 (file)
--- a/lib/imap.h
+++ b/lib/imap.h
@@ -23,6 +23,7 @@
   ***************************************************************************/
  
  #include "pingpong.h"
+#include "curl_sasl.h"
  
  /****************************************************************************
   * IMAP unique setup
@@ -83,16 +84,13 @@ struct imap_conn {
    struct pingpong pp;
    imapstate state;            /* Always use imap.c:state() to change state! */
    bool ssldone;               /* Is connect() over SSL done? */
-  unsigned int authmechs;     /* Accepted authentication mechanisms */
+  struct SASL sasl;           /* SASL-related parameters */
    unsigned int preftype;      /* Preferred authentication type */
-  unsigned int prefmech;      /* Preferred authentication mechanism */
-  unsigned int authused;      /* Auth mechanism used for the connection */
    int cmdid;                  /* Last used command ID */
    char resptag[5];            /* Response tag to wait for */
    bool tls_supported;         /* StartTLS capability supported by server */
    bool login_disabled;        /* LOGIN command disabled by server */
    bool ir_supported;          /* Initial response supported by server */
-  bool mutual_auth;           /* Mutual authentication enabled (GSSAPI only) */
    char *mailbox;              /* The last selected mailbox */
    char *mailbox_uidvalidity;  /* UIDVALIDITY parsed from select response */
  };
diff --git a/lib/pop3.c b/lib/pop3.c

index 66004599af148b05e02a8f47b6c3ce8af49cf8d7..f40c9218bf1e9d5742d7a3946c92c918cd6b1c09 100644 (file)
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -354,9 +354,9 @@ static CURLcode pop3_perform_capa(struct connectdata *conn)
    CURLcode result = CURLE_OK;
    struct pop3_conn *pop3c = &conn->proto.pop3c;
  
-  pop3c->authmechs = 0;         /* No known authentication mechanisms yet */
-  pop3c->authused = 0;          /* Clear the authentication mechanism used */
-  pop3c->tls_supported = FALSE; /* Clear the TLS capability */
+  pop3c->sasl.authmechs = SASL_AUTH_NONE; /* No known auth. mechanisms yet */
+  pop3c->sasl.authused = SASL_AUTH_NONE;  /* Clear the auth. mechanism used */
+  pop3c->tls_supported = FALSE;           /* Clear the TLS capability */
  
    /* Send the CAPA command */
    result = Curl_pp_sendf(&pop3c->pp, "%s", "CAPA");
@@ -745,21 +745,21 @@ static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code,
  
          /* Test the word for a matching authentication mechanism */
          if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_LOGIN))
-          pop3c->authmechs |= SASL_MECH_LOGIN;
+          pop3c->sasl.authmechs |= SASL_MECH_LOGIN;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_PLAIN))
-          pop3c->authmechs |= SASL_MECH_PLAIN;
+          pop3c->sasl.authmechs |= SASL_MECH_PLAIN;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_CRAM_MD5))
-          pop3c->authmechs |= SASL_MECH_CRAM_MD5;
+          pop3c->sasl.authmechs |= SASL_MECH_CRAM_MD5;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_DIGEST_MD5))
-          pop3c->authmechs |= SASL_MECH_DIGEST_MD5;
+          pop3c->sasl.authmechs |= SASL_MECH_DIGEST_MD5;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_GSSAPI))
-          pop3c->authmechs |= SASL_MECH_GSSAPI;
+          pop3c->sasl.authmechs |= SASL_MECH_GSSAPI;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_EXTERNAL))
-          pop3c->authmechs |= SASL_MECH_EXTERNAL;
+          pop3c->sasl.authmechs |= SASL_MECH_EXTERNAL;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_NTLM))
-          pop3c->authmechs |= SASL_MECH_NTLM;
+          pop3c->sasl.authmechs |= SASL_MECH_NTLM;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_XOAUTH2))
-          pop3c->authmechs |= SASL_MECH_XOAUTH2;
+          pop3c->sasl.authmechs |= SASL_MECH_XOAUTH2;
  
          line += wordlen;
          len -= wordlen;
@@ -1152,7 +1152,7 @@ static CURLcode pop3_state_auth_gssapi_resp(struct connectdata *conn,
      /* Create the initial response message */
      result = Curl_sasl_create_gssapi_user_message(data, conn->user,
                                                    conn->passwd, "pop",
-                                                  pop3c->mutual_auth,
+                                                  pop3c->sasl.mutual_auth,
                                                    NULL, &conn->krb5,
                                                    &respmsg, &len);
      if(!result && respmsg) {
@@ -1191,11 +1191,11 @@ static CURLcode pop3_state_auth_gssapi_token_resp(struct connectdata *conn,
      /* Get the challenge message */
      pop3_get_message(data->state.buffer, &chlgmsg);
  
