diff options
author | Jay Satiro <raysatiro@yahoo.com> | 2019-05-24 14:53:03 -0400 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2019-05-25 23:36:11 +0200 |
commit | db8ec1fa38a899d3542dd89ac8be0a6f00c805ac (patch) | |
tree | b6c969212d2ae449071d56759268d5d450b5acd2 | |
parent | 84086b39c14c930947b0de2abe5d8eff712f29e4 (diff) | |
download | curl-db8ec1fa38a899d3542dd89ac8be0a6f00c805ac.tar.gz |
Revert all SASL authzid (new feature) commits
- Revert all commits related to the SASL authzid feature since the next
release will be a patch release, 7.65.1.
Prior to this change CURLOPT_SASL_AUTHZID / --sasl-authzid was destined
for the next release, assuming it would be a feature release 7.66.0.
However instead the next release will be a patch release, 7.65.1 and
will not contain any new features.
After the patch release after the reverted commits can be restored by
using cherry-pick:
git cherry-pick a14d72c a9499ff 8c1cc36 c2a8d52 0edf690
Details for all reverted commits:
Revert "os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()."
This reverts commit 0edf6907ae37e2020722e6f61229d8ec64095b0a.
Revert "tests: Fix the line endings for the SASL alt-auth tests"
This reverts commit c2a8d52a1356a722ff9f4aeb983cd4eaf80ef221.
Revert "examples: Added SASL PLAIN authorisation identity (authzid) examples"
This reverts commit 8c1cc369d0c7163c6dcc91fd38edfea1f509ae75.
Revert "curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool"
This reverts commit a9499ff136d89987af885e2d7dff0a066a3e5817.
Revert "sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID"
This reverts commit a14d72ca2fec5d4eb5a043936e4f7ce08015c177.
31 files changed, 17 insertions, 763 deletions
diff --git a/docs/cmdline-opts/Makefile.inc b/docs/cmdline-opts/Makefile.inc index 9f8c64c28..7a8af6f9e 100644 --- a/docs/cmdline-opts/Makefile.inc +++ b/docs/cmdline-opts/Makefile.inc @@ -154,7 +154,6 @@ DPAGES = \ retry-delay.d \ retry-max-time.d \ retry.d \ - sasl-authzid.d \ sasl-ir.d \ service-name.d \ show-error.d \ diff --git a/docs/cmdline-opts/sasl-authzid.d b/docs/cmdline-opts/sasl-authzid.d deleted file mode 100644 index b34db97fc..000000000 --- a/docs/cmdline-opts/sasl-authzid.d +++ /dev/null @@ -1,11 +0,0 @@ -Long: sasl-authzid -Help: Use this identity to act as during SASL PLAIN authentication -Added: 7.66.0 ---- -Use this authorisation identity (authzid), during SASL PLAIN authentication, -in addition to the authentication identity (authcid) as specified by --user. - -If the option isn't specified, the server will derive the authzid from the -authcid, but if specified, and depending on the server implementation, it may -be used to access another user's inbox, that the user has been granted access -to, or a shared mailbox for example. diff --git a/docs/examples/Makefile.inc b/docs/examples/Makefile.inc index d0cce337c..8dd55b9df 100644 --- a/docs/examples/Makefile.inc +++ b/docs/examples/Makefile.inc @@ -5,7 +5,7 @@ # | (__| |_| | _ <| |___ # \___|\___/|_| \_\_____| # -# Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. +# Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al. # # This software is licensed as described in the file COPYING, which # you should have received as part of this distribution. The terms @@ -35,7 +35,7 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \ http2-upload http2-serverpush getredirect ftpuploadfrommem \ ftpuploadresume sslbackend postit2-formadd multi-formadd \ shared-connection-cache sftpuploadresume http2-pushinmemory parseurl \ - urlapi imap-authzid pop3-authzid smtp-authzid + urlapi # These examples require external dependencies that may not be commonly # available on POSIX systems, so don't bother attempting to compile them here. diff --git a/docs/examples/imap-authzid.c b/docs/examples/imap-authzid.c deleted file mode 100644 index bfe7d71d7..000000000 --- a/docs/examples/imap-authzid.c +++ /dev/null @@ -1,71 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - ***************************************************************************/ - -/* <DESC> - * IMAP example showing how to retreieve e-mails from a