sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616

author Steve Holme <steve_holme@hotmail.com>

Thu, 18 Apr 2019 20:54:35 +0000 (21:54 +0100)

committer Steve Holme <steve_holme@hotmail.com>

Mon, 22 Apr 2019 11:29:49 +0000 (12:29 +0100)
author Steve Holme <steve_holme@hotmail.com>
Thu, 18 Apr 2019 20:54:35 +0000 (21:54 +0100)
committer Steve Holme <steve_holme@hotmail.com>
Mon, 22 Apr 2019 11:29:49 +0000 (12:29 +0100)
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c

index 94b51e54199be73e530db53882055e704c5b70ad..c609b1dededd3b2776a8be40ef8b88428f688d00 100644 (file)
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -367,7 +367,7 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
        sasl->authused = SASL_MECH_PLAIN;
  
        if(force_ir || data->set.sasl_ir)
-        result = Curl_auth_create_plain_message(data, conn->user, conn->user,
+        result = Curl_auth_create_plain_message(data, NULL, conn->user,
                                                  conn->passwd, &resp, &len);
      }
      else if(enabledmechs & SASL_MECH_LOGIN) {
@@ -450,7 +450,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
      *progress = SASL_DONE;
      return result;
    case SASL_PLAIN:
-    result = Curl_auth_create_plain_message(data, conn->user, conn->user,
+    result = Curl_auth_create_plain_message(data, NULL, conn->user,
                                              conn->passwd, &resp, &len);
      break;
    case SASL_LOGIN:
diff --git a/tests/data/test819 b/tests/data/test819

index b88e350559eb97f957dc34bd8f94476c7ae0ba98..4213e3ea68b6eed0e56c0c5fc99c442345ca6386 100644 (file)
--- a/tests/data/test819
+++ b/tests/data/test819
@@ -14,7 +14,7 @@ RFC4616
  <servercmd>
  AUTH PLAIN
  REPLY AUTHENTICATE +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A002 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A002 OK AUTHENTICATE completed
  </servercmd>
  <data>
  From: me@somewhere\r
@@ -47,7 +47,7 @@ IMAP plain authentication
  <protocol>
  A001 CAPABILITY\r
  A002 AUTHENTICATE PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  A003 SELECT 819\r
  A004 FETCH 1 BODY[]\r
  A005 LOGOUT\r
diff --git a/tests/data/test825 b/tests/data/test825

index b489e95de6683d8bb94ba0ae28fc3ef56fa1fb51..d28b6a519a0361d013a0dd8c130736c46b636b91 100644 (file)
--- a/tests/data/test825
+++ b/tests/data/test825
@@ -47,7 +47,7 @@ IMAP plain authentication with initial response
  <verify>
  <protocol>
  A001 CAPABILITY\r
-A002 AUTHENTICATE PLAIN dXNlcgB1c2VyAHNlY3JldA==\r
+A002 AUTHENTICATE PLAIN AHVzZXIAc2VjcmV0\r
  A003 SELECT 825\r
  A004 FETCH 1 BODY[]\r
  A005 LOGOUT\r
diff --git a/tests/data/test833 b/tests/data/test833

index dc8214b8ec80c16d7813c6c003c4b764bb3fb414..2c694adccafce3f61838378c1c041f30a0ddea78 100644 (file)
--- a/tests/data/test833
+++ b/tests/data/test833
@@ -18,7 +18,7 @@ AUTH CRAM-MD5 PLAIN
  REPLY "AUTHENTICATE CRAM-MD5" + Rubbish
  REPLY * A002 NO AUTH exchange cancelled by client
  REPLY "AUTHENTICATE PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
  </servercmd>
  <data>
  From: me@somewhere\r
@@ -56,7 +56,7 @@ A001 CAPABILITY
  A002 AUTHENTICATE CRAM-MD5\r
  *\r
  A003 AUTHENTICATE PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  A004 SELECT 833\r
  A005 FETCH 1 BODY[]\r
  A006 LOGOUT\r
diff --git a/tests/data/test834 b/tests/data/test834

index fc131773b68f015e65f864a78cf42fa124234874..35ab06aff5a0e27ff8cb84abe25a2e547682f180 100644 (file)
--- a/tests/data/test834
+++ b/tests/data/test834
@@ -18,7 +18,7 @@ REPLY "AUTHENTICATE NTLM" +
  REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish
  REPLY * A002 NO AUTH exchange cancelled by client
  REPLY "AUTHENTICATE PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
  </servercmd>
  <data>
  From: me@somewhere\r
@@ -67,7 +67,7 @@ A002 AUTHENTICATE NTLM
  TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
  *\r
  A003 AUTHENTICATE PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  A004 SELECT 834\r
  A005 FETCH 1 BODY[]\r
  A006 LOGOUT\r
diff --git a/tests/data/test835 b/tests/data/test835

