summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSteve Holme <steve_holme@hotmail.com>2019-04-18 21:54:35 +0100
committerSteve Holme <steve_holme@hotmail.com>2019-04-22 12:29:49 +0100
commiteb84ca3ea8f793ecbedf7865c41a8d1b9f59efb7 (patch)
treebd8b0144d60fb1eb1634591428ff20f1a9824e21
parentb21701c54ba050145246e89c5137015479c65f7e (diff)
downloadcurl-eb84ca3ea8f793ecbedf7865c41a8d1b9f59efb7.tar.gz
sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616
RFC 4616 specifies the authzid is optional in the client authentication message and that the server will derive the authorisation identity (authzid) from the authentication identity (authcid) when not specified by the client.
-rw-r--r--lib/curl_sasl.c4
-rw-r--r--tests/data/test8194
-rw-r--r--tests/data/test8252
-rw-r--r--tests/data/test8334
-rw-r--r--tests/data/test8344
-rw-r--r--tests/data/test8354
-rw-r--r--tests/data/test8654
-rw-r--r--tests/data/test8712
-rw-r--r--tests/data/test8794
-rw-r--r--tests/data/test8804
-rw-r--r--tests/data/test8814
-rw-r--r--tests/data/test9034
-rw-r--r--tests/data/test9192
-rw-r--r--tests/data/test9354
-rw-r--r--tests/data/test9364
-rw-r--r--tests/data/test9374
16 files changed, 29 insertions, 29 deletions
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index 94b51e541..c609b1ded 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -367,7 +367,7 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
sasl->authused = SASL_MECH_PLAIN;
if(force_ir || data->set.sasl_ir)
- result = Curl_auth_create_plain_message(data, conn->user, conn->user,
+ result = Curl_auth_create_plain_message(data, NULL, conn->user,
conn->passwd, &resp, &len);
}
else if(enabledmechs & SASL_MECH_LOGIN) {
@@ -450,7 +450,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
*progress = SASL_DONE;
return result;
case SASL_PLAIN:
- result = Curl_auth_create_plain_message(data, conn->user, conn->user,
+ result = Curl_auth_create_plain_message(data, NULL, conn->user,
conn->passwd, &resp, &len);
break;
case SASL_LOGIN:
diff --git a/tests/data/test819 b/tests/data/test819
index b88e35055..4213e3ea6 100644
--- a/tests/data/test819
+++ b/tests/data/test819
@@ -14,7 +14,7 @@ RFC4616
<servercmd>
AUTH PLAIN
REPLY AUTHENTICATE +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A002 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A002 OK AUTHENTICATE completed
</servercmd>
<data>
From: me@somewhere
@@ -47,7 +47,7 @@ IMAP plain authentication
<protocol>
A001 CAPABILITY
A002 AUTHENTICATE PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
A003 SELECT 819
A004 FETCH 1 BODY[]
A005 LOGOUT
diff --git a/tests/data/test825 b/tests/data/test825
index b489e95de..d28b6a519 100644
--- a/tests/data/test825
+++ b/tests/data/test825
@@ -47,7 +47,7 @@ IMAP plain authentication with initial response
<verify>
<protocol>
A001 CAPABILITY
-A002 AUTHENTICATE PLAIN dXNlcgB1c2VyAHNlY3JldA==
+A002 AUTHENTICATE PLAIN AHVzZXIAc2VjcmV0
A003 SELECT 825
A004 FETCH 1 BODY[]
A005 LOGOUT
diff --git a/tests/data/test833 b/tests/data/test833
index dc8214b8e..2c694adcc 100644
--- a/tests/data/test833
+++ b/tests/data/test833
@@ -18,7 +18,7 @@ AUTH CRAM-MD5 PLAIN
REPLY "AUTHENTICATE CRAM-MD5" + Rubbish
REPLY * A002 NO AUTH exchange cancelled by client
REPLY "AUTHENTICATE PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
</servercmd>
<data>
From: me@somewhere
@@ -56,7 +56,7 @@ A001 CAPABILITY
A002 AUTHENTICATE CRAM-MD5
*
A003 AUTHENTICATE PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
A004 SELECT 833
A005 FETCH 1 BODY[]
A006 LOGOUT
diff --git a/tests/data/test834 b/tests/data/test834
index fc131773b..35ab06aff 100644
--- a/tests/data/test834
+++ b/tests/data/test834
@@ -18,7 +18,7 @@ REPLY "AUTHENTICATE NTLM" +
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish
REPLY * A002 NO AUTH exchange cancelled by client
REPLY "AUTHENTICATE PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
</servercmd>
<data>
From: me@somewhere
@@ -67,7 +67,7 @@ A002 AUTHENTICATE NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
*
A003 AUTHENTICATE PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
A004 SELECT 834
A005 FETCH 1 BODY[]
A006 LOGOUT
diff --git a/tests/data/test835 b/tests/data/test835
index 400233c0c..b44e877ec 100644
--- a/tests/data/test835
+++ b/tests/data/test835
@@ -18,7 +18,7 @@ AUTH DIGEST-MD5 PLAIN
REPLY "AUTHENTICATE DIGEST-MD5" + Rubbish
REPLY * A002 NO AUTH exchange cancelled by client
REPLY "AUTHENTICATE PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
</servercmd>
<data>
From: me@somewhere
@@ -58,7 +58,7 @@ A001 CAPABILITY
A002 AUTHENTICATE DIGEST-MD5
*
A003 AUTHENTICATE PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