shared mailed box - * </DESC> - */ - -#include <stdio.h> -#include <curl/curl.h> - -/* This is a simple example showing how to fetch mail using libcurl's IMAP - * capabilities. - * - * Note that this example requires libcurl 7.66.0 or above. - */ - -int main(void) -{ - CURL *curl; - CURLcode res = CURLE_OK; - - curl = curl_easy_init(); - if(curl) { - /* Set the username and password */ - curl_easy_setopt(curl, CURLOPT_USERNAME, "user"); - curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret"); - - /* Set the authorisation identity (identity to act as) */ - curl_easy_setopt(curl, CURLOPT_SASL_AUTHZID, "shared-mailbox"); - - /* Force PLAIN authentication */ - curl_easy_setopt(curl, CURLOPT_LOGIN_OPTIONS, "AUTH=PLAIN"); - - /* This will fetch message 1 from the user's inbox */ - curl_easy_setopt(curl, CURLOPT_URL, - "imap://imap.example.com/INBOX/;UID=1"); - - /* Perform the fetch */ - res = curl_easy_perform(curl); - - /* Check for errors */ - if(res != CURLE_OK) - fprintf(stderr, "curl_easy_perform() failed: %s\n", - curl_easy_strerror(res)); - - /* Always cleanup */ - curl_easy_cleanup(curl); - } - - return (int)res; -} diff --git a/docs/examples/pop3-authzid.c b/docs/examples/pop3-authzid.c deleted file mode 100644 index 57363579a..000000000 --- a/docs/examples/pop3-authzid.c +++ /dev/null @@ -1,70 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - ***************************************************************************/ - -/* <DESC> - * POP3 example showing how to retrieve e-mails from a shared mailbox - * </DESC> - */ - -#include <stdio.h> -#include <curl/curl.h> - -/* This is a simple example showing how to retrieve mail using libcurl's POP3 - * capabilities. - * - * Note that this example requires libcurl 7.66.0 or above. - */ - -int main(void) -{ - CURL *curl; - CURLcode res = CURLE_OK; - - curl = curl_easy_init(); - if(curl) { - /* Set the username and password */ - curl_easy_setopt(curl, CURLOPT_USERNAME, "user"); - curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret"); - - /* Set the authorisation identity (identity to act as) */ - curl_easy_setopt(curl, CURLOPT_SASL_AUTHZID, "shared-mailbox"); - - /* Force PLAIN authentication */ - curl_easy_setopt(curl, CURLOPT_LOGIN_OPTIONS, "AUTH=PLAIN"); - - /* This will retrieve message 1 from the user's mailbox */ - curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1"); - - /* Perform the retr */ - res = curl_easy_perform(curl); - - /* Check for errors */ - if(res != CURLE_OK) - fprintf(stderr, "curl_easy_perform() failed: %s\n", - curl_easy_strerror(res)); - - /* Always cleanup */ - curl_easy_cleanup(curl); - } - - return (int)res; -} diff --git a/docs/examples/smtp-authzid.c b/docs/examples/smtp-authzid.c deleted file mode 100644 index decdb719d..000000000 --- a/docs/examples/smtp-authzid.c +++ /dev/null @@ -1,161 +0,0 @@ -/*************************************************************************** - * _ _ ____ _ - * Project ___| | | | _ \| | - * / __| | | | |_) | | - * | (__| |_| | _ <| |___ - * \___|\___/|_| \_\_____| - * - * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. - * - * This software is licensed as described in the file COPYING, which - * you should have received as part of this distribution. The terms - * are also available at https://curl.haxx.se/docs/copyright.html. - * - * You may opt to use, copy, modify, merge, publish, distribute and/or sell - * copies of the Software, and permit persons to whom the Software is - * furnished to do so, under the terms of the COPYING file. - * - * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY - * KIND, either express or implied. - * - ***************************************************************************/ - -/* <DESC> - * Send e-mail on behalf of another user with SMTP - * </DESC> - */ - -#include <stdio.h> -#include <string.h> -#include <curl/curl.h> - -/* - * This is a simple example show how to send an email using libcurl's SMTP - * capabilities. - * - * Note that this example requires libcurl 7.66.0 or above. - */ - -/* The libcurl options want plain addresses, the viewable