-    if(pop3c->mutual_auth)
+    if(pop3c->sasl.mutual_auth)
        /* Decode the user token challenge and create the optional response
           message */
        result = Curl_sasl_create_gssapi_user_message(data, NULL, NULL, NULL,
-                                                    pop3c->mutual_auth,
+                                                    pop3c->sasl.mutual_auth,
                                                      chlgmsg, &conn->krb5,
                                                      &respmsg, &len);
      else
@@ -1221,8 +1221,8 @@ static CURLcode pop3_state_auth_gssapi_token_resp(struct connectdata *conn,
          result = Curl_pp_sendf(&pop3c->pp, "%s", "");
  
        if(!result)
-        state(conn, (pop3c->mutual_auth ? POP3_AUTH_GSSAPI_NO_DATA :
-                                          POP3_AUTH_FINAL));
+        state(conn, (pop3c->sasl.mutual_auth ? POP3_AUTH_GSSAPI_NO_DATA :
+                                               POP3_AUTH_FINAL));
      }
    }
  
@@ -1334,7 +1334,7 @@ static CURLcode pop3_state_auth_cancel_resp(struct connectdata *conn,
    (void)instate; /* no use for this yet */
  
    /* Remove the offending mechanism from the supported list */
-  pop3c->authmechs ^= pop3c->authused;
+  pop3c->sasl.authmechs ^= pop3c->sasl.authused;
  
    /* Calculate alternative SASL login details */
    result = pop3_calc_sasl_details(conn, &mech, &initresp, &len, &state1,
@@ -1727,7 +1727,7 @@ static CURLcode pop3_connect(struct connectdata *conn, bool *done)
  
    /* Set the default preferred authentication type and mechanism */
    pop3c->preftype = POP3_TYPE_ANY;
-  pop3c->prefmech = SASL_AUTH_ANY;
+  pop3c->sasl.prefmech = SASL_AUTH_ANY;
  
    /* Initialise the pingpong layer */
    Curl_pp_init(pp);
@@ -1879,7 +1879,7 @@ static CURLcode pop3_disconnect(struct connectdata *conn, bool dead_connection)
    Curl_pp_disconnect(&pop3c->pp);
  
    /* Cleanup the SASL module */
-  Curl_sasl_cleanup(conn, pop3c->authused);
+  Curl_sasl_cleanup(conn, pop3c->sasl.authused);
  
    /* Cleanup our connection based variables */
    Curl_safefree(pop3c->apoptimestamp);
@@ -2011,7 +2011,7 @@ static CURLcode pop3_parse_url_options(struct connectdata *conn)
        if(reset) {
          reset = FALSE;
          pop3c->preftype = POP3_TYPE_NONE;
-        pop3c->prefmech = SASL_AUTH_NONE;
+        pop3c->sasl.prefmech = SASL_AUTH_NONE;
        }
  
        while(*ptr && *ptr != ';') {
@@ -2021,39 +2021,39 @@ static CURLcode pop3_parse_url_options(struct connectdata *conn)
  
