email: Added initial support for cancelling authentication

Should a client application fail to decode an authentication message
received from a server, or not support any of the parameters given by
the server in the message, then the authentication phrase should be
cancelled gracefully by the client rather than simply terminating the
connection.

The authentication phrase should be cancelled by simply sending a '*'
to the server, in response to erroneous data being received, as per
RFC-3501, RFC-4954 and RFC-5034.

This patch adds the necessary state machine constants and appropriate
response handlers in order to add this functionality for the CRAM-MD5,
DIGEST-MD5 and NTLM authentication mechanisms.

diff --git a/lib/imap.c b/lib/imap.c
index f856dcd3db5c70c082f93bc2396c1da602007b98..b17b7e533b3817f142e7c8d75aea3fc985b28733 100644 (file)
--- a/lib/imap.c
+++ b/lib/imap.c
@@ -426,6 +426,7 @@ static void state(struct connectdata *conn, imapstate newstate)
     "AUTHENTICATE_NTLM",
     "AUTHENTICATE_NTLM_TYPE2MSG",
     "AUTHENTICATE_XOAUTH2",
+    "AUTHENTICATE_CANCEL",
     "AUTHENTICATE_FINAL",
     "LOGIN",
     "LIST",
@@ -1287,7 +1288,7 @@ static CURLcode imap_state_auth_ntlm_type2msg_resp(struct connectdata *conn,
 }
 #endif
 
-/* For AUTH XOAUTH2 (without initial response) responses */
+/* For AUTHENTICATE XOAUTH2 (without initial response) responses */
 static CURLcode imap_state_auth_xoauth2_resp(struct connectdata *conn,
                                              int imapcode,
                                              imapstate instate)
@@ -1325,7 +1326,22 @@ static CURLcode imap_state_auth_xoauth2_resp(struct connectdata *conn,
   return result;
 }
 
-/* For final responses to the AUTHENTICATE sequence */
+/* For AUTHENTICATE cancellation responses */
+static CURLcode imap_state_auth_cancel_resp(struct connectdata *conn,
+                                            int imapcode,
+                                            imapstate instate)
+{
+  struct SessionHandle *data = conn->data;
+
+  (void)imapcode;
+  (void)instate; /* no use for this yet */
+
+  failf(data, "Authentication cancelled");
+
+  return CURLE_LOGIN_DENIED;
+}
+
+/* For final responses in the AUTHENTICATE sequence */
 static CURLcode imap_state_auth_final_resp(struct connectdata *conn,
                                            int imapcode,
                                            imapstate instate)
@@ -1678,6 +1694,10 @@ static CURLcode imap_statemach_act(struct connectdata *conn)
       result = imap_state_auth_xoauth2_resp(conn, imapcode, imapc->state);
       break;
 
+    case IMAP_AUTHENTICATE_CANCEL:
+      result = imap_state_auth_cancel_resp(conn, imapcode, imapc->state);
+      break;
+
     case IMAP_AUTHENTICATE_FINAL:
       result = imap_state_auth_final_resp(conn, imapcode, imapc->state);
       break;

diff --git a/lib/imap.h b/lib/imap.h
index 1d4faabd702e173aab19543d6efeaadaf288aea6..7c9a72066ccd89703ff8cd57368b3e86da2ba731 100644 (file)
--- a/lib/imap.h
+++ b/lib/imap.h
@@ -44,6 +44,7 @@ typedef enum {
   IMAP_AUTHENTICATE_NTLM,
   IMAP_AUTHENTICATE_NTLM_TYPE2MSG,
   IMAP_AUTHENTICATE_XOAUTH2,
+  IMAP_AUTHENTICATE_CANCEL,
   IMAP_AUTHENTICATE_FINAL,
   IMAP_LOGIN,
   IMAP_LIST,

diff --git a/lib/pop3.c b/lib/pop3.c
index 7fc755e1270e71e64fa0c38685770b8e85a72cc3..f4dc5d1b3f55c1f9237349691dfd660b496898ef 100644 (file)
--- a/lib/pop3.c
+++ b/lib/pop3.c
@@ -405,6 +405,7 @@ static void state(struct connectdata *conn, pop3state newstate)
     "AUTH_NTLM",
     "AUTH_NTLM_TYPE2MSG",
     "AUTH_XOAUTH2",
+    "AUTH_CANCEL",
     "AUTH_FINAL",
     "APOP",
     "USER",
@@ -1182,7 +1183,22 @@ static CURLcode pop3_state_auth_xoauth2_resp(struct connectdata *conn,
   return result;
 }
 