headers in the mail - * can very well get a full name as well. - */ -#define FROM_ADDR "<ursel@example.org>" -#define SENDER_ADDR "<kurt@example.org>" -#define TO_ADDR "<addressee@example.net>" - -#define FROM_MAIL "Ursel " FROM_ADDR -#define SENDER_MAIL "Kurt " SENDER_ADDR -#define TO_MAIL "A Receiver " TO_ADDR - -static const char *payload_text[] = { - "Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n", - "To: " TO_MAIL "\r\n", - "From: " FROM_MAIL "\r\n", - "Sender: " SENDER_MAIL "\r\n", - "Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@" - "rfcpedant.example.org>\r\n", - "Subject: SMTP example message\r\n", - "\r\n", /* empty line to divide headers from body, see RFC5322 */ - "The body of the message starts here.\r\n", - "\r\n", - "It could be a lot of lines, could be MIME encoded, whatever.\r\n", - "Check RFC5322.\r\n", - NULL -}; - -struct upload_status { - int lines_read; -}; - -static size_t payload_source(void *ptr, size_t size, size_t nmemb, void *userp) -{ - struct upload_status *upload_ctx = (struct upload_status *)userp; - const char *data; - - if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) { - return 0; - } - - data = payload_text[upload_ctx->lines_read]; - - if(data) { - size_t len = strlen(data); - memcpy(ptr, data, len); - upload_ctx->lines_read++; - - return len; - } - - return 0; -} - -int main(void) -{ - CURL *curl; - CURLcode res = CURLE_OK; - struct curl_slist *recipients = NULL; - struct upload_status upload_ctx; - - upload_ctx.lines_read = 0; - - curl = curl_easy_init(); - if(curl) { - /* This is the URL for your mailserver. In this example we connect to the - smtp-submission port as we require an authenticated connection. */ - curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com:587"); - - /* Set the username and password */ - curl_easy_setopt(curl, CURLOPT_USERNAME, "kurt"); - curl_easy_setopt(curl, CURLOPT_PASSWORD, "xipj3plmq"); - - /* Set the authorisation identity (identity to act as) */ - curl_easy_setopt(curl, CURLOPT_SASL_AUTHZID, "ursel"); - - /* Force PLAIN authentication */ - curl_easy_setopt(curl, CURLOPT_LOGIN_OPTIONS, "AUTH=PLAIN"); - - /* Note that this option isn't strictly required, omitting it will result - * in libcurl sending the MAIL FROM command with empty sender data. All - * autoresponses should have an empty reverse-path, and should be directed - * to the address in the reverse-path which triggered them. Otherwise, - * they could cause an endless loop. See RFC 5321 Section 4.5.5 for more - * details. - */ - curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM_ADDR); - - /* Add a recipient, in this particular case it corresponds to the - * To: addressee in the header. */ - recipients = curl_slist_append(recipients, TO_ADDR); - curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients); - - /* We're using a callback function to specify the payload (the headers and - * body of the message). You could just use the CURLOPT_READDATA option to - * specify a FILE pointer to read from. */ - curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source); - curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx); - curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L); - - /* Send the message */ - res = curl_easy_perform(curl); - - /* Check for errors */ - if(res != CURLE_OK) - fprintf(stderr, "curl_easy_perform() failed: %s\n", - curl_easy_strerror(res)); - - /* Free the list of recipients */ - curl_slist_free_all(recipients); - - /* curl won't send the QUIT command until you call cleanup, so you should - * be able to re-use this connection for additional messages (setting - * CURLOPT_MAIL_FROM and CURLOPT_MAIL_RCPT as required, and calling - * curl_easy_perform() again. It may not be a good idea to keep the - * connection open for a very long time though (more than a few minutes - * may result in the server timing out the connection), and you do want to - * clean up in the end. - */ - curl_easy_cleanup(curl); - } - - return (int)res; -} diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3 index a523364cd..1f18a3494 100644 --- a/docs/libcurl/curl_easy_setopt.3 +++ b/docs/libcurl/curl_easy_setopt.3 @@ -256,8 +256,6 @@ TLS authentication methods. See \fICURLOPT_TLSAUTH_TYPE(3)\fP Proxy TLS authentication methods. See \fICURLOPT_PROXY_TLSAUTH_TYPE(3)\fP .IP CURLOPT_PROXYAUTH HTTP proxy authentication methods. See \fICURLOPT_PROXYAUTH(3)\fP -.IP CURLOPT_SASL_AUTHZID -SASL authorisation identity (identity to act as). See \fICURLOPT_SASL_AUTHZID(3)\fP .IP CURLOPT_SASL_IR Enable SASL initial response. See \fICURLOPT_SASL_IR(3)\fP .IP CURLOPT_XOAUTH2_BEARER diff --git a/docs/libcurl/opts/CURLOPT_SASL_AUTHZID.3 b/docs/libcurl/opts/CURLOPT_SASL_AUTHZID.3 deleted file mode 100644 index 79b360b5e..000000000 --- a/docs/libcurl/opts/CURLOPT_SASL_AUTHZID.3 +++ /dev/null @@ -1,64 +0,0 @@ -.\" ************************************************************************** -.\" * _ _ ____ _ -.\" * Project ___| | | | _ \| | -.\" * / __| | | | |_) | | -.\" * | (__| |_| | _ <| |___ -.\" * \___|\___/|_| \_\_____| -.\" * -.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. -.\" * -.\" * This software is licensed as described in the file COPYING, which -.\" * you should have received as part of this distribution. The terms -.\" * are also available at https://curl.haxx.se/docs/copyright.html. -.\" * -.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell -.\" * copies of the Software, and permit persons to whom the Software is -.\" * furnished to do so, under the terms of the COPYING file. -.\" * -.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY -.\" * KIND, either express or implied. -.\" * -.\" ************************************************************************** -.\" -.TH CURLOPT_SASL_AUTHZID 3 "17 July 2019" "libcurl 7.66.0" "curl_easy_setopt options" -.SH NAME -CURLOPT_SASL_AUTHZID \- authorisation identity (identity to act as) -.SH SYNOPSIS -#include <curl/curl.h> - -CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SASL_AUTHZID, char *authzid); -.SH DESCRIPTION -Pass a char * as parameter, which should be pointing to the zero terminated -authorisation identity (authzid) for the transfer. Only applicable to the PLAIN -SASL authentication mechanism where it is optional. - -When not specified only the authentication identity (authcid) as specified by -the username will be sent to the server, along with the password. The server -will derive a authzid from the authcid when not provided, which it will then -uses internally. - -When the authzid is specified, the use of which is server dependent, it can be -used to access another user's inbox, that the user has been granted access to, -or a shared mailbox for example. -.SH DEFAULT -blank -.SH PROTOCOLS -IMAP, POP3 and SMTP -.SH EXAMPLE -.nf -CURL *curl = curl_easy_init(); -if(curl) { - curl_easy_setopt(curl, CURLOPT_URL, "imap://example.com/"); - curl_easy_setopt(curl, CURLOPT_USERNAME, "Kurt"); - curl_easy_setopt(curl, CURLOPT_PASSWORD, "xipj3plmq"); - curl_easy_setopt(curl, CURLOPT_SASL_AUTHZID, "Ursel"); - ret = curl_easy_perform(curl); - curl_easy_cleanup(curl); -} -.fi -.SH AVAILABILITY -Added in 7.66.0 -.SH RETURN VALUE -Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. -.SH "SEE ALSO" -.BR CURLOPT_USERNAME "(3), " CURLOPT_PASSWORD "(3), ".BR CURLOPT_USERPWD "(3)" diff --git a/docs/libcurl/opts/Makefile.inc b/docs/libcurl/opts/Makefile.inc index 9a1016c3f..c8e15a5ed 100644 --- a/docs/libcurl/opts/Makefile.inc +++ b/docs/libcurl/opts/Makefile.inc @@ -272,7 +272,6 @@ man_MANS = \ CURLOPT_RTSP_SESSION_ID.3 \ CURLOPT_RTSP_STREAM_URI.3 \ CURLOPT_RTSP_TRANSPORT.3 \ - CURLOPT_SASL_AUTHZID.3 \ CURLOPT_SASL_IR.3 \ CURLOPT_SEEKDATA.3 \ CURLOPT_SEEKFUNCTION.3 \ diff --git a/docs/libcurl/symbols-in-versions b/docs/libcurl/symbols-in-versions index addbaf905..715badf97 100644 --- a/docs/libcurl/symbols-in-versions +++ b/docs/libcurl/symbols-in-versions @@ -553,7 +553,6 @@ CURLOPT_RTSP_SERVER_CSEQ 7.20.0 CURLOPT_RTSP_SESSION_ID 7.20.0 CURLOPT_RTSP_STREAM_URI 7.20.0 CURLOPT_RTSP_TRANSPORT 7.20.0 -CURLOPT_SASL_AUTHZID 7.66.0 CURLOPT_SASL_IR 7.31.0 CURLOPT_SEEKDATA 7.18.0 CURLOPT_SEEKFUNCTION 7.18.0 diff --git