        if(strnequal(value, "*", len)) {
          pop3c->preftype = POP3_TYPE_ANY;
-        pop3c->prefmech = SASL_AUTH_ANY;
+        pop3c->sasl.prefmech = SASL_AUTH_ANY;
        }
        else if(strnequal(value, "+APOP", len)) {
          pop3c->preftype = POP3_TYPE_APOP;
-        pop3c->prefmech = SASL_AUTH_NONE;
+        pop3c->sasl.prefmech = SASL_AUTH_NONE;
        }
        else if(strnequal(value, SASL_MECH_STRING_LOGIN, len)) {
          pop3c->preftype = POP3_TYPE_SASL;
-        pop3c->prefmech |= SASL_MECH_LOGIN;
+        pop3c->sasl.prefmech |= SASL_MECH_LOGIN;
        }
        else if(strnequal(value, SASL_MECH_STRING_PLAIN, len)) {
          pop3c->preftype = POP3_TYPE_SASL;
-        pop3c->prefmech |= SASL_MECH_PLAIN;
+        pop3c->sasl.prefmech |= SASL_MECH_PLAIN;
        }
        else if(strnequal(value, SASL_MECH_STRING_CRAM_MD5, len)) {
          pop3c->preftype = POP3_TYPE_SASL;
-        pop3c->prefmech |= SASL_MECH_CRAM_MD5;
+        pop3c->sasl.prefmech |= SASL_MECH_CRAM_MD5;
        }
        else if(strnequal(value, SASL_MECH_STRING_DIGEST_MD5, len)) {
          pop3c->preftype = POP3_TYPE_SASL;
-        pop3c->prefmech |= SASL_MECH_DIGEST_MD5;
+        pop3c->sasl.prefmech |= SASL_MECH_DIGEST_MD5;
        }
        else if(strnequal(value, SASL_MECH_STRING_GSSAPI, len)) {
          pop3c->preftype = POP3_TYPE_SASL;
-        pop3c->prefmech |= SASL_MECH_GSSAPI;
+        pop3c->sasl.prefmech |= SASL_MECH_GSSAPI;
        }
        else if(strnequal(value, SASL_MECH_STRING_NTLM, len)) {
          pop3c->preftype = POP3_TYPE_SASL;
-        pop3c->prefmech |= SASL_MECH_NTLM;
+        pop3c->sasl.prefmech |= SASL_MECH_NTLM;
        }
        else if(strnequal(value, SASL_MECH_STRING_XOAUTH2, len)) {
          pop3c->preftype = POP3_TYPE_SASL;
-        pop3c->prefmech |= SASL_MECH_XOAUTH2;
+        pop3c->sasl.prefmech |= SASL_MECH_XOAUTH2;
        }
  
        if(*ptr == ';')
@@ -2121,46 +2121,46 @@ static CURLcode pop3_calc_sasl_details(struct connectdata *conn,
    /* Calculate the supported authentication mechanism, by decreasing order of
       security, as well as the initial response where appropriate */
  #if defined(USE_KERBEROS5)
-  if((pop3c->authmechs & SASL_MECH_GSSAPI) &&
-      (pop3c->prefmech & SASL_MECH_GSSAPI)) {
-    pop3c->mutual_auth = FALSE; /* TODO: Calculate mutual authentication */
+  if((pop3c->sasl.authmechs & SASL_MECH_GSSAPI) &&
+      (pop3c->sasl.prefmech & SASL_MECH_GSSAPI)) {
+    pop3c->sasl.mutual_auth = FALSE; /* TODO: Calculate mutual auth. */
  
      *mech = SASL_MECH_STRING_GSSAPI;
      *state1 = POP3_AUTH_GSSAPI;
      *state2 = POP3_AUTH_GSSAPI_TOKEN;
-    pop3c->authused = SASL_MECH_GSSAPI;
+    pop3c->sasl.authused = SASL_MECH_GSSAPI;
  
      if(data->set.sasl_ir)
        result = Curl_sasl_create_gssapi_user_message(data, conn->user,
                                                      conn->passwd, "pop",
-                                                    pop3c->mutual_auth,
+                                                    pop3c->sasl.mutual_auth,
                                                      NULL, &conn->krb5,
                                                      initresp, len);
    }
    else
  #endif
  #ifndef CURL_DISABLE_CRYPTO_AUTH
-  if((pop3c->authmechs & SASL_MECH_DIGEST_MD5) &&
-      (pop3c->prefmech & SASL_MECH_DIGEST_MD5)) {
+  if((pop3c->sasl.authmechs & SASL_MECH_DIGEST_MD5) &&
+      (pop3c->sasl.prefmech & SASL_MECH_DIGEST_MD5)) {
      *mech = SASL_MECH_STRING_DIGEST_MD5;
      *state1 = POP3_AUTH_DIGESTMD5;
-    pop3c->authused = SASL_MECH_DIGEST_MD5;
+    pop3c->sasl.authused = SASL_MECH_DIGEST_MD5;
    }
-  else if((pop3c->authmechs & SASL_MECH_CRAM_MD5) &&
-          (pop3c->prefmech & SASL_MECH_CRAM_MD5)) {
+  else if((pop3c->sasl.authmechs & SASL_MECH_CRAM_MD5) &&
+          (pop3c->sasl.prefmech & SASL_MECH_CRAM_MD5)) {
      *mech = SASL_MECH_STRING_CRAM_MD5;
      *state1 = POP3_AUTH_CRAMMD5;
-    pop3c->authused = SASL_MECH_CRAM_MD5;
+    pop3c->sasl.authused = SASL_MECH_CRAM_MD5;
    }
    else
  #endif
  #ifdef USE_NTLM
-  if((pop3c->authmechs & SASL_MECH_NTLM) &&
-      (pop3c->prefmech & SASL_MECH_NTLM)) {
+  if((pop3c->sasl.authmechs & SASL_MECH_NTLM) &&
+      (pop3c->sasl.prefmech & SASL_MECH_NTLM)) {
      *mech = SASL_MECH_STRING_NTLM;
      *state1 = POP3_AUTH_NTLM;
      *state2 = POP3_AUTH_NTLM_TYPE2MSG;
-    pop3c->authused = SASL_MECH_NTLM;
+    pop3c->sasl.authused = SASL_MECH_NTLM;
  
