diff options
| author | Steve Holme <steve_holme@hotmail.com> | 2013-12-24 16:32:48 +0000 |
|---|---|---|
| committer | Steve Holme <steve_holme@hotmail.com> | 2013-12-24 16:34:55 +0000 |
| commit | 6f2d5f0562f64a95407869a1fe365e652b0a5a8d (patch) | |
| tree | 0c2a97c2d9472011d9c20939804e00a99c9ec136 /lib/pop3.c | |
| parent | 82bf8edff3fd81fef06f77591e39db3049a969f4 (diff) | |
| download | curl-6f2d5f0562f64a95407869a1fe365e652b0a5a8d.tar.gz | |
pop3: Fixed APOP being determined by CAPA response rather than by timestamp
This commit replaces that of 9f260b5d6610f3 because according to RFC-2449,
section 6, there is no APOP capability "...even though APOP is an
optional command in [POP3]. Clients discover server support of APOP by
the presence in the greeting banner of an initial challenge enclosed in
angle brackets."
Diffstat (limited to 'lib/pop3.c')
| -rw-r--r-- | lib/pop3.c | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/lib/pop3.c b/lib/pop3.c index 2fc4e4e88..5ea50e369 100644 --- a/lib/pop3.c +++ b/lib/pop3.c @@ -561,8 +561,7 @@ static CURLcode pop3_perform_authentication(struct connectdata *conn) } #ifndef CURL_DISABLE_CRYPTO_AUTH else if((pop3c->authtypes & POP3_TYPE_APOP) && - (pop3c->preftype & POP3_TYPE_APOP) && - (pop3c->apoptimestamp)) + (pop3c->preftype & POP3_TYPE_APOP)) /* Perform APOP authentication */ result = pop3_perform_apop(conn); #endif @@ -658,8 +657,9 @@ static CURLcode pop3_state_servergreet_resp(struct connectdata *conn, result = CURLE_FTP_WEIRD_SERVER_REPLY; } else { - /* Look for the APOP timestamp */ + /* Does the server support APOP authentication? */ if(len >= 4 && line[len - 2] == '>') { + /* Look for the APOP timestamp */ for(i = 3; i < len - 2; ++i) { if(line[i] == '<') { /* Calculate the length of the timestamp */ @@ -676,6 +676,9 @@ static CURLcode pop3_state_servergreet_resp(struct connectdata *conn, /* Copy the timestamp */ memcpy(pop3c->apoptimestamp, line + i, timestamplen); pop3c->apoptimestamp[timestamplen] = '\0'; + + /* Store the APOP capability */ + pop3c->authtypes |= POP3_TYPE_APOP; break; } } @@ -710,10 +713,6 @@ static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code, else if(len >= 4 && !memcmp(line, "USER", 4)) pop3c->authtypes |= POP3_TYPE_CLEARTEXT; - /* Does the server support APOP authentication? */ - else if(len >= 4 && !memcmp(line, "APOP", 4)) - pop3c->authtypes |= POP3_TYPE_APOP; - /* Does the server support SASL based authentication? */ else if(len >= 5 && !memcmp(line, "SASL ", 5)) { pop3c->authtypes |= POP3_TYPE_SASL; @@ -1201,8 +1200,7 @@ static CURLcode pop3_state_auth_cancel_resp(struct connectdata *conn, } #ifndef CURL_DISABLE_CRYPTO_AUTH else if((pop3c->authtypes & POP3_TYPE_APOP) && - (pop3c->preftype & POP3_TYPE_APOP) && - (pop3c->apoptimestamp)) + (pop3c->preftype & POP3_TYPE_APOP)) /* Perform APOP authentication */ result = pop3_perform_apop(conn); #endif |