a/include/curl/curl.h b/include/curl/curl.h index 0c86e945a..d83b21798 100644 --- a/include/curl/curl.h +++ b/include/curl/curl.h @@ -1921,9 +1921,6 @@ typedef enum { /* maximum age of a connection to consider it for reuse (in seconds) */ CINIT(MAXAGE_CONN, LONG, 288), - /* SASL authorisation identity */ - CINIT(SASL_AUTHZID, STRINGPOINT, 289), - CURLOPT_LASTENTRY /* the last unused */ } CURLoption; diff --git a/include/curl/typecheck-gcc.h b/include/curl/typecheck-gcc.h index 8827058e9..2d1de4d43 100644 --- a/include/curl/typecheck-gcc.h +++ b/include/curl/typecheck-gcc.h @@ -309,7 +309,6 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t, (option) == CURLOPT_RTSP_SESSION_ID || \ (option) == CURLOPT_RTSP_STREAM_URI || \ (option) == CURLOPT_RTSP_TRANSPORT || \ - (option) == CURLOPT_SASL_AUTHZID || \ (option) == CURLOPT_SERVICE_NAME || \ (option) == CURLOPT_SOCKS5_GSSAPI_SERVICE || \ (option) == CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 || \ diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c index 0aa1f5bb7..018e4228b 100644 --- a/lib/curl_sasl.c +++ b/lib/curl_sasl.c @@ -370,9 +370,8 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn, sasl->authused = SASL_MECH_PLAIN; if(force_ir || data->set.sasl_ir) - result = Curl_auth_create_plain_message(data, conn->sasl_authzid, - conn->user, conn->passwd, - &resp, &len); + result = Curl_auth_create_plain_message(data, NULL, conn->user, + conn->passwd, &resp, &len); } else if(enabledmechs & SASL_MECH_LOGIN) { mech = SASL_MECH_STRING_LOGIN; @@ -454,9 +453,8 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn, *progress = SASL_DONE; return result; case SASL_PLAIN: - result = Curl_auth_create_plain_message(data, conn->sasl_authzid, - conn->user, conn->passwd, - &resp, &len); + result = Curl_auth_create_plain_message(data, NULL, conn->user, + conn->passwd, &resp, &len); break; case SASL_LOGIN: result = Curl_auth_create_login_message(data, conn->user, &resp, &len); diff --git a/lib/setopt.c b/lib/setopt.c index ff68788e5..92cd5b271 100644 --- a/lib/setopt.c +++ b/lib/setopt.c @@ -2400,12 +2400,6 @@ static CURLcode vsetopt(struct Curl_easy *data, CURLoption option, break; #endif - case CURLOPT_SASL_AUTHZID: - /* Authorisation identity (identity to act as) */ - result = Curl_setstropt(&data->set.str[STRING_SASL_AUTHZID], - va_arg(param, char *)); - break; - case CURLOPT_SASL_IR: /* Enable/disable SASL initial response */ data->set.sasl_ir = (0 != va_arg(param, long)) ? TRUE : FALSE; @@ -715,7 +715,6 @@ static void conn_free(struct connectdata *conn) Curl_safefree(conn->user); Curl_safefree(conn->passwd); Curl_safefree(conn->oauth_bearer); - Curl_safefree(conn->sasl_authzid); Curl_safefree(conn->options); Curl_safefree(conn->http_proxy.user); Curl_safefree(conn->socks_proxy.user); @@ -3464,14 +3463,6 @@ static CURLcode create_conn(struct Curl_easy *data, } } - if(data->set.str[STRING_SASL_AUTHZID]) { - conn->sasl_authzid = strdup(data->set.str[STRING_SASL_AUTHZID]); - if(!conn->sasl_authzid) { - result = CURLE_OUT_OF_MEMORY; - goto out; - } - } - #ifdef USE_UNIX_SOCKETS if(data->set.str[STRING_UNIX_SOCKET_PATH]) { conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]); diff --git a/lib/urldata.h b/lib/urldata.h index 48b664063..d759592d9 100644 --- a/lib/urldata.h +++ b/lib/urldata.h @@ -870,8 +870,7 @@ struct connectdata { char *passwd; /* password string, allocated */ char *options; /* options string, allocated */ - char *oauth_bearer; /* bearer token for OAuth 2.0, allocated */ - char *sasl_authzid; /* authorisation identity string, allocated */ + char *oauth_bearer; /* bearer token for OAuth 2.0, allocated */ int httpversion; /* the HTTP version*10 reported by the server */ int rtspversion; /* the RTSP version*10 reported by the server */ @@ -1493,7 +1492,6 @@ enum dupstring { #ifdef USE_ALTSVC STRING_ALTSVC, /* CURLOPT_ALTSVC */ #endif - STRING_SASL_AUTHZID, /* CURLOPT_SASL_AUTHZID */ /* -- end of zero-terminated strings -- */ STRING_LASTZEROTERMINATED, diff --git a/packages/OS400/README.OS400 b/packages/OS400/README.OS400 index 95a558411..c653ceceb 100644 --- a/packages/OS400/README.OS400 +++ b/packages/OS400/README.OS400 @@ -120,7 +120,6 @@ options: CURLOPT_RTSP_SESSION_UID CURLOPT_RTSP_STREAM_URI CURLOPT_RTSP_TRANSPORT - CURLOPT_SASL_AUTHZID CURLOPT_SERVICE_NAME CURLOPT_SOCKS5_GSSAPI_SERVICE CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 diff --git a/packages/OS400/ccsidcurl.c b/packages/OS400/ccsidcurl.c index 85fb4693d..fd3b5f073 100644 --- a/packages/OS400/ccsidcurl.c +++ b/packages/OS400/ccsidcurl.c @@ -1139,7 +1139,12 @@ curl_easy_setopt_ccsid(CURL *curl, CURLoption tag, ...) if(testwarn) { testwarn = 0; - if((int) STRING_LASTZEROTERMINATED != (int) STRING_SASL_AUTHZID + 1 || + if( +#ifdef USE_ALTSVC + (int) STRING_LASTZEROTERMINATED != (int) STRING_ALTSVC + 1 || +#else + (int) STRING_LASTZEROTERMINATED != (int) STRING_DOH + 1 || +#endif (int) STRING_LAST != (int) STRING_COPYPOSTFIELDS + 1) curl_mfprintf(stderr, "*** WARNING: curl_easy_setopt_ccsid() should be reworked ***\n"); @@ -1206,7 +1211,6 @@ curl_easy_setopt_ccsid(CURL *curl, CURLoption tag, ...) case CURLOPT_RTSP_SESSION_ID: case CURLOPT_RTSP_STREAM_URI: case CURLOPT_RTSP_TRANSPORT: - case CURLOPT_SASL_AUTHZID: case CURLOPT_SERVICE_NAME: case CURLOPT_SOCKS5_GSSAPI_SERVICE: case CURLOPT_SSH_HOST_PUBLIC_KEY_MD5: diff --git a/packages/OS400/curl.inc.in b/packages/OS400/curl.inc.in index 61405bd13..8e36bac3b 100644 --- a/packages/OS400/curl.inc.in +++ b/packages/OS400/curl.inc.in @@ -1418,8 +1418,6 @@ d c 10287 d CURLOPT_MAXAGE_CONN... d c 00288 - d CURLOPT_SASL_AUTHZID... - d c 10289 * /if not defined(CURL_NO_OLDIES) d CURLOPT_FILE c 10001 diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c index 1d684f8cc..7d178e47c 100644 --- a/src/tool_cfgable.c +++ b/src/tool_cfgable.c @@ -133,7 +133,6 @@ static void free_config_fields(struct OperationConfig *config) Curl_safefree(config->krblevel); Curl_safefree(config->oauth_bearer); - Curl_safefree(config->sasl_authzid); Curl_safefree(config->unix_socket_path); Curl_safefree(config->writeout); diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h index 48b7b5588..e374a7f0e 100644 --- a/src/tool_cfgable.h +++ b/src/tool_cfgable.h @@ -97,7 +97,6 @@ struct OperationConfig { char *mail_from; struct curl_slist *mail_rcpt; char *mail_auth; - char *sasl_authzid; /* Authorisation identity (identity to use) */ bool sasl_ir; /* Enable/disable SASL initial response */ bool proxytunnel; bool ftp_append; /* APPE on ftp */ diff --git a/src/tool_getparam.c b/src/tool_getparam.c index f5e80b54d..b347121f8 100644 --- a/src/tool_getparam.c +++ b/src/tool_getparam.c @@ -177,8 +177,7 @@ static const struct LongShort aliases[]= { {"$H", "mail-auth", ARG_STRING}, {"$I", "post303", ARG_BOOL}, {"$J", "metalink", ARG_BOOL}, - {"$6", "sasl-authzid", ARG_STRING}, - {"$K", "sasl-ir", ARG_BOOL }, + {"$K", "sasl-ir", ARG_BOOL}, {"$L", "test-event", ARG_BOOL}, {"$M", "unix-socket", ARG_FILENAME}, {"$N", "path-as-is", ARG_BOOL}, @@ -1100,9 +1099,6 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */ #endif break; } - case '6': /* --sasl-authzid */ - GetStr(&config->sasl_authzid, nextarg); - break; case 'K': /* --sasl-ir */ config->sasl_ir = toggle; break; diff --git a/src/tool_help.c b/src/tool_help.c index 816f8e437..ad6b6a107 100644 --- a/src/tool_help.c +++ b/src/tool_help.c @@ -385,8 +385,6 @@ static const struct helptxt helptext[] = { "Wait time between retries"}, {" --retry-max-time <seconds>", "Retry only within this period"}, - {" --sasl-authzid <identity> ", - "Use this identity to act as during SASL PLAIN authentication"}, {" --sasl-ir", "Enable initial response in SASL authentication"}, {" --service-name <name>", diff --git a/src/tool_operate.c b/src/tool_operate.c index db6f81fab..462119a1c 100644 --- a/src/tool_operate.c +++ b/src/tool_operate.c @@ -1501,10 +1501,6 @@ static CURLcode operate_do(struct GlobalConfig *global, if(config->mail_auth) my_setopt_str(curl, CURLOPT_MAIL_AUTH, config->mail_auth); - /* new in 7.66.0 */ - if(config->sasl_authzid) - my_setopt_str(curl, CURLOPT_SASL_AUTHZID, config->sasl_authzid); - /* new in 7.31.0 */ if(config->sasl_ir) my_setopt(curl, CURLOPT_SASL_IR, 