      if(data->set.sasl_ir)
        result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
@@ -2169,35 +2169,35 @@ static CURLcode pop3_calc_sasl_details(struct connectdata *conn,
    }
    else
  #endif
-  if(((pop3c->authmechs & SASL_MECH_XOAUTH2) &&
-      (pop3c->prefmech & SASL_MECH_XOAUTH2) &&
-      (pop3c->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
+  if(((pop3c->sasl.authmechs & SASL_MECH_XOAUTH2) &&
+      (pop3c->sasl.prefmech & SASL_MECH_XOAUTH2) &&
+      (pop3c->sasl.prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
      *mech = SASL_MECH_STRING_XOAUTH2;
      *state1 = POP3_AUTH_XOAUTH2;
      *state2 = POP3_AUTH_FINAL;
-    pop3c->authused = SASL_MECH_XOAUTH2;
+    pop3c->sasl.authused = SASL_MECH_XOAUTH2;
  
      if(data->set.sasl_ir)
        result = Curl_sasl_create_xoauth2_message(data, conn->user,
                                                  conn->xoauth2_bearer,
                                                  initresp, len);
    }
-  else if((pop3c->authmechs & SASL_MECH_LOGIN) &&
-          (pop3c->prefmech & SASL_MECH_LOGIN)) {
+  else if((pop3c->sasl.authmechs & SASL_MECH_LOGIN) &&
+          (pop3c->sasl.prefmech & SASL_MECH_LOGIN)) {
      *mech = SASL_MECH_STRING_LOGIN;
      *state1 = POP3_AUTH_LOGIN;
      *state2 = POP3_AUTH_LOGIN_PASSWD;
-    pop3c->authused = SASL_MECH_LOGIN;
+    pop3c->sasl.authused = SASL_MECH_LOGIN;
  
      if(data->set.sasl_ir)
        result = Curl_sasl_create_login_message(data, conn->user, initresp, len);
    }
-  else if((pop3c->authmechs & SASL_MECH_PLAIN) &&
-          (pop3c->prefmech & SASL_MECH_PLAIN)) {
+  else if((pop3c->sasl.authmechs & SASL_MECH_PLAIN) &&
+          (pop3c->sasl.prefmech & SASL_MECH_PLAIN)) {
      *mech = SASL_MECH_STRING_PLAIN;
      *state1 = POP3_AUTH_PLAIN;
      *state2 = POP3_AUTH_FINAL;
-    pop3c->authused = SASL_MECH_PLAIN;
+    pop3c->sasl.authused = SASL_MECH_PLAIN;
  
      if(data->set.sasl_ir)
        result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
diff --git a/lib/pop3.h b/lib/pop3.h

index 729a55ad5eec18621d045f1ccd2475201a8c16d2..7b4d21f03e886292a2a53c09f36ce2f0d9406da0 100644 (file)
--- a/lib/pop3.h
+++ b/lib/pop3.h
@@ -23,6 +23,7 @@
   ***************************************************************************/
  
  #include "pingpong.h"
+#include "curl_sasl.h"
  
  /****************************************************************************
   * POP3 unique setup
@@ -77,14 +78,11 @@ struct pop3_conn {
                               have been received so far */
    size_t strip;           /* Number of bytes from the start to ignore as
                               non-body */
+  struct SASL sasl;       /* SASL-related storage */
    unsigned int authtypes; /* Accepted authentication types */
-  unsigned int authmechs; /* Accepted SASL authentication mechanisms */
    unsigned int preftype;  /* Preferred authentication type */
-  unsigned int prefmech;  /* Preferred SASL authentication mechanism */
-  unsigned int authused;  /* SASL auth mechanism used for the connection */
    char *apoptimestamp;    /* APOP timestamp from the server greeting */
    bool tls_supported;     /* StartTLS capability supported by server */
-  bool mutual_auth;       /* Mutual authentication enabled (GSSAPI only) */
  };
  
  extern const struct Curl_handler Curl_handler_pop3;
diff --git a/lib/smtp.c b/lib/smtp.c

index 7bd5158bf285edc8758c12b5cf984b29f613f8da..5f75f524b3fbf5909a50288ec9c1e147ef58212e 100644 (file)
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -352,11 +352,11 @@ static CURLcode smtp_perform_ehlo(struct connectdata *conn)
    CURLcode result = CURLE_OK;
    struct smtp_conn *smtpc = &conn->proto.smtpc;
  
-  smtpc->authmechs = 0;           /* No known authentication mechanisms yet */
-  smtpc->authused = 0;            /* Clear the authentication mechanism used
-                                     for esmtp connections */
-  smtpc->tls_supported = FALSE;   /* Clear the TLS capability */
-  smtpc->auth_supported = FALSE;  /* Clear the AUTH capability */
+  smtpc->sasl.authmechs = SASL_AUTH_NONE; /* No known auth. mechanism yet */
+  smtpc->sasl.authused = SASL_AUTH_NONE;  /* Clear the authentication mechanism
+                                             used for esmtp connections */
+  smtpc->tls_supported = FALSE;           /* Clear the TLS capability */
+  smtpc->auth_supported = FALSE;          /* Clear the AUTH capability */
  
    /* Send the EHLO command */
    result = Curl_pp_sendf(&smtpc->pp, "EHLO %s", smtpc->domain);
@@ -378,8 +378,8 @@ static CURLcode smtp_perform_helo(struct connectdata *conn)
    CURLcode result = CURLE_OK;
    struct smtp_conn *smtpc = &conn->proto.smtpc;
  
-  smtpc->authused = 0;          /* No authentication mechanism used in smtp
-                                   connections */
+  smtpc->sasl.authused = SASL_AUTH_NONE; /* No authentication mechanism used
+                                            in smtp connections */
  
    /* Send the HELO command */
    result = Curl_pp_sendf(&smtpc->pp, "HELO %s", smtpc->domain);
@@ -571,7 +571,7 @@ static CURLcode smtp_perform_mail(struct connectdata *conn)
      return CURLE_OUT_OF_MEMORY;
  
    /* Calculate the optional AUTH parameter */
-  if(data->set.str[STRING_MAIL_AUTH] && conn->proto.smtpc.authused) {
+  if(data->set.str[STRING_MAIL_AUTH] && conn->proto.smtpc.sasl.authused) {
      if(data->set.str[STRING_MAIL_AUTH][0] != '\0')
        auth = aprintf("%s", data->set.str[STRING_MAIL_AUTH]);
      else
@@ -772,21 +772,21 @@ static CURLcode smtp_state_ehlo_resp(struct connectdata *conn, int smtpcode,
  
          /* Test the word for a matching authentication mechanism */
          if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_LOGIN))
-          smtpc->authmechs |= SASL_MECH_LOGIN;
+          smtpc->sasl.authmechs |= SASL_MECH_LOGIN;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_PLAIN))
-          smtpc->authmechs |= SASL_MECH_PLAIN;
+          smtpc->sasl.authmechs |= SASL_MECH_PLAIN;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_CRAM_MD5))
-          smtpc->authmechs |= SASL_MECH_CRAM_MD5;
+          smtpc->sasl.authmechs |= SASL_MECH_CRAM_MD5;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_DIGEST_MD5))
-          smtpc->authmechs |= SASL_MECH_DIGEST_MD5;
+          smtpc->sasl.authmechs |= SASL_MECH_DIGEST_MD5;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_GSSAPI))
-          smtpc->authmechs |= SASL_MECH_GSSAPI;
+          smtpc->sasl.authmechs |= SASL_MECH_GSSAPI;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_EXTERNAL))
-          smtpc->authmechs |= SASL_MECH_EXTERNAL;
+          smtpc->sasl.authmechs |= SASL_MECH_EXTERNAL;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_NTLM))
-          smtpc->authmechs |= SASL_MECH_NTLM;
+          smtpc->sasl.authmechs |= SASL_MECH_NTLM;
          else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_XOAUTH2))
-          smtpc->authmechs |= SASL_MECH_XOAUTH2;
+          smtpc->sasl.authmechs |= SASL_MECH_XOAUTH2;
  
          line += wordlen;
          len -= wordlen;
@@ -1171,7 +1171,8 @@ static CURLcode smtp_state_auth_gssapi_resp(struct connectdata *conn,
      /* Create the initial response message */
      result = Curl_sasl_create_gssapi_user_message(data, conn->user,
                                                    conn->passwd, "smtp",
-                                                  smtpc->mutual_auth, NULL,
+                                                  smtpc->sasl.mutual_auth,
+                                                  NULL,
                                                    &conn->krb5,
                                                    &respmsg, &len);
      if(!result && respmsg) {
@@ -1210,11 +1211,11 @@ static CURLcode smtp_state_auth_gssapi_token_resp(struct connectdata *conn,
      /* Get the challenge message */
      smtp_get_message(data->state.buffer, &chlgmsg);
  