index 400233c0cb5c494fd4f92e3c723917e4cd225503..b44e877ec453ed3885c78bc3b6db294fe90ed794 100644 (file)
--- a/tests/data/test835
+++ b/tests/data/test835
@@ -18,7 +18,7 @@ AUTH DIGEST-MD5 PLAIN
  REPLY "AUTHENTICATE DIGEST-MD5" + Rubbish
  REPLY * A002 NO AUTH exchange cancelled by client
  REPLY "AUTHENTICATE PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
  </servercmd>
  <data>
  From: me@somewhere\r
@@ -58,7 +58,7 @@ A001 CAPABILITY
  A002 AUTHENTICATE DIGEST-MD5\r
  *\r
  A003 AUTHENTICATE PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  A004 SELECT 835\r
  A005 FETCH 1 BODY[]\r
  A006 LOGOUT\r
diff --git a/tests/data/test865 b/tests/data/test865

index 6f66f82d7de9ac1aac0aa33a11ce021863b813aa..8a262fcc51ea6bfdee07d67022c3a5a726d2a53e 100644 (file)
--- a/tests/data/test865
+++ b/tests/data/test865
@@ -16,7 +16,7 @@ RFC5034
  <servercmd>
  AUTH PLAIN
  REPLY AUTH +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
  </servercmd>
  <data>
  From: me@somewhere\r
@@ -49,7 +49,7 @@ pop3://%HOSTIP:%POP3PORT/865 -u user:secret
  <protocol>
  CAPA\r
  AUTH PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  RETR 865\r
  QUIT\r
  </protocol>
diff --git a/tests/data/test871 b/tests/data/test871

index f4f236041664c587217bb281006550ba2fec57d5..27cc2a4b3c6c29a65ce21855333567ae304bcf0e 100644 (file)
--- a/tests/data/test871
+++ b/tests/data/test871
@@ -48,7 +48,7 @@ pop3://%HOSTIP:%POP3PORT/871 -u user:secret --sasl-ir
  <verify>
  <protocol>
  CAPA\r
-AUTH PLAIN dXNlcgB1c2VyAHNlY3JldA==\r
+AUTH PLAIN AHVzZXIAc2VjcmV0\r
  RETR 871\r
  QUIT\r
  </protocol>
diff --git a/tests/data/test879 b/tests/data/test879

index 681d779b2a4ddc74b0c3f30d69d54c8c16c9bcc5..0d45aaa20f659b73967853bfd7c7e575440a5a94 100644 (file)
--- a/tests/data/test879
+++ b/tests/data/test879
@@ -20,7 +20,7 @@ AUTH CRAM-MD5 PLAIN
  REPLY "AUTH CRAM-MD5" + Rubbish
  REPLY * -ERR AUTH exchange cancelled by client
  REPLY "AUTH PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
  </servercmd>
  <data>
  From: me@somewhere\r
@@ -58,7 +58,7 @@ CAPA
  AUTH CRAM-MD5\r
  *\r
  AUTH PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  RETR 879\r
  QUIT\r
  </protocol>
diff --git a/tests/data/test880 b/tests/data/test880

index f5eb697314786df404b6b005be20454d9cbfc970..738817cd36467e6670041751956cb3d04d9da956 100644 (file)
--- a/tests/data/test880
+++ b/tests/data/test880
@@ -20,7 +20,7 @@ REPLY "AUTH NTLM" +
  REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish
  REPLY * -ERR AUTH exchange cancelled by client
  REPLY "AUTH PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
  </servercmd>
  <data>
  From: me@somewhere\r
@@ -69,7 +69,7 @@ AUTH NTLM
  TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
  *\r
  AUTH PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  RETR 880\r
  QUIT\r
  </protocol>
diff --git a/tests/data/test881 b/tests/data/test881

index 80eca500c4d331bae913d5ed0136e35568452648..ccb906d9d85a1d2abfe0222d017c31bca0638320 100644 (file)
--- a/tests/data/test881
+++ b/tests/data/test881
@@ -20,7 +20,7 @@ AUTH DIGEST-MD5 PLAIN
  REPLY "AUTH DIGEST-MD5" + Rubbish
  REPLY * -ERR AUTH exchange cancelled by client
  REPLY "AUTH PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
  </servercmd>
  <data>
  From: me@somewhere\r
@@ -60,7 +60,7 @@ CAPA
  AUTH DIGEST-MD5\r
  *\r
  AUTH PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  RETR 881\r
  QUIT\r
  </protocol>
diff --git a/tests/data/test903 b/tests/data/test903

index 2baf5e69624dc884efe8eaeef904917fac68047a..8a766e56d319f7cb8872176af377e36c10f646c3 100644 (file)
--- a/tests/data/test903
+++ b/tests/data/test903
@@ -15,7 +15,7 @@ RFC4954
  <servercmd>
  AUTH PLAIN
  REPLY AUTH 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
  </servercmd>
  </reply>
  