1L); @@ -1528,7 +1524,6 @@ static CURLcode operate_do(struct GlobalConfig *global, config->unix_socket_path); } } - /* new in 7.45.0 */ if(config->proto_default) my_setopt_str(curl, CURLOPT_DEFAULT_PROTOCOL, config->proto_default); diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc index 552736341..afea1fb83 100644 --- a/tests/data/Makefile.inc +++ b/tests/data/Makefile.inc @@ -93,21 +93,20 @@ test809 test810 test811 test812 test813 test814 test815 test816 test817 \ test818 test819 test820 test821 test822 test823 test824 test825 test826 \ test827 test828 test829 test830 test831 test832 test833 test834 test835 \ test836 test837 test838 test839 test840 test841 test842 test843 test844 \ -test845 test846 test847 test848 test849 \ +test845 test846 test847 \ \ test850 test851 test852 test853 test854 test855 test856 test857 test858 \ test859 test860 test861 test862 test863 test864 test865 test866 test867 \ test868 test869 test870 test871 test872 test873 test874 test875 test876 \ test877 test878 test879 test880 test881 test882 test883 test884 test885 \ -test886 test887 test888 test889 test890 test891 test892 test893 \ +test886 test887 test888 test889 test890 test891 \ \ test900 test901 test902 test903 test904 test905 test906 test907 test908 \ test909 test910 test911 test912 test913 test914 test915 test916 test917 \ test918 test919 test920 test921 test922 test923 test924 test925 test926 \ test927 test928 test929 test930 test931 test932 test933 test934 test935 \ test936 test937 test938 test939 test940 test941 test942 test943 test944 \ -test945 test946 test947 test948 test949 test950 test951 test952 test953 \ -test954 \ +test945 test946 test947 test948 test949 test950 test951 test952 \ \ test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 \ test1008 test1009 test1010 test1011 test1012 test1013 test1014 test1015 \ diff --git a/tests/data/test848 b/tests/data/test848 deleted file mode 100644 index 2b4a30b2a..000000000 --- a/tests/data/test848 +++ /dev/null @@ -1,56 +0,0 @@ -<testcase> -<info> -<keywords> -IMAP -SASL -SASL AUTH PLAIN -RFC4616 -</keywords> -</info> - -# -# Server-side -<reply> -<servercmd> -AUTH PLAIN -REPLY AUTHENTICATE + -REPLY c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ= A002 OK AUTHENTICATE completed -</servercmd> -<data> -From: me@somewhere
-To: fake@nowhere
-
-body
-
---
- yours sincerely
-</data> -</reply> - -# -# Client-side -<client> -<server> -imap -</server> - <name> -IMAP plain authentication with alternative authorization identity - </name> - <command> -'imap://%HOSTIP:%IMAPPORT/848/;MAILINDEX=1' -u user:secret --sasl-authzid shared-mailbox -</command> -</client> - -# -# Verify data after the test has been "shot" -<verify> -<protocol> -A001 CAPABILITY
-A002 AUTHENTICATE PLAIN
-c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ=
-A003 SELECT 848
-A004 FETCH 1 BODY[]
-A005 LOGOUT
-</protocol> -</verify> -</testcase> diff --git a/tests/data/test849 b/tests/data/test849 deleted file mode 100644 index 8a4b39c00..000000000 --- a/tests/data/test849 +++ /dev/null @@ -1,51 +0,0 @@ -<testcase> -<info> -<keywords> -IMAP -SASL -SASL AUTH PLAIN -RFC4616 -</keywords> -</info> - -# -# Server-side -<reply> -<servercmd> -AUTH PLAIN -REPLY AUTHENTICATE + -REPLY dXJzZWwAa3VydAB4aXBqM3BsbXE= A002 NO Not authorized -</servercmd> -</reply> - -# -# Client-side -<client> -<server> -imap -</server> - <name> -IMAP plain authentication with alternative authorization identity (Not authorized) - </name> - <command> -'imap://%HOSTIP:%IMAPPORT/849/;MAILINDEX=1' -u kurt:xipj3plmq --sasl-authzid ursel -</command> -</client> - -# -# Verify data after the test has been "shot" -<verify> -# 67 - CURLE_LOGIN_DENIED -<errorcode> -67 -</errorcode> -# -# The multi interface considers a broken "CONNECT" as a prematurely broken -# transfer and such a connection will not get a "LOGOUT" -<protocol> -A001 CAPABILITY
-A002 AUTHENTICATE PLAIN
-dXJzZWwAa3VydAB4aXBqM3BsbXE=