-    if(smtpc->mutual_auth)
+    if(smtpc->sasl.mutual_auth)
        /* Decode the user token challenge and create the optional response
           message */
        result = Curl_sasl_create_gssapi_user_message(data, NULL, NULL, NULL,
-                                                    smtpc->mutual_auth,
+                                                    smtpc->sasl.mutual_auth,
                                                      chlgmsg, &conn->krb5,
                                                      &respmsg, &len);
      else
@@ -1240,7 +1241,7 @@ static CURLcode smtp_state_auth_gssapi_token_resp(struct connectdata *conn,
          result = Curl_pp_sendf(&smtpc->pp, "%s", "");
  
        if(!result)
-        state(conn, (smtpc->mutual_auth ? SMTP_AUTH_GSSAPI_NO_DATA :
+        state(conn, (smtpc->sasl.mutual_auth ? SMTP_AUTH_GSSAPI_NO_DATA :
                                            SMTP_AUTH_FINAL));
      }
    }
@@ -1353,7 +1354,7 @@ static CURLcode smtp_state_auth_cancel_resp(struct connectdata *conn,
    (void)instate; /* no use for this yet */
  
    /* Remove the offending mechanism from the supported list */
-  smtpc->authmechs ^= smtpc->authused;
+  smtpc->sasl.authmechs ^= smtpc->sasl.authused;
  
    /* Calculate alternative SASL login details */
    result = smtp_calc_sasl_details(conn, &mech, &initresp, &len, &state1,
@@ -1767,7 +1768,7 @@ static CURLcode smtp_connect(struct connectdata *conn, bool *done)
    pp->conn = conn;
  
    /* Set the default preferred authentication mechanism */
-  smtpc->prefmech = SASL_AUTH_ANY;
+  smtpc->sasl.prefmech = SASL_AUTH_ANY;
  
    /* Initialise the pingpong layer */
    Curl_pp_init(pp);
@@ -1985,7 +1986,7 @@ static CURLcode smtp_disconnect(struct connectdata *conn, bool dead_connection)
    Curl_pp_disconnect(&smtpc->pp);
  
    /* Cleanup the SASL module */
-  Curl_sasl_cleanup(conn, smtpc->authused);
+  Curl_sasl_cleanup(conn, smtpc->sasl.authused);
  
    /* Cleanup our connection based variables */
    Curl_safefree(smtpc->domain);
@@ -2122,7 +2123,7 @@ static CURLcode smtp_parse_url_options(struct connectdata *conn)
  
        if(reset) {
          reset = FALSE;
-        smtpc->prefmech = SASL_AUTH_NONE;
+        smtpc->sasl.prefmech = SASL_AUTH_NONE;
        }
  
        while(*ptr && *ptr != ';') {
@@ -2131,21 +2132,21 @@ static CURLcode smtp_parse_url_options(struct connectdata *conn)
        }
  
        if(strnequal(value, "*", len))
-        smtpc->prefmech = SASL_AUTH_ANY;
+        smtpc->sasl.prefmech = SASL_AUTH_ANY;
        else if(strnequal(value, SASL_MECH_STRING_LOGIN, len))
-        smtpc->prefmech |= SASL_MECH_LOGIN;
+        smtpc->sasl.prefmech |= SASL_MECH_LOGIN;
        else if(strnequal(value, SASL_MECH_STRING_PLAIN, len))
-        smtpc->prefmech |= SASL_MECH_PLAIN;
+        smtpc->sasl.prefmech |= SASL_MECH_PLAIN;
        else if(strnequal(value, SASL_MECH_STRING_CRAM_MD5, len))
-        smtpc->prefmech |= SASL_MECH_CRAM_MD5;
+        smtpc->sasl.prefmech |= SASL_MECH_CRAM_MD5;
        else if(strnequal(value, SASL_MECH_STRING_DIGEST_MD5, len))
-        smtpc->prefmech |= SASL_MECH_DIGEST_MD5;
+        smtpc->sasl.prefmech |= SASL_MECH_DIGEST_MD5;
        else if(strnequal(value, SASL_MECH_STRING_GSSAPI, len))
-        smtpc->prefmech |= SASL_MECH_GSSAPI;
+        smtpc->sasl.prefmech |= SASL_MECH_GSSAPI;
        else if(strnequal(value, SASL_MECH_STRING_NTLM, len))
-        smtpc->prefmech |= SASL_MECH_NTLM;
+        smtpc->sasl.prefmech |= SASL_MECH_NTLM;
        else if(strnequal(value, SASL_MECH_STRING_XOAUTH2, len))
-        smtpc->prefmech |= SASL_MECH_XOAUTH2;
+        smtpc->sasl.prefmech |= SASL_MECH_XOAUTH2;
  
        if(*ptr == ';')
          ptr++;
@@ -2221,46 +2222,46 @@ static CURLcode smtp_calc_sasl_details(struct connectdata *conn,
    /* Calculate the supported authentication mechanism, by decreasing order of
       security, as well as the initial response where appropriate */
  #if defined(USE_KERBEROS5)
-  if((smtpc->authmechs & SASL_MECH_GSSAPI) &&
-     (smtpc->prefmech & SASL_MECH_GSSAPI)) {
-    smtpc->mutual_auth = FALSE; /* TODO: Calculate mutual authentication */
+  if((smtpc->sasl.authmechs & SASL_MECH_GSSAPI) &&
+     (smtpc->sasl.prefmech & SASL_MECH_GSSAPI)) {
+    smtpc->sasl.mutual_auth = FALSE; /* TODO: Calculate mutual auth. */
  
      *mech = SASL_MECH_STRING_GSSAPI;
      *state1 = SMTP_AUTH_GSSAPI;
      *state2 = SMTP_AUTH_GSSAPI_TOKEN;
-    smtpc->authused = SASL_MECH_GSSAPI;
+    smtpc->sasl.authused = SASL_MECH_GSSAPI;
  
      if(data->set.sasl_ir)
        result = Curl_sasl_create_gssapi_user_message(data, conn->user,
                                                      conn->passwd, "smtp",
-                                                    smtpc->mutual_auth,
+                                                    smtpc->sasl.mutual_auth,
                                                      NULL, &conn->krb5,
                                                      initresp, len);
      }
    else
  #endif
  #ifndef CURL_DISABLE_CRYPTO_AUTH
-  if((smtpc->authmechs & SASL_MECH_DIGEST_MD5) &&
-     (smtpc->prefmech & SASL_MECH_DIGEST_MD5)) {
+  if((smtpc->sasl.authmechs & SASL_MECH_DIGEST_MD5) &&
+     (smtpc->sasl.prefmech & SASL_MECH_DIGEST_MD5)) {
      *mech = SASL_MECH_STRING_DIGEST_MD5;
      *state1 = SMTP_AUTH_DIGESTMD5;
-    smtpc->authused = SASL_MECH_DIGEST_MD5;
+    smtpc->sasl.authused = SASL_MECH_DIGEST_MD5;
    }
-  else if((smtpc->authmechs & SASL_MECH_CRAM_MD5) &&
-          (smtpc->prefmech & SASL_MECH_CRAM_MD5)) {
+  else if((smtpc->sasl.authmechs & SASL_MECH_CRAM_MD5) &&
+          (smtpc->sasl.prefmech & SASL_MECH_CRAM_MD5)) {
      *mech = SASL_MECH_STRING_CRAM_MD5;
      *state1 = SMTP_AUTH_CRAMMD5;
-    smtpc->authused = SASL_MECH_CRAM_MD5;
+    smtpc->sasl.authused = SASL_MECH_CRAM_MD5;
    }
    else
  #endif
  #ifdef USE_NTLM
-  if((smtpc->authmechs & SASL_MECH_NTLM) &&
-     (smtpc->prefmech & SASL_MECH_NTLM)) {
+  if((smtpc->sasl.authmechs & SASL_MECH_NTLM) &&
+     (smtpc->sasl.prefmech & SASL_MECH_NTLM)) {
      *mech = SASL_MECH_STRING_NTLM;
      *state1 = SMTP_AUTH_NTLM;
      *state2 = SMTP_AUTH_NTLM_TYPE2MSG;
-    smtpc->authused = SASL_MECH_NTLM;
+    smtpc->sasl.authused = SASL_MECH_NTLM;
  