@@ -42,7 +42,7 @@ smtp://%HOSTIP:%SMTPPORT/903 --mail-rcpt recipient@example.com --mail-from sende
  <protocol>
  EHLO 903\r
  AUTH PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  MAIL FROM:<sender@example.com>\r
  RCPT TO:<recipient@example.com>\r
  DATA\r
diff --git a/tests/data/test919 b/tests/data/test919

index 3e74494cbd2c14593e733ee2e9d308b0b3ba7c0c..39794e30b36096a635c233922cc21e6ab3459fa8 100644 (file)
--- a/tests/data/test919
+++ b/tests/data/test919
@@ -41,7 +41,7 @@ smtp://%HOSTIP:%SMTPPORT/919 --mail-rcpt recipient@example.com --mail-from sende
  <verify>
  <protocol>
  EHLO 919\r
-AUTH PLAIN dXNlcgB1c2VyAHNlY3JldA==\r
+AUTH PLAIN AHVzZXIAc2VjcmV0\r
  MAIL FROM:<sender@example.com>\r
  RCPT TO:<recipient@example.com>\r
  DATA\r
diff --git a/tests/data/test935 b/tests/data/test935

index 3fd5c2e503a7ad4c3d3829d04e9acdcf8bd06238..946611477d097e0f477e5992c06e1d9159ada537 100644 (file)
--- a/tests/data/test935
+++ b/tests/data/test935
@@ -19,7 +19,7 @@ AUTH CRAM-MD5 PLAIN
  REPLY "AUTH CRAM-MD5" 334 Rubbish
  REPLY * 501 AUTH exchange cancelled by client
  REPLY "AUTH PLAIN" 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
  </servercmd>
  </reply>
  
@@ -51,7 +51,7 @@ EHLO 935
  AUTH CRAM-MD5\r
  *\r
  AUTH PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  MAIL FROM:<sender@example.com>\r
  RCPT TO:<recipient@example.com>\r
  DATA\r
diff --git a/tests/data/test936 b/tests/data/test936

index 88c8a937e9afdc8a054f86f788475be3299e5954..5fde3c96725cb2a0ebc78e74e2704b8f8364f9ce 100644 (file)
--- a/tests/data/test936
+++ b/tests/data/test936
@@ -19,7 +19,7 @@ REPLY "AUTH NTLM" 334 NTLM supported
  REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 334 Rubbish
  REPLY * 501 AUTH exchange cancelled by client
  REPLY "AUTH PLAIN" 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
  </servercmd>
  </reply>
  
@@ -62,7 +62,7 @@ AUTH NTLM
  TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=\r
  *\r
  AUTH PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  MAIL FROM:<sender@example.com>\r
  RCPT TO:<recipient@example.com>\r
  DATA\r
diff --git a/tests/data/test937 b/tests/data/test937

index a2cb9b5c037c062539aee774f7114fa0aec7cb17..5e729e30836fdd4ce5f0e85907f44596d7c2398d 100644 (file)
--- a/tests/data/test937
+++ b/tests/data/test937
@@ -19,7 +19,7 @@ AUTH DIGEST-MD5 PLAIN
  REPLY "AUTH DIGEST-MD5" 334 Rubbish
  REPLY * 501 AUTH exchange cancelled by client
  REPLY "AUTH PLAIN" 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
  </servercmd>
  </reply>
  
@@ -53,7 +53,7 @@ EHLO 937
  AUTH DIGEST-MD5\r
  *\r
  AUTH PLAIN\r
-dXNlcgB1c2VyAHNlY3JldA==\r
+AHVzZXIAc2VjcmV0\r
  MAIL FROM:<sender@example.com>\r
  RCPT TO:<recipient@example.com>\r
  DATA\r
author	Steve Holme <steve_holme@hotmail.com>
	Thu, 18 Apr 2019 20:54:35 +0000 (21:54 +0100)
committer	Steve Holme <steve_holme@hotmail.com>
	Mon, 22 Apr 2019 11:29:49 +0000 (12:29 +0100)
lib/curl_sasl.c		patch \| blob \| history
tests/data/test819		patch \| blob \| history
tests/data/test825		patch \| blob \| history
tests/data/test833		patch \| blob \| history
tests/data/test834		patch \| blob \| history
tests/data/test835		patch \| blob \| history
tests/data/test865		patch \| blob \| history
tests/data/test871		patch \| blob \| history
tests/data/test879		patch \| blob \| history
tests/data/test880		patch \| blob \| history
tests/data/test881		patch \| blob \| history
tests/data/test903		patch \| blob \| history
tests/data/test919		patch \| blob \| history
tests/data/test935		patch \| blob \| history
tests/data/test936		patch \| blob \| history
tests/data/test937		patch \| blob \| history