-</protocol> -</verify> -</testcase> diff --git a/tests/data/test892 b/tests/data/test892 deleted file mode 100644 index 4b8318292..000000000 --- a/tests/data/test892 +++ /dev/null @@ -1,57 +0,0 @@ -<testcase> -<info> -<keywords> -POP3 -SASL -SASL AUTH PLAIN -RFC1734 -RFC4616 -RFC5034 -</keywords> -</info> - -# -# Server-side -<reply> -<servercmd> -AUTH PLAIN -REPLY AUTH + -REPLY c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ= +OK Login successful -</servercmd> -<data> -From: me@somewhere
-To: fake@nowhere
-
-body
-
---
- yours sincerely
-</data> -</reply> - -# -# Client-side -<client> -<server> -pop3 -</server> - <name> -POP3 plain authentication with alternative authorization identity - </name> - <command> -pop3://%HOSTIP:%POP3PORT/892 -u user:secret --sasl-authzid shared-mailbox -</command> -</client> - -# -# Verify data after the test has been "shot" -<verify> -<protocol> -CAPA
-AUTH PLAIN
-c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ=
-RETR 892
-QUIT
-</protocol> -</verify> -</testcase> diff --git a/tests/data/test893 b/tests/data/test893 deleted file mode 100644 index 2a762fc21..000000000 --- a/tests/data/test893 +++ /dev/null @@ -1,53 +0,0 @@ -<testcase> -<info> -<keywords> -POP3 -SASL -SASL AUTH PLAIN -RFC1734 -RFC4616 -RFC5034 -</keywords> -</info> - -# -# Server-side -<reply> -<servercmd> -AUTH PLAIN -REPLY AUTH + -REPLY dXJzZWwAa3VydAB4aXBqM3BsbXE= -ERR Not authorized -</servercmd> -</reply> - -# -# Client-side -<client> -<server> -pop3 -</server> - <name> -POP3 plain authentication with alternative authorization identity (Not authorized) - </name> - <command> -pop3://%HOSTIP:%POP3PORT/893 -u kurt:xipj3plmq --sasl-authzid ursel -</command> -</client> - -# -# Verify data after the test has been "shot" -<verify> -# 67 - CURLE_LOGIN_DENIED -<errorcode> -67 -</errorcode> -# -# The multi interface considers a broken "CONNECT" as a prematurely broken -# transfer and such a connection will not get a "QUIT" -<protocol> -CAPA
-AUTH PLAIN
-dXJzZWwAa3VydAB4aXBqM3BsbXE=
-</protocol> -</verify> -</testcase> diff --git a/tests/data/test953 b/tests/data/test953 deleted file mode 100644 index 4a70e1f31..000000000 --- a/tests/data/test953 +++ /dev/null @@ -1,56 +0,0 @@ -<testcase> -<info> -<keywords> -SMTP -SASL -SASL AUTH PLAIN -RFC4616 -RFC4954 -</keywords> -</info> - -# -# Server-side -<reply> -<servercmd> -AUTH PLAIN -REPLY AUTH 334 PLAIN supported -REPLY dXJzZWwAa3VydAB4aXBqM3BsbXE= 235 Authenticated -</servercmd> -</reply> - -# -# Client-side -<client> -<server> -smtp -</server> - <name> -SMTP plain authentication with alternative authorization identity - </name> -<stdin> -mail body
-</stdin> - <command> -smtp://%HOSTIP:%SMTPPORT/953 --mail-rcpt recipient@example.com --mail-from sender@example.com -u kurt:xipj3plmq --sasl-authzid ursel -T - -</command> -</client> - -# -# Verify data after the test has been "shot" -<verify> -<protocol> -EHLO 953
-AUTH PLAIN
-dXJzZWwAa3VydAB4aXBqM3BsbXE=
-MAIL FROM:<sender@example.com>
-RCPT TO:<recipient@example.com>
-DATA
-QUIT
-</protocol> -<upload> -mail body
-.
-</upload> -</verify> -</testcase> diff --git a/tests/data/test954 b/tests/data/test954 deleted file mode 100644 index a5e6bb0d3..000000000 --- a/tests/data/test954 +++ /dev/null @@ -1,55 +0,0 @@ -<testcase> -<info> -<keywords> -SMTP -SASL -SASL AUTH PLAIN -RFC4616 -RFC4954 -</keywords> -</info> - -# -# Server-side -<reply> -<servercmd> -AUTH PLAIN -REPLY AUTH 334 PLAIN supported -REPLY dXJzZWwAa3VydAB4aXBqM3BsbXE= 501 Not authorized -</servercmd> -</reply> - -# -# Client-side -<client> -<server> -smtp -</server> - <name> -SMTP plain authentication with alternative authorization identity (Not authorized) - </name> -<stdin> -mail body -</stdin> - <command> -smtp://%HOSTIP:%SMTPPORT/954 --mail-rcpt recipient@example.com --mail-from sender@example.com -u kurt:xipj3plmq --sasl-authzid ursel -T - -</command> -</client> - -# -# Verify data after the test has been "shot" -<verify> -# 67 - CURLE_LOGIN_DENIED -<errorcode> -67 -</errorcode> -# -# The multi interface considers a broken "CONNECT" as a prematurely broken -# transfer and such a connection will not get a "QUIT" -<protocol> -EHLO 954
-AUTH PLAIN
-dXJzZWwAa3VydAB4aXBqM3BsbXE=
-</protocol> -</verify> -</testcase> |