-/* For final responses to the AUTH sequence */
+/* For AUTH cancellation responses */
+static CURLcode pop3_state_auth_cancel_resp(struct connectdata *conn,
+                                            int pop3code,
+                                            pop3state instate)
+{
+  struct SessionHandle *data = conn->data;
+
+  (void)pop3code;
+  (void)instate; /* no use for this yet */
+
+  failf(data, "Authentication cancelled");
+
+  return CURLE_LOGIN_DENIED;
+}
+
+/* For final responses in the AUTH sequence */
 static CURLcode pop3_state_auth_final_resp(struct connectdata *conn,
                                            int pop3code,
                                            pop3state instate)
@@ -1404,6 +1420,10 @@ static CURLcode pop3_statemach_act(struct connectdata *conn)
       result = pop3_state_auth_xoauth2_resp(conn, pop3code, pop3c->state);
       break;
 
+    case POP3_AUTH_CANCEL:
+      result = pop3_state_auth_cancel_resp(conn, pop3code, pop3c->state);
+      break;
+
     case POP3_AUTH_FINAL:
       result = pop3_state_auth_final_resp(conn, pop3code, pop3c->state);
       break;

diff --git a/lib/pop3.h b/lib/pop3.h
index 7bc77449558a96cfbf170d760d15fe729e80810b..1964d72e4afae144588359c43ba1de709f2b2dbe 100644 (file)
--- a/lib/pop3.h
+++ b/lib/pop3.h
@@ -44,6 +44,7 @@ typedef enum {
   POP3_AUTH_NTLM,
   POP3_AUTH_NTLM_TYPE2MSG,
   POP3_AUTH_XOAUTH2,
+  POP3_AUTH_CANCEL,
   POP3_AUTH_FINAL,
   POP3_APOP,
   POP3_USER,

diff --git a/lib/smtp.c b/lib/smtp.c
index 9540ddb5ee2950a3fd242e214284f518dfa43d41..7e07ba6d96925634e8fd8737feb2c778d5cccd9f 100644 (file)
--- a/lib/smtp.c
+++ b/lib/smtp.c
@@ -363,6 +363,7 @@ static void state(struct connectdata *conn, smtpstate newstate)
     "AUTH_NTLM",
     "AUTH_NTLM_TYPE2MSG",
     "AUTH_XOAUTH2",
+    "AUTH_CANCEL",
     "AUTH_FINAL",
     "MAIL",
     "RCPT",
@@ -1163,7 +1164,22 @@ static CURLcode smtp_state_auth_xoauth2_resp(struct connectdata *conn,
   return result;
 }
 
-/* For the final responses to the AUTH sequence */
+/* For AUTH cancellation responses */
+static CURLcode smtp_state_auth_cancel_resp(struct connectdata *conn,
+                                            int smtpcode,
+                                            smtpstate instate)
+{
+  struct SessionHandle *data = conn->data;
+
+  (void)smtpcode;
+  (void)instate; /* no use for this yet */
+
+  failf(data, "Authentication cancelled");
+
+  return CURLE_LOGIN_DENIED;
+}
+
+/* For final responses in the AUTH sequence */
 static CURLcode smtp_state_auth_final_resp(struct connectdata *conn,
                                            int smtpcode,
                                            smtpstate instate)
@@ -1375,6 +1391,10 @@ static CURLcode smtp_statemach_act(struct connectdata *conn)
       result = smtp_state_auth_xoauth2_resp(conn, smtpcode, smtpc->state);
       break;
 
+    case SMTP_AUTH_CANCEL:
+      result = smtp_state_auth_cancel_resp(conn, smtpcode, smtpc->state);
+      break;
+
     case SMTP_AUTH_FINAL:
       result = smtp_state_auth_final_resp(conn, smtpcode, smtpc->state);
       break;

diff --git a/lib/smtp.h b/lib/smtp.h
index 14429a5e7e4f7f24b1c46a2086eb5ebb7fda8547..7d91657a4fdf8d651e9eebe0c31a98121d7551e1 100644 (file)
--- a/lib/smtp.h
+++ b/lib/smtp.h
@@ -45,6 +45,7 @@ typedef enum {
   SMTP_AUTH_NTLM,
   SMTP_AUTH_NTLM_TYPE2MSG,
   SMTP_AUTH_XOAUTH2,
+  SMTP_AUTH_CANCEL,
   SMTP_AUTH_FINAL,
   SMTP_MAIL,        /* MAIL FROM */
   SMTP_RCPT,        /* RCPT TO */