      if(data->set.sasl_ir)
        result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
@@ -2269,35 +2270,35 @@ static CURLcode smtp_calc_sasl_details(struct connectdata *conn,
      }
    else
  #endif
-  if(((smtpc->authmechs & SASL_MECH_XOAUTH2) &&
-      (smtpc->prefmech & SASL_MECH_XOAUTH2) &&
-      (smtpc->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
+  if(((smtpc->sasl.authmechs & SASL_MECH_XOAUTH2) &&
+      (smtpc->sasl.prefmech & SASL_MECH_XOAUTH2) &&
+      (smtpc->sasl.prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
      *mech = SASL_MECH_STRING_XOAUTH2;
      *state1 = SMTP_AUTH_XOAUTH2;
      *state2 = SMTP_AUTH_FINAL;
-    smtpc->authused = SASL_MECH_XOAUTH2;
+    smtpc->sasl.authused = SASL_MECH_XOAUTH2;
  
      if(data->set.sasl_ir)
        result = Curl_sasl_create_xoauth2_message(data, conn->user,
                                                  conn->xoauth2_bearer,
                                                  initresp, len);
    }
-  else if((smtpc->authmechs & SASL_MECH_LOGIN) &&
-          (smtpc->prefmech & SASL_MECH_LOGIN)) {
+  else if((smtpc->sasl.authmechs & SASL_MECH_LOGIN) &&
+          (smtpc->sasl.prefmech & SASL_MECH_LOGIN)) {
      *mech = SASL_MECH_STRING_LOGIN;
      *state1 = SMTP_AUTH_LOGIN;
      *state2 = SMTP_AUTH_LOGIN_PASSWD;
-    smtpc->authused = SASL_MECH_LOGIN;
+    smtpc->sasl.authused = SASL_MECH_LOGIN;
  
      if(data->set.sasl_ir)
        result = Curl_sasl_create_login_message(data, conn->user, initresp, len);
    }
-  else if((smtpc->authmechs & SASL_MECH_PLAIN) &&
-          (smtpc->prefmech & SASL_MECH_PLAIN)) {
+  else if((smtpc->sasl.authmechs & SASL_MECH_PLAIN) &&
+          (smtpc->sasl.prefmech & SASL_MECH_PLAIN)) {
      *mech = SASL_MECH_STRING_PLAIN;
      *state1 = SMTP_AUTH_PLAIN;
      *state2 = SMTP_AUTH_FINAL;
-    smtpc->authused = SASL_MECH_PLAIN;
+    smtpc->sasl.authused = SASL_MECH_PLAIN;
  
      if(data->set.sasl_ir)
        result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
diff --git a/lib/smtp.h b/lib/smtp.h

index 7a95efeafd70c43d2ba85fd90ab0a5503c395c40..a237d3e5c969982c6cb61e7bc4288bd4b78973d1 100644 (file)
--- a/lib/smtp.h
+++ b/lib/smtp.h
@@ -23,6 +23,7 @@
   ***************************************************************************/
  
  #include "pingpong.h"
+#include "curl_sasl.h"
  
  /****************************************************************************
   * SMTP unique setup
@@ -79,14 +80,11 @@ struct smtp_conn {
    smtpstate state;         /* Always use smtp.c:state() to change state! */
    bool ssldone;            /* Is connect() over SSL done? */
    char *domain;            /* Client address/name to send in the EHLO */
-  unsigned int authmechs;  /* Accepted authentication mechanisms */
-  unsigned int prefmech;   /* Preferred authentication mechanism */
-  unsigned int authused;   /* Auth mechanism used for the connection */
+  struct SASL sasl;        /* SASL-related storage */
    bool tls_supported;      /* StartTLS capability supported by server */
    bool size_supported;     /* If server supports SIZE extension according to
                                RFC 1870 */
    bool auth_supported;     /* AUTH capability supported by server */
-  bool mutual_auth;        /* Mutual authentication enabled (GSSAPI only) */
  };
  
  extern const struct Curl_handler Curl_handler_smtp;
author	Patrick Monnerat <pm@datasphere.ch>
	Tue, 20 Jan 2015 13:14:26 +0000 (14:14 +0100)
committer	Patrick Monnerat <pm@datasphere.ch>
	Tue, 20 Jan 2015 13:14:26 +0000 (14:14 +0100)
lib/curl_sasl.h		patch \| blob \| history
lib/imap.c		patch \| blob \| history
lib/imap.h		patch \| blob \| history
lib/pop3.c		patch \| blob \| history
lib/pop3.h		patch \| blob \| history
lib/smtp.c		patch \| blob \| history
lib/smtp.h		patch \| blob \| history