diff options
| author | Patrick Monnerat <patrick@monnerat.net> | 2018-02-21 17:42:25 +0100 |
|---|---|---|
| committer | Patrick Monnerat <patrick@monnerat.net> | 2018-02-21 17:42:25 +0100 |
| commit | de97b5fcefb110f3f34338b8292652340ddb1f63 (patch) | |
| tree | f41617a12b4b4f8778d77b4d12ab9bda7086be29 | |
| parent | 7b71b5150b3bdf2ce880a72c8a329995ca059d58 (diff) | |
| download | curl-de97b5fcefb110f3f34338b8292652340ddb1f63.tar.gz | |
sasl: prefer PLAIN mechanism over LOGIN
SASL PLAIN is a standard, LOGIN only a draft. The LOGIN draft says
PLAIN should be used instead if available.
| -rw-r--r-- | lib/curl_sasl.c | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index 550433d67..7052bd913 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -5,7 +5,7 @@ * | (__| |_| | _ <| |___ * \___|\___/|_| \_\_____| * - * Copyright (C) 2012 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al. + * Copyright (C) 2012 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. * * This software is licensed as described in the file COPYING, which * you should have received as part of this distribution. The terms @@ -361,15 +361,6 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, conn->oauth_bearer, &resp, &len); } - else if(enabledmechs & SASL_MECH_LOGIN) { - mech = SASL_MECH_STRING_LOGIN; - state1 = SASL_LOGIN; - state2 = SASL_LOGIN_PASSWD; - sasl->authused = SASL_MECH_LOGIN; - - if(force_ir || data->set.sasl_ir) - result = Curl_auth_create_login_message(data, conn->user, &resp, &len); - } else if(enabledmechs & SASL_MECH_PLAIN) { mech = SASL_MECH_STRING_PLAIN; state1 = SASL_PLAIN; @@ -379,6 +370,15 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, result = Curl_auth_create_plain_message(data, conn->user, conn->passwd, &resp, &len); } + else if(enabledmechs & SASL_MECH_LOGIN) { + mech = SASL_MECH_STRING_LOGIN; + state1 = SASL_LOGIN; + state2 = SASL_LOGIN_PASSWD; + sasl->authused = SASL_MECH_LOGIN; + + if(force_ir || data->set.sasl_ir) + result = Curl_auth_create_login_message(data, conn->user, &resp, &len); + } } if(!result && mech) { |