summaryrefslogtreecommitdiff
path: root/lib/curl_sasl.c
diff options
context:
space:
mode:
authorPatrick Monnerat <patrick@monnerat.net>2018-02-21 17:42:25 +0100
committerPatrick Monnerat <patrick@monnerat.net>2018-02-21 17:42:25 +0100
commitde97b5fcefb110f3f34338b8292652340ddb1f63 (patch)
treef41617a12b4b4f8778d77b4d12ab9bda7086be29 /lib/curl_sasl.c
parent7b71b5150b3bdf2ce880a72c8a329995ca059d58 (diff)
downloadcurl-de97b5fcefb110f3f34338b8292652340ddb1f63.tar.gz
sasl: prefer PLAIN mechanism over LOGIN
SASL PLAIN is a standard, LOGIN only a draft. The LOGIN draft says PLAIN should be used instead if available.
Diffstat (limited to 'lib/curl_sasl.c')
-rw-r--r--lib/curl_sasl.c20
1 files changed, 10 insertions, 10 deletions
diff --git a/lib/curl_sasl.c b/lib/curl_sasl.c
index 550433d67..7052bd913 100644
--- a/lib/curl_sasl.c
+++ b/lib/curl_sasl.c
@@ -5,7 +5,7 @@
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 2012 - 2017, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 2012 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
@@ -361,15 +361,6 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
conn->oauth_bearer,
&resp, &len);
}
- else if(enabledmechs & SASL_MECH_LOGIN) {
- mech = SASL_MECH_STRING_LOGIN;
- state1 = SASL_LOGIN;
- state2 = SASL_LOGIN_PASSWD;
- sasl->authused = SASL_MECH_LOGIN;
-
- if(force_ir || data->set.sasl_ir)
- result = Curl_auth_create_login_message(data, conn->user, &resp, &len);
- }
else if(enabledmechs & SASL_MECH_PLAIN) {
mech = SASL_MECH_STRING_PLAIN;
state1 = SASL_PLAIN;
@@ -379,6 +370,15 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
result = Curl_auth_create_plain_message(data, conn->user, conn->passwd,
&resp, &len);
}
+ else if(enabledmechs & SASL_MECH_LOGIN) {
+ mech = SASL_MECH_STRING_LOGIN;
+ state1 = SASL_LOGIN;
+ state2 = SASL_LOGIN_PASSWD;
+ sasl->authused = SASL_MECH_LOGIN;
+
+ if(force_ir || data->set.sasl_ir)
+ result = Curl_auth_create_login_message(data, conn->user, &resp, &len);
+ }
}
if(!result && mech) {