A004 SELECT 835
A005 FETCH 1 BODY[]
A006 LOGOUT
diff --git a/tests/data/test865 b/tests/data/test865
index 6f66f82d7..8a262fcc5 100644
--- a/tests/data/test865
+++ b/tests/data/test865
@@ -16,7 +16,7 @@ RFC5034
<servercmd>
AUTH PLAIN
REPLY AUTH +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
</servercmd>
<data>
From: me@somewhere
@@ -49,7 +49,7 @@ pop3://%HOSTIP:%POP3PORT/865 -u user:secret
<protocol>
CAPA
AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
RETR 865
QUIT
</protocol>
diff --git a/tests/data/test871 b/tests/data/test871
index f4f236041..27cc2a4b3 100644
--- a/tests/data/test871
+++ b/tests/data/test871
@@ -48,7 +48,7 @@ pop3://%HOSTIP:%POP3PORT/871 -u user:secret --sasl-ir
<verify>
<protocol>
CAPA
-AUTH PLAIN dXNlcgB1c2VyAHNlY3JldA==
+AUTH PLAIN AHVzZXIAc2VjcmV0
RETR 871
QUIT
</protocol>
diff --git a/tests/data/test879 b/tests/data/test879
index 681d779b2..0d45aaa20 100644
--- a/tests/data/test879
+++ b/tests/data/test879
@@ -20,7 +20,7 @@ AUTH CRAM-MD5 PLAIN
REPLY "AUTH CRAM-MD5" + Rubbish
REPLY * -ERR AUTH exchange cancelled by client
REPLY "AUTH PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
</servercmd>
<data>
From: me@somewhere
@@ -58,7 +58,7 @@ CAPA
AUTH CRAM-MD5
*
AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
RETR 879
QUIT
</protocol>
diff --git a/tests/data/test880 b/tests/data/test880
index f5eb69731..738817cd3 100644
--- a/tests/data/test880
+++ b/tests/data/test880
@@ -20,7 +20,7 @@ REPLY "AUTH NTLM" +
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish
REPLY * -ERR AUTH exchange cancelled by client
REPLY "AUTH PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
</servercmd>
<data>
From: me@somewhere
@@ -69,7 +69,7 @@ AUTH NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
*
AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
RETR 880
QUIT
</protocol>
diff --git a/tests/data/test881 b/tests/data/test881
index 80eca500c..ccb906d9d 100644
--- a/tests/data/test881
+++ b/tests/data/test881
@@ -20,7 +20,7 @@ AUTH DIGEST-MD5 PLAIN
REPLY "AUTH DIGEST-MD5" + Rubbish
REPLY * -ERR AUTH exchange cancelled by client
REPLY "AUTH PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
</servercmd>
<data>
From: me@somewhere
@@ -60,7 +60,7 @@ CAPA
AUTH DIGEST-MD5
*
AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
RETR 881
QUIT
</protocol>
diff --git a/tests/data/test903 b/tests/data/test903
index 2baf5e696..8a766e56d 100644
--- a/tests/data/test903
+++ b/tests/data/test903
@@ -15,7 +15,7 @@ RFC4954
<servercmd>
AUTH PLAIN
REPLY AUTH 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
</servercmd>
</reply>
@@ -42,7 +42,7 @@ smtp://%HOSTIP:%SMTPPORT/903 --mail-rcpt recipient@example.com --mail-from sende
<protocol>
EHLO 903
AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA
diff --git a/tests/data/test919 b/tests/data/test919
index 3e74494cb..39794e30b 100644
--- a/tests/data/test919
+++ b/tests/data/test919
@@ -41,7 +41,7 @@ smtp://%HOSTIP:%SMTPPORT/919 --mail-rcpt recipient@example.com --mail-from sende
<verify>
<protocol>
EHLO 919
-AUTH PLAIN dXNlcgB1c2VyAHNlY3JldA==
+AUTH PLAIN AHVzZXIAc2VjcmV0
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA
diff --git a/tests/data/test935 b/tests/data/test935
index 3fd5c2e50..946611477 100644
--- a/tests/data/test935
+++ b/tests/data/test935
@@ -19,7 +19,7 @@ AUTH CRAM-MD5 PLAIN
REPLY "AUTH CRAM-MD5" 334 Rubbish
REPLY * 501 AUTH exchange cancelled by client
REPLY "AUTH PLAIN" 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
</servercmd>
</reply>
@@ -51,7 +51,7 @@ EHLO 935
AUTH CRAM-MD5
*
AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA
diff --git a/tests/data/test936 b/tests/data/test936
index 88c8a937e..5fde3c967 100644
--- a/tests/data/test936
+++ b/tests/data/test936
@@ -19,7 +19,7 @@ REPLY "AUTH NTLM" 334 NTLM supported
REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 334 Rubbish
REPLY * 501 AUTH exchange cancelled by client
REPLY "AUTH PLAIN" 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
</servercmd>
</reply>
@@ -62,7 +62,7 @@ AUTH NTLM
TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
*
AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA
diff --git a/tests/data/test937 b/tests/data/test937
index a2cb9b5c0..5e729e308 100644
--- a/tests/data/test937
+++ b/tests/data/test937
@@ -19,7 +19,7 @@ AUTH DIGEST-MD5 PLAIN
REPLY "AUTH DIGEST-MD5" 334 Rubbish
REPLY * 501 AUTH exchange cancelled by client
REPLY "AUTH PLAIN" 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
</servercmd>
</reply>
@@ -53,7 +53,7 @@ EHLO 937
AUTH DIGEST-MD5
*
AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA