* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2013, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* RFC3501 IMAPv4 protocol
* RFC4422 Simple Authentication and Security Layer (SASL)
* RFC4616 PLAIN authentication
+ * RFC4752 The Kerberos V5 ("GSSAPI") SASL Mechanism
* RFC4959 IMAP Extension for SASL Initial Client Response
* RFC5092 IMAP URL Scheme
+ * RFC6749 OAuth 2.0 Authorization Framework
+ * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
*
***************************************************************************/
#include <curl/curl.h>
#include "urldata.h"
#include "sendf.h"
-#include "if2ip.h"
#include "hostip.h"
#include "progress.h"
#include "transfer.h"
#include "strtoofft.h"
#include "strequal.h"
-#include "sslgen.h"
+#include "vtls/vtls.h"
#include "connect.h"
#include "strerror.h"
#include "select.h"
#include "url.h"
#include "rawstr.h"
#include "curl_sasl.h"
+#include "warnless.h"
#define _MPRINTF_REPLACE /* use our functions only */
#include <curl/mprintf.h>
#include "memdebug.h"
/* Local API functions */
-static CURLcode imap_parse_url_path(struct connectdata *conn);
-static CURLcode imap_parse_custom_request(struct connectdata *conn);
static CURLcode imap_regular_transfer(struct connectdata *conn, bool *done);
static CURLcode imap_do(struct connectdata *conn, bool *done);
static CURLcode imap_done(struct connectdata *conn, CURLcode status,
int numsocks);
static CURLcode imap_doing(struct connectdata *conn, bool *dophase_done);
static CURLcode imap_setup_connection(struct connectdata *conn);
+static char *imap_atom(const char *str);
+static CURLcode imap_sendf(struct connectdata *conn, const char *fmt, ...);
+static CURLcode imap_parse_url_options(struct connectdata *conn);
+static CURLcode imap_parse_url_path(struct connectdata *conn);
+static CURLcode imap_parse_custom_request(struct connectdata *conn);
+static CURLcode imap_calc_sasl_details(struct connectdata *conn,
+ const char **mech,
+ char **initresp, size_t *len,
+ imapstate *state1, imapstate *state2);
/*
* IMAP protocol handler.
ZERO_NULL, /* readwrite */
PORT_IMAP, /* defport */
CURLPROTO_IMAP, /* protocol */
- PROTOPT_CLOSEACTION | PROTOPT_NEEDSPWD
- | PROTOPT_NOURLQUERY /* flags */
+ PROTOPT_CLOSEACTION | PROTOPT_NEEDSPWD /* flags */
};
#ifdef USE_SSL
imap_disconnect, /* disconnect */
ZERO_NULL, /* readwrite */
PORT_IMAPS, /* defport */
- CURLPROTO_IMAP | CURLPROTO_IMAPS, /* protocol */
- PROTOPT_CLOSEACTION | PROTOPT_SSL | PROTOPT_NEEDSPWD
- | PROTOPT_NOURLQUERY /* flags */
+ CURLPROTO_IMAPS, /* protocol */
+ PROTOPT_CLOSEACTION | PROTOPT_SSL |
+ PROTOPT_NEEDSPWD /* flags */
};
#endif
static const struct Curl_handler Curl_handler_imap_proxy = {
"IMAP", /* scheme */
- ZERO_NULL, /* setup_connection */
+ Curl_http_setup_conn, /* setup_connection */
Curl_http, /* do_it */
Curl_http_done, /* done */
ZERO_NULL, /* do_more */
static const struct Curl_handler Curl_handler_imaps_proxy = {
"IMAPS", /* scheme */
- ZERO_NULL, /* setup_connection */
+ Curl_http_setup_conn, /* setup_connection */
Curl_http, /* do_it */
Curl_http_done, /* done */
ZERO_NULL, /* do_more */
/***********************************************************************
*
- * imap_sendf()
- *
- * Sends the formated string as an IMAP command to the server.
- *
- * Designed to never block.
- */
-static CURLcode imap_sendf(struct connectdata *conn, const char *fmt, ...)
-{
- CURLcode result = CURLE_OK;
- struct imap_conn *imapc = &conn->proto.imapc;
- char *taggedfmt;
- va_list ap;
- va_start(ap, fmt);
-
- /* Calculate the next command ID wrapping at 3 digits */
- imapc->cmdid = (imapc->cmdid + 1) % 1000;
-
- /* Calculate the tag based on the connection ID and command ID */
- snprintf(imapc->resptag, sizeof(imapc->resptag), "%c%03d",
- 'A' + (conn->connection_id % 26), imapc->cmdid);
-
- taggedfmt = aprintf("%s %s", imapc->resptag, fmt);
- if(!taggedfmt)
- return CURLE_OUT_OF_MEMORY;
-
- result = Curl_pp_vsendf(&imapc->pp, taggedfmt, ap);
-
- Curl_safefree(taggedfmt);
- va_end(ap);
-
- return result;
-}
-
-/***********************************************************************
- *
- * imap_atom()
- *
- * Checks the input string for characters that need escaping and returns an
- * atom ready for sending to the server.
+ * imap_matchresp()
*
- * The returned string needs to be freed.
+ * Determines whether the untagged response is related to the specified
+ * command by checking if it is in format "* <command-name> ..." or
+ * "* <number> <command-name> ...".
*
+ * The "* " marker is assumed to have already been checked by the caller.
*/
-static char *imap_atom(const char *str)
-{
- const char *p1;
- char *p2;
- size_t backsp_count = 0;
- size_t quote_count = 0;
- bool space_exists = FALSE;
- size_t newlen = 0;
- char *newstr = NULL;
-
- if(!str)
- return NULL;
-
- /* Count any unescapped characters */
- p1 = str;
- while(*p1) {
- if(*p1 == '\\')
- backsp_count++;
- else if(*p1 == '"')
- quote_count++;
- else if(*p1 == ' ')
- space_exists = TRUE;
-
- p1++;
- }
-
- /* Does the input contain any unescapped characters? */
- if(!backsp_count && !quote_count && !space_exists)
- return strdup(str);
-
- /* Calculate the new string length */
- newlen = strlen(str) + backsp_count + quote_count + (space_exists ? 2 : 0);
-
- /* Allocate the new string */
- newstr = (char *) malloc((newlen + 1) * sizeof(char));
- if(!newstr)
- return NULL;
-
- /* Surround the string in quotes if necessary */
- p2 = newstr;
- if(space_exists) {
- newstr[0] = '"';
- newstr[newlen - 1] = '"';
- p2++;
- }
-
- /* Copy the string, escaping backslash and quote characters along the way */
- p1 = str;
- while(*p1) {
- if(*p1 == '\\' || *p1 == '"') {
- *p2 = '\\';
- p2++;
- }
-
- *p2 = *p1;
-
- p1++;
- p2++;
- }
-
- /* Terminate the string */
- newstr[newlen] = '\0';
-
- return newstr;
-}
-
-/* Determines whether the untagged response is related to a specified
- command by checking if it is in format "* <command-name> ..." or
- "* <number> <command-name> ...". The "* " marker is assumed to have
- already been checked by the caller. */
static bool imap_matchresp(const char *line, size_t len, const char *cmd)
{
const char *end = line + len;
/* Does the command name match and is it followed by a space character or at
the end of line? */
if(line + cmd_len <= end && Curl_raw_nequal(line, cmd, cmd_len) &&
- (line[cmd_len] == ' ' || line + cmd_len == end))
+ (line[cmd_len] == ' ' || line + cmd_len + 2 == end))
return TRUE;
return FALSE;
}
-/* Function that checks whether the given string is a valid tagged, untagged
- or continuation response which can be processed by the response handler. */
+/***********************************************************************
+ *
+ * imap_endofresp()
+ *
+ * Checks whether the given string is a valid tagged, untagged or continuation
+ * response which can be processed by the response handler.
+ */
static bool imap_endofresp(struct connectdata *conn, char *line, size_t len,
int *resp)
{
- struct IMAP *imap = conn->data->state.proto.imap;
+ struct IMAP *imap = conn->data->req.protop;
struct imap_conn *imapc = &conn->proto.imapc;
const char *id = imapc->resptag;
size_t id_len = strlen(id);
break;
case IMAP_LIST:
- if(!imap_matchresp(line, len, "LIST"))
+ if((!imap->custom && !imap_matchresp(line, len, "LIST")) ||
+ (imap->custom && !imap_matchresp(line, len, imap->custom) &&
+ (strcmp(imap->custom, "STORE") ||
+ !imap_matchresp(line, len, "FETCH")) &&
+ strcmp(imap->custom, "SELECT") &&
+ strcmp(imap->custom, "EXAMINE") &&
+ strcmp(imap->custom, "SEARCH") &&
+ strcmp(imap->custom, "EXPUNGE") &&
+ strcmp(imap->custom, "LSUB") &&
+ strcmp(imap->custom, "UID") &&
+ strcmp(imap->custom, "NOOP")))
return FALSE;
break;
case IMAP_SELECT:
- /* SELECT is special in that its untagged responses does not have a
+ /* SELECT is special in that its untagged responses do not have a
common prefix so accept anything! */
break;
return FALSE;
break;
- case IMAP_CUSTOM:
- /* When dealing with a custom command, we are interested in all
- intermediate responses which match the parameter name. The
- exceptions are STORE, which returns untagged responses as FETCH,
- and SELECT and EXAMINE commands, for which no filtering is (or can
- be easily) done. */
- if(!imap_matchresp(line, len, imap->custom) &&
- (strcmp(imap->custom, "STORE") ||
- !imap_matchresp(line, len, "FETCH")) &&
- strcmp(imap->custom, "SELECT") &&
- strcmp(imap->custom, "EXAMINE"))
+ case IMAP_SEARCH:
+ if(!imap_matchresp(line, len, "SEARCH"))
return FALSE;
break;
return TRUE;
}
- /* Do we have a continuation response? */
+ /* Do we have a continuation response? This should be a + symbol followed by
+ a space and optionally some text as per RFC-3501 for the AUTHENTICATE and
+ APPEND commands and as outlined in Section 4. Examples of RFC-4959 but
+ some e-mail servers ignore this and only send a single + instead. */
if((len == 3 && !memcmp("+", line, 1)) ||
(len >= 2 && !memcmp("+ ", line, 2))) {
switch(imapc->state) {
case IMAP_AUTHENTICATE_DIGESTMD5_RESP:
case IMAP_AUTHENTICATE_NTLM:
case IMAP_AUTHENTICATE_NTLM_TYPE2MSG:
+ case IMAP_AUTHENTICATE_XOAUTH2:
case IMAP_AUTHENTICATE_FINAL:
case IMAP_APPEND:
*resp = '+';
return FALSE; /* Nothing for us */
}
-/* This is the ONLY way to change IMAP state! */
+/***********************************************************************
+ *
+ * imap_get_message()
+ *
+ * Gets the authentication message from the response buffer.
+ */
+static void imap_get_message(char *buffer, char** outptr)
+{
+ size_t len = 0;
+ char* message = NULL;
+
+ /* Find the start of the message */
+ for(message = buffer + 2; *message == ' ' || *message == '\t'; message++)
+ ;
+
+ /* Find the end of the message */
+ for(len = strlen(message); len--;)
+ if(message[len] != '\r' && message[len] != '\n' && message[len] != ' ' &&
+ message[len] != '\t')
+ break;
+
+ /* Terminate the message */
+ if(++len) {
+ message[len] = '\0';
+ }
+
+ *outptr = message;
+}
+
+/***********************************************************************
+ *
+ * state()
+ *
+ * This is the ONLY way to change IMAP state!
+ */
static void state(struct connectdata *conn, imapstate newstate)
{
struct imap_conn *imapc = &conn->proto.imapc;
"AUTHENTICATE_DIGESTMD5_RESP",
"AUTHENTICATE_NTLM",
"AUTHENTICATE_NTLM_TYPE2MSG",
+ "AUTHENTICATE_GSSAPI",
+ "AUTHENTICATE_GSSAPI_TOKEN",
+ "AUTHENTICATE_GSSAPI_NO_DATA",
+ "AUTHENTICATE_XOAUTH2",
+ "AUTHENTICATE_CANCEL",
"AUTHENTICATE_FINAL",
"LOGIN",
"LIST",
"FETCH_FINAL",
"APPEND",
"APPEND_FINAL",
- "CUSTOM",
+ "SEARCH",
"LOGOUT",
/* LAST */
};
if(imapc->state != newstate)
infof(conn->data, "IMAP %p state change from %s to %s\n",
- imapc, names[imapc->state], names[newstate]);
+ (void *)imapc, names[imapc->state], names[newstate]);
#endif
imapc->state = newstate;
}
-static CURLcode imap_state_capability(struct connectdata *conn)
+/***********************************************************************
+ *
+ * imap_perform_capability()
+ *
+ * Sends the CAPABILITY command in order to obtain a list of server side
+ * supported capabilities.
+ */
+static CURLcode imap_perform_capability(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct imap_conn *imapc = &conn->proto.imapc;
return result;
}
-static CURLcode imap_state_starttls(struct connectdata *conn)
+/***********************************************************************
+ *
+ * imap_perform_starttls()
+ *
+ * Sends the STARTTLS command to start the upgrade to TLS.
+ */
+static CURLcode imap_perform_starttls(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
return result;
}
-static CURLcode imap_state_upgrade_tls(struct connectdata *conn)
+/***********************************************************************
+ *
+ * imap_perform_upgrade_tls()
+ *
+ * Performs the upgrade to TLS.
+ */
+static CURLcode imap_perform_upgrade_tls(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct imap_conn *imapc = &conn->proto.imapc;
if(imapc->ssldone) {
imap_to_imaps(conn);
- result = imap_state_capability(conn);
+ result = imap_perform_capability(conn);
}
}
return result;
}
-static CURLcode imap_state_login(struct connectdata *conn)
+/***********************************************************************
+ *
+ * imap_perform_login()
+ *
+ * Sends a clear text LOGIN command to authenticate with.
+ */
+static CURLcode imap_perform_login(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
char *user;
return result;
}
-static CURLcode imap_authenticate(struct connectdata *conn)
+/***********************************************************************
+ *
+ * imap_perform_authenticate()
+ *
+ * Sends an AUTHENTICATE command allowing the client to login with the given
+ * SASL authentication mechanism.
+ */
+static CURLcode imap_perform_authenticate(struct connectdata *conn,
+ const char *mech,
+ const char *initresp,
+ imapstate state1, imapstate state2)
+{
+ CURLcode result = CURLE_OK;
+
+ if(initresp) {
+ /* Send the AUTHENTICATE command with the initial response */
+ result = imap_sendf(conn, "AUTHENTICATE %s %s", mech, initresp);
+
+ if(!result)
+ state(conn, state2);
+ }
+ else {
+ /* Send the AUTHENTICATE command */
+ result = imap_sendf(conn, "AUTHENTICATE %s", mech);
+
+ if(!result)
+ state(conn, state1);
+ }
+
+ return result;
+}
+
+/***********************************************************************
+ *
+ * imap_perform_authentication()
+ *
+ * Initiates the authentication sequence, with the appropriate SASL
+ * authentication mechanism, falling back to clear text should a common
+ * mechanism not be available between the client and server.
+ */
+static CURLcode imap_perform_authentication(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct imap_conn *imapc = &conn->proto.imapc;
return result;
}
- /* Calculate the supported authentication mechanism by decreasing order of
- security */
-#ifndef CURL_DISABLE_CRYPTO_AUTH
- if(imapc->authmechs & SASL_MECH_DIGEST_MD5) {
- mech = "DIGEST-MD5";
- state1 = IMAP_AUTHENTICATE_DIGESTMD5;
- imapc->authused = SASL_MECH_DIGEST_MD5;
- }
- else if(imapc->authmechs & SASL_MECH_CRAM_MD5) {
- mech = "CRAM-MD5";
- state1 = IMAP_AUTHENTICATE_CRAMMD5;
- imapc->authused = SASL_MECH_CRAM_MD5;
- }
- else
-#endif
-#ifdef USE_NTLM
- if(imapc->authmechs & SASL_MECH_NTLM) {
- mech = "NTLM";
- state1 = IMAP_AUTHENTICATE_NTLM;
- state2 = IMAP_AUTHENTICATE_NTLM_TYPE2MSG;
- imapc->authused = SASL_MECH_NTLM;
-
- if(imapc->ir_supported)
- result = Curl_sasl_create_login_message(conn->data, conn->user,
- &initresp, &len);
- }
- else
-#endif
- if(imapc->authmechs & SASL_MECH_LOGIN) {
- mech = "LOGIN";
- state1 = IMAP_AUTHENTICATE_LOGIN;
- state2 = IMAP_AUTHENTICATE_LOGIN_PASSWD;
- imapc->authused = SASL_MECH_LOGIN;
-
- if(imapc->ir_supported)
- result = Curl_sasl_create_plain_message(conn->data, conn->user,
- conn->passwd, &initresp, &len);
- }
- else if(imapc->authmechs & SASL_MECH_PLAIN) {
- mech = "PLAIN";
- state1 = IMAP_AUTHENTICATE_PLAIN;
- state2 = IMAP_AUTHENTICATE_FINAL;
- imapc->authused = SASL_MECH_PLAIN;
-
- if(imapc->ir_supported)
- result = Curl_sasl_create_plain_message(conn->data, conn->user,
- conn->passwd, &initresp, &len);
- }
-
- if(result)
- return result;
+ /* Calculate the SASL login details */
+ result = imap_calc_sasl_details(conn, &mech, &initresp, &len, &state1,
+ &state2);
- if(mech) {
- if(initresp) {
+ if(!result) {
+ if(mech && (imapc->preftype & IMAP_TYPE_SASL)) {
/* Perform SASL based authentication */
- result = imap_sendf(conn, "AUTHENTICATE %s %s", mech, initresp);
-
- if(!result)
- state(conn, state2);
+ result = imap_perform_authenticate(conn, mech, initresp, state1, state2);
}
+ else if((!imapc->login_disabled) &&
+ (imapc->preftype & IMAP_TYPE_CLEARTEXT))
+ /* Perform clear text authentication */
+ result = imap_perform_login(conn);
else {
- result = imap_sendf(conn, "AUTHENTICATE %s", mech);
-
- if(!result)
- state(conn, state1);
+ /* Other mechanisms not supported */
+ infof(conn->data, "No known authentication mechanisms supported!\n");
+ result = CURLE_LOGIN_DENIED;
}
-
- Curl_safefree(initresp);
- }
- else if(!imapc->login_disabled)
- /* Perform clear text authentication */
- result = imap_state_login(conn);
- else {
- /* Other mechanisms not supported */
- infof(conn->data, "No known authentication mechanisms supported!\n");
- result = CURLE_LOGIN_DENIED;
}
+ Curl_safefree(initresp);
+
return result;
}
-/* Start the DO phase */
-static CURLcode imap_list(struct connectdata *conn)
+/***********************************************************************
+ *
+ * imap_perform_list()
+ *
+ * Sends a LIST command or an alternative custom request.
+ */
+static CURLcode imap_perform_list(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct IMAP *imap = data->state.proto.imap;
+ struct IMAP *imap = data->req.protop;
char *mailbox;
- /* Make sure the mailbox is in the correct atom format */
- mailbox = imap_atom(imap->mailbox ? imap->mailbox : "");
- if(!mailbox)
- return CURLE_OUT_OF_MEMORY;
+ if(imap->custom)
+ /* Send the custom request */
+ result = imap_sendf(conn, "%s%s", imap->custom,
+ imap->custom_params ? imap->custom_params : "");
+ else {
+ /* Make sure the mailbox is in the correct atom format */
+ mailbox = imap_atom(imap->mailbox ? imap->mailbox : "");
+ if(!mailbox)
+ return CURLE_OUT_OF_MEMORY;
- /* Send the LIST command */
- result = imap_sendf(conn, "LIST \"%s\" *", mailbox);
+ /* Send the LIST command */
+ result = imap_sendf(conn, "LIST \"%s\" *", mailbox);
- Curl_safefree(mailbox);
+ Curl_safefree(mailbox);
+ }
if(!result)
state(conn, IMAP_LIST);
return result;
}
-static CURLcode imap_select(struct connectdata *conn)
+/***********************************************************************
+ *
+ * imap_perform_select()
+ *
+ * Sends a SELECT command to ask the server to change the selected mailbox.
+ */
+static CURLcode imap_perform_select(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct IMAP *imap = data->state.proto.imap;
+ struct IMAP *imap = data->req.protop;
struct imap_conn *imapc = &conn->proto.imapc;
char *mailbox;
return result;
}
-static CURLcode imap_fetch(struct connectdata *conn)
+/***********************************************************************
+ *
+ * imap_perform_fetch()
+ *
+ * Sends a FETCH command to initiate the download of a message.
+ */
+static CURLcode imap_perform_fetch(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
- struct IMAP *imap = conn->data->state.proto.imap;
+ struct IMAP *imap = conn->data->req.protop;
/* Check we have a UID */
if(!imap->uid) {
}
/* Send the FETCH command */
- result = imap_sendf(conn, "FETCH %s BODY[%s]",
- imap->uid,
- imap->section ? imap->section : "");
+ if(imap->partial)
+ result = imap_sendf(conn, "FETCH %s BODY[%s]<%s>",
+ imap->uid,
+ imap->section ? imap->section : "",
+ imap->partial);
+ else
+ result = imap_sendf(conn, "FETCH %s BODY[%s]",
+ imap->uid,
+ imap->section ? imap->section : "");
if(!result)
state(conn, IMAP_FETCH);
return result;
}
-static CURLcode imap_append(struct connectdata *conn)
+/***********************************************************************
+ *
+ * imap_perform_append()
+ *
+ * Sends an APPEND command to initiate the upload of a message.
+ */
+static CURLcode imap_perform_append(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
- struct IMAP *imap = conn->data->state.proto.imap;
+ struct IMAP *imap = conn->data->req.protop;
char *mailbox;
/* Check we have a mailbox */
}
/* Check we know the size of the upload */
- if(conn->data->set.infilesize < 0) {
+ if(conn->data->state.infilesize < 0) {
failf(conn->data, "Cannot APPEND with unknown input file size\n");
return CURLE_UPLOAD_FAILED;
}
return CURLE_OUT_OF_MEMORY;
/* Send the APPEND command */
- result = imap_sendf(conn, "APPEND %s (\\Seen) {%" FORMAT_OFF_T "}",
- mailbox, conn->data->set.infilesize);
+ result = imap_sendf(conn, "APPEND %s (\\Seen) {%" CURL_FORMAT_CURL_OFF_T "}",
+ mailbox, conn->data->state.infilesize);
Curl_safefree(mailbox);
return result;
}
-static CURLcode imap_custom(struct connectdata *conn)
+/***********************************************************************
+ *
+ * imap_perform_search()
+ *
+ * Sends a SEARCH command.
+ */
+static CURLcode imap_perform_search(struct connectdata *conn)
{
- struct IMAP *imap = conn->data->state.proto.imap;
+ CURLcode result = CURLE_OK;
+ struct IMAP *imap = conn->data->req.protop;
- /* Send the custom request */
- CURLcode result = imap_sendf(conn, "%s%s", imap->custom,
- imap->custom_params ? imap->custom_params : "");
+ /* Check we have a query string */
+ if(!imap->query) {
+ failf(conn->data, "Cannot SEARCH without a query string.");
+ return CURLE_URL_MALFORMAT;
+ }
- if(!result) {
- /* We don't know how much data will be received */
- Curl_pgrsSetDownloadSize(conn->data, -1);
+ /* Send the SEARCH command */
+ result = imap_sendf(conn, "SEARCH %s", imap->query);
- state(conn, IMAP_CUSTOM);
- }
+ if(!result)
+ state(conn, IMAP_SEARCH);
+
+ return result;
+}
+
+/***********************************************************************
+ *
+ * imap_perform_logout()
+ *
+ * Performs the logout action prior to sclose() being called.
+ */
+static CURLcode imap_perform_logout(struct connectdata *conn)
+{
+ CURLcode result = CURLE_OK;
+
+ /* Send the LOGOUT command */
+ result = imap_sendf(conn, "LOGOUT");
+
+ if(!result)
+ state(conn, IMAP_LOGOUT);
return result;
}
result = CURLE_FTP_WEIRD_SERVER_REPLY; /* TODO: fix this code */
}
else
- result = imap_state_capability(conn);
+ result = imap_perform_capability(conn);
return result;
}
wordlen -= 5;
/* Test the word for a matching authentication mechanism */
- if(wordlen == 5 && !memcmp(line, "LOGIN", 5))
+ if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_LOGIN))
imapc->authmechs |= SASL_MECH_LOGIN;
- if(wordlen == 5 && !memcmp(line, "PLAIN", 5))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_PLAIN))
imapc->authmechs |= SASL_MECH_PLAIN;
- else if(wordlen == 8 && !memcmp(line, "CRAM-MD5", 8))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_CRAM_MD5))
imapc->authmechs |= SASL_MECH_CRAM_MD5;
- else if(wordlen == 10 && !memcmp(line, "DIGEST-MD5", 10))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_DIGEST_MD5))
imapc->authmechs |= SASL_MECH_DIGEST_MD5;
- else if(wordlen == 6 && !memcmp(line, "GSSAPI", 6))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_GSSAPI))
imapc->authmechs |= SASL_MECH_GSSAPI;
- else if(wordlen == 8 && !memcmp(line, "EXTERNAL", 8))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_EXTERNAL))
imapc->authmechs |= SASL_MECH_EXTERNAL;
- else if(wordlen == 4 && !memcmp(line, "NTLM", 4))
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_NTLM))
imapc->authmechs |= SASL_MECH_NTLM;
+ else if(sasl_mech_equal(line, wordlen, SASL_MECH_STRING_XOAUTH2))
+ imapc->authmechs |= SASL_MECH_XOAUTH2;
}
line += wordlen;
/* We don't have a SSL/TLS connection yet, but SSL is requested */
if(imapc->tls_supported)
/* Switch to TLS connection now */
- result = imap_state_starttls(conn);
+ result = imap_perform_starttls(conn);
else if(data->set.use_ssl == CURLUSESSL_TRY)
/* Fallback and carry on with authentication */
- result = imap_authenticate(conn);
+ result = imap_perform_authentication(conn);
else {
failf(data, "STARTTLS not supported.");
result = CURLE_USE_SSL_FAILED;
}
}
else
- result = imap_authenticate(conn);
+ result = imap_perform_authentication(conn);
}
else
- result = imap_state_login(conn);
+ result = imap_perform_authentication(conn);
return result;
}
result = CURLE_USE_SSL_FAILED;
}
else
- result = imap_authenticate(conn);
+ result = imap_perform_authentication(conn);
}
else
- result = imap_state_upgrade_tls(conn);
+ result = imap_perform_upgrade_tls(conn);
return result;
}
/* Create the authorisation message */
result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
&plainauth, &len);
+ if(!result && plainauth) {
+ /* Send the message */
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", plainauth);
- /* Send the message */
- if(!result) {
- if(plainauth) {
- result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", plainauth);
-
- if(!result)
- state(conn, IMAP_AUTHENTICATE_FINAL);
- }
-
- Curl_safefree(plainauth);
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_FINAL);
}
}
+ Curl_safefree(plainauth);
+
return result;
}
/* Create the user message */
result = Curl_sasl_create_login_message(data, conn->user,
&authuser, &len);
+ if(!result && authuser) {
+ /* Send the user */
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", authuser);
- /* Send the user */
- if(!result) {
- if(authuser) {
- result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", authuser);
-
- if(!result)
- state(conn, IMAP_AUTHENTICATE_LOGIN_PASSWD);
- }
-
- Curl_safefree(authuser);
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_LOGIN_PASSWD);
}
}
+ Curl_safefree(authuser);
+
return result;
}
/* Create the password message */
result = Curl_sasl_create_login_message(data, conn->passwd,
&authpasswd, &len);
+ if(!result && authpasswd) {
+ /* Send the password */
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", authpasswd);
- /* Send the password */
- if(!result) {
- if(authpasswd) {
- result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", authpasswd);
-
- if(!result)
- state(conn, IMAP_AUTHENTICATE_FINAL);
- }
-
- Curl_safefree(authpasswd);
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_FINAL);
}
}
+ Curl_safefree(authpasswd);
+
return result;
}
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- char *chlg64 = data->state.buffer;
- size_t len = 0;
+ char *chlg = NULL;
+ char *chlg64 = NULL;
char *rplyb64 = NULL;
+ size_t len = 0;
(void)instate; /* no use for this yet */
return CURLE_LOGIN_DENIED;
}
- /* Get the challenge */
- for(chlg64 += 2; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++)
- ;
+ /* Get the challenge message */
+ imap_get_message(data->state.buffer, &chlg64);
- /* Terminate the challenge */
- if(*chlg64 != '=') {
- for(len = strlen(chlg64); len--;)
- if(chlg64[len] != '\r' && chlg64[len] != '\n' && chlg64[len] != ' ' &&
- chlg64[len] != '\t')
- break;
+ /* Decode the challenge message */
+ result = Curl_sasl_decode_cram_md5_message(chlg64, &chlg, &len);
+ if(result) {
+ /* Send the cancellation */
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*");
- if(++len) {
- chlg64[len] = '\0';
- }
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_CANCEL);
}
-
- /* Create the response message */
- result = Curl_sasl_create_cram_md5_message(data, chlg64, conn->user,
- conn->passwd, &rplyb64, &len);
-
- /* Send the response */
- if(!result) {
- if(rplyb64) {
+ else {
+ /* Create the response message */
+ result = Curl_sasl_create_cram_md5_message(data, chlg, conn->user,
+ conn->passwd, &rplyb64, &len);
+ if(!result && rplyb64) {
+ /* Send the response */
result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64);
if(!result)
state(conn, IMAP_AUTHENTICATE_FINAL);
}
-
- Curl_safefree(rplyb64);
}
+ Curl_safefree(chlg);
+ Curl_safefree(rplyb64);
+
return result;
}
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- char *chlg64 = data->state.buffer;
- size_t len = 0;
+ char *chlg64 = NULL;
char *rplyb64 = NULL;
+ size_t len = 0;
(void)instate; /* no use for this yet */
return CURLE_LOGIN_DENIED;
}
- /* Get the challenge */
- for(chlg64 += 2; *chlg64 == ' ' || *chlg64 == '\t'; chlg64++)
- ;
+ /* Get the challenge message */
+ imap_get_message(data->state.buffer, &chlg64);
/* Create the response message */
- result = Curl_sasl_create_digest_md5_message(data, chlg64, conn->user,
- conn->passwd, "imap",
- &rplyb64, &len);
-
- /* Send the response */
- if(!result) {
- if(rplyb64) {
- result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64);
+ result = Curl_sasl_create_digest_md5_message(data, chlg64,
+ conn->user, conn->passwd,
+ "imap", &rplyb64, &len);
+ if(result) {
+ if(result == CURLE_BAD_CONTENT_ENCODING) {
+ /* Send the cancellation */
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*");
if(!result)
- state(conn, IMAP_AUTHENTICATE_DIGESTMD5_RESP);
+ state(conn, IMAP_AUTHENTICATE_CANCEL);
}
+ }
+ else {
+ /* Send the response */
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", rplyb64);
- Curl_safefree(rplyb64);
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_DIGESTMD5_RESP);
}
+ Curl_safefree(rplyb64);
+
return result;
}
}
else {
/* Send an empty response */
- result = Curl_pp_sendf(&conn->proto.imapc.pp, "");
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "");
if(!result)
state(conn, IMAP_AUTHENTICATE_FINAL);
result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
&conn->ntlm,
&type1msg, &len);
+ if(!result && type1msg) {
+ /* Send the message */
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", type1msg);
- /* Send the message */
- if(!result) {
- if(type1msg) {
- result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", type1msg);
-
- if(!result)
- state(conn, IMAP_AUTHENTICATE_NTLM_TYPE2MSG);
- }
-
- Curl_safefree(type1msg);
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_NTLM_TYPE2MSG);
}
}
+ Curl_safefree(type1msg);
+
return result;
}
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- size_t len = 0;
+ char *type2msg = NULL;
char *type3msg = NULL;
+ size_t len = 0;
(void)instate; /* no use for this yet */
result = CURLE_LOGIN_DENIED;
}
else {
- /* Create the type-3 message */
- result = Curl_sasl_create_ntlm_type3_message(data,
- data->state.buffer + 2,
- conn->user, conn->passwd,
- &conn->ntlm,
- &type3msg, &len);
+ /* Get the challenge message */
+ imap_get_message(data->state.buffer, &type2msg);
- /* Send the message */
- if(!result) {
- if(type3msg) {
+ /* Decode the type-2 message */
+ result = Curl_sasl_decode_ntlm_type2_message(data, type2msg, &conn->ntlm);
+ if(result) {
+ /* Send the cancellation */
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*");
+
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_CANCEL);
+ }
+ else {
+ /* Create the type-3 message */
+ result = Curl_sasl_create_ntlm_type3_message(data, conn->user,
+ conn->passwd, &conn->ntlm,
+ &type3msg, &len);
+ if(!result && type3msg) {
+ /* Send the message */
result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", type3msg);
if(!result)
state(conn, IMAP_AUTHENTICATE_FINAL);
}
+ }
+ }
+
+ Curl_safefree(type3msg);
+
+ return result;
+}
+#endif
+
+#if defined(USE_KERBEROS5)
+/* For AUTHENTICATE GSSAPI (without initial response) responses */
+static CURLcode imap_state_auth_gssapi_resp(struct connectdata *conn,
+ int imapcode,
+ imapstate instate)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ struct imap_conn *imapc = &conn->proto.imapc;
+ size_t len = 0;
+ char *respmsg = NULL;
+
+ (void)instate; /* no use for this yet */
+
+ if(imapcode != '+') {
+ failf(data, "Access denied: %d", imapcode);
+ result = CURLE_LOGIN_DENIED;
+ }
+ else {
+ /* Create the initial response message */
+ result = Curl_sasl_create_gssapi_user_message(data, conn->user,
+ conn->passwd, "imap",
+ imapc->mutual_auth,
+ NULL, &conn->krb5,
+ &respmsg, &len);
+ if(!result && respmsg) {
+ /* Send the message */
+ result = Curl_pp_sendf(&imapc->pp, "%s", respmsg);
+
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_GSSAPI_TOKEN);
+ }
+ }
+
+ Curl_safefree(respmsg);
+
+ return result;
+}
+
+/* For AUTHENTICATE GSSAPI user token responses */
+static CURLcode imap_state_auth_gssapi_token_resp(struct connectdata *conn,
+ int imapcode,
+ imapstate instate)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ struct imap_conn *imapc = &conn->proto.imapc;
+ char *chlgmsg = NULL;
+ char *respmsg = NULL;
+ size_t len = 0;
+
+ (void)instate; /* no use for this yet */
+
+ if(imapcode != '+') {
+ failf(data, "Access denied: %d", imapcode);
+ result = CURLE_LOGIN_DENIED;
+ }
+ else {
+ /* Get the challenge message */
+ imap_get_message(data->state.buffer, &chlgmsg);
+
+ if(imapc->mutual_auth)
+ /* Decode the user token challenge and create the optional response
+ message */
+ result = Curl_sasl_create_gssapi_user_message(data, NULL, NULL, NULL,
+ imapc->mutual_auth,
+ chlgmsg, &conn->krb5,
+ &respmsg, &len);
+ else
+ /* Decode the security challenge and create the response message */
+ result = Curl_sasl_create_gssapi_security_message(data, chlgmsg,
+ &conn->krb5,
+ &respmsg, &len);
+
+ if(result) {
+ if(result == CURLE_BAD_CONTENT_ENCODING) {
+ /* Send the cancellation */
+ result = Curl_pp_sendf(&imapc->pp, "%s", "*");
+
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_CANCEL);
+ }
+ }
+ else {
+ /* Send the response */
+ if(respmsg)
+ result = Curl_pp_sendf(&imapc->pp, "%s", respmsg);
+ else
+ result = Curl_pp_sendf(&imapc->pp, "%s", "");
+
+ if(!result)
+ state(conn, (imapc->mutual_auth ? IMAP_AUTHENTICATE_GSSAPI_NO_DATA :
+ IMAP_AUTHENTICATE_FINAL));
+ }
+ }
+
+ Curl_safefree(respmsg);
+
+ return result;
+}
+
+/* For AUTHENTICATE GSSAPI no data responses */
+static CURLcode imap_state_auth_gssapi_no_data_resp(struct connectdata *conn,
+ int imapcode,
+ imapstate instate)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ char *chlgmsg = NULL;
+ char *respmsg = NULL;
+ size_t len = 0;
+
+ (void)instate; /* no use for this yet */
+
+ if(imapcode != '+') {
+ failf(data, "Access denied: %d", imapcode);
+ result = CURLE_LOGIN_DENIED;
+ }
+ else {
+ /* Get the challenge message */
+ imap_get_message(data->state.buffer, &chlgmsg);
+
+ /* Decode the security challenge and create the response message */
+ result = Curl_sasl_create_gssapi_security_message(data, chlgmsg,
+ &conn->krb5,
+ &respmsg, &len);
+ if(result) {
+ if(result == CURLE_BAD_CONTENT_ENCODING) {
+ /* Send the cancellation */
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "*");
+
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_CANCEL);
+ }
+ }
+ else {
+ /* Send the response */
+ if(respmsg) {
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", respmsg);
- Curl_safefree(type3msg);
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_FINAL);
+ }
}
}
+ Curl_safefree(respmsg);
+
return result;
}
#endif
-/* For final responses to the AUTHENTICATE sequence */
+/* For AUTHENTICATE XOAUTH2 (without initial response) responses */
+static CURLcode imap_state_auth_xoauth2_resp(struct connectdata *conn,
+ int imapcode,
+ imapstate instate)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ size_t len = 0;
+ char *xoauth = NULL;
+
+ (void)instate; /* no use for this yet */
+
+ if(imapcode != '+') {
+ failf(data, "Access denied: %d", imapcode);
+ result = CURLE_LOGIN_DENIED;
+ }
+ else {
+ /* Create the authorisation message */
+ result = Curl_sasl_create_xoauth2_message(conn->data, conn->user,
+ conn->xoauth2_bearer,
+ &xoauth, &len);
+ if(!result && xoauth) {
+ /* Send the message */
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", xoauth);
+
+ if(!result)
+ state(conn, IMAP_AUTHENTICATE_FINAL);
+ }
+ }
+
+ Curl_safefree(xoauth);
+
+ return result;
+}
+
+/* For AUTHENTICATE cancellation responses */
+static CURLcode imap_state_auth_cancel_resp(struct connectdata *conn,
+ int imapcode,
+ imapstate instate)
+{
+ CURLcode result = CURLE_OK;
+ struct SessionHandle *data = conn->data;
+ struct imap_conn *imapc = &conn->proto.imapc;
+ const char *mech = NULL;
+ char *initresp = NULL;
+ size_t len = 0;
+ imapstate state1 = IMAP_STOP;
+ imapstate state2 = IMAP_STOP;
+
+ (void)imapcode;
+ (void)instate; /* no use for this yet */
+
+ /* Remove the offending mechanism from the supported list */
+ imapc->authmechs ^= imapc->authused;
+
+ /* Calculate alternative SASL login details */
+ result = imap_calc_sasl_details(conn, &mech, &initresp, &len, &state1,
+ &state2);
+
+ if(!result) {
+ /* Do we have any mechanisms left or can we fallback to clear text? */
+ if(mech) {
+ /* Retry SASL based authentication */
+ result = imap_perform_authenticate(conn, mech, initresp, state1, state2);
+
+ Curl_safefree(initresp);
+ }
+ else if((!imapc->login_disabled) &&
+ (imapc->preftype & IMAP_TYPE_CLEARTEXT))
+ /* Perform clear text authentication */
+ result = imap_perform_login(conn);
+ else {
+ failf(data, "Authentication cancelled");
+
+ result = CURLE_LOGIN_DENIED;
+ }
+ }
+
+ return result;
+}
+
+/* For final responses in the AUTHENTICATE sequence */
static CURLcode imap_state_auth_final_resp(struct connectdata *conn,
int imapcode,
imapstate instate)
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct IMAP *imap = conn->data->state.proto.imap;
+ struct IMAP *imap = conn->data->req.protop;
struct imap_conn *imapc = &conn->proto.imapc;
const char *line = data->state.buffer;
char tmp[20];
imapc->mailbox = strdup(imap->mailbox);
if(imap->custom)
- result = imap_custom(conn);
+ result = imap_perform_list(conn);
+ else if(imap->query)
+ result = imap_perform_search(conn);
else
- result = imap_fetch(conn);
+ result = imap_perform_fetch(conn);
}
}
else {
(void)instate; /* no use for this yet */
if(imapcode != '*') {
- Curl_pgrsSetDownloadSize(data, 0);
+ Curl_pgrsSetDownloadSize(data, -1);
state(conn, IMAP_STOP);
return CURLE_REMOTE_FILE_NOT_FOUND; /* TODO: Fix error code */
}
}
if(parsed) {
- infof(data, "Found %" FORMAT_OFF_TU " bytes to download\n", size);
+ infof(data, "Found %" CURL_FORMAT_CURL_OFF_TU " bytes to download\n",
+ size);
Curl_pgrsSetDownloadSize(data, size);
if(pp->cache) {
return result;
data->req.bytecount += chunk;
- size -= chunk;
- infof(data, "Written %" FORMAT_OFF_TU " bytes, %" FORMAT_OFF_TU
- " bytes are left for transfer\n", (curl_off_t)chunk, size);
+ infof(data, "Written %" CURL_FORMAT_CURL_OFF_TU
+ " bytes, %" CURL_FORMAT_CURL_OFF_TU
+ " bytes are left for transfer\n", (curl_off_t)chunk,
+ size - chunk);
/* Have we used the entire cache or just part of it?*/
if(pp->cache_size > chunk) {
}
}
- if(!size)
+ if(data->req.bytecount == size)
/* The entire data is already transferred! */
Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
else {
}
else {
/* Set the progress upload size */
- Curl_pgrsSetUploadSize(data, data->set.infilesize);
+ Curl_pgrsSetUploadSize(data, data->state.infilesize);
/* IMAP upload */
Curl_setup_transfer(conn, -1, -1, FALSE, NULL, FIRSTSOCKET, NULL);
return result;
}
+/* For SEARCH responses */
+static CURLcode imap_state_search_resp(struct connectdata *conn, int imapcode,
+ imapstate instate)
+{
+ CURLcode result = CURLE_OK;
+ char *line = conn->data->state.buffer;
+ size_t len = strlen(line);
+
+ (void)instate; /* No use for this yet */
+
+ if(imapcode == '*') {
+ /* Temporarily add the LF character back and send as body to the client */
+ line[len] = '\n';
+ result = Curl_client_write(conn, CLIENTWRITE_BODY, line, len + 1);
+ line[len] = '\0';
+ }
+ else if(imapcode != 'O')
+ result = CURLE_QUOTE_ERROR; /* TODO: Fix error code */
+ else
+ /* End of DO phase */
+ state(conn, IMAP_STOP);
+
+ return result;
+}
+
static CURLcode imap_statemach_act(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
/* Busy upgrading the connection; right now all I/O is SSL/TLS, not IMAP */
if(imapc->state == IMAP_UPGRADETLS)
- return imap_state_upgrade_tls(conn);
+ return imap_perform_upgrade_tls(conn);
/* Flush any data that needs to be sent */
if(pp->sendleft)
break;
#endif
+#if defined(USE_KERBEROS5)
+ case IMAP_AUTHENTICATE_GSSAPI:
+ result = imap_state_auth_gssapi_resp(conn, imapcode, imapc->state);
+ break;
+
+ case IMAP_AUTHENTICATE_GSSAPI_TOKEN:
+ result = imap_state_auth_gssapi_token_resp(conn, imapcode, imapc->state);
+ break;
+
+ case IMAP_AUTHENTICATE_GSSAPI_NO_DATA:
+ result = imap_state_auth_gssapi_no_data_resp(conn, imapcode,
+ imapc->state);
+ break;
+#endif
+
+ case IMAP_AUTHENTICATE_XOAUTH2:
+ result = imap_state_auth_xoauth2_resp(conn, imapcode, imapc->state);
+ break;
+
+ case IMAP_AUTHENTICATE_CANCEL:
+ result = imap_state_auth_cancel_resp(conn, imapcode, imapc->state);
+ break;
+
case IMAP_AUTHENTICATE_FINAL:
result = imap_state_auth_final_resp(conn, imapcode, imapc->state);
break;
break;
case IMAP_LIST:
- case IMAP_CUSTOM:
result = imap_state_list_resp(conn, imapcode, imapc->state);
break;
result = imap_state_append_final_resp(conn, imapcode, imapc->state);
break;
+ case IMAP_SEARCH:
+ result = imap_state_search_resp(conn, imapcode, imapc->state);
+ break;
+
case IMAP_LOGOUT:
/* fallthrough, just stop! */
default:
CURLcode result = CURLE_OK;
struct imap_conn *imapc = &conn->proto.imapc;
- if((conn->handler->flags & PROTOPT_SSL) && !imapc->ssldone)
+ if((conn->handler->flags & PROTOPT_SSL) && !imapc->ssldone) {
result = Curl_ssl_connect_nonblocking(conn, FIRSTSOCKET, &imapc->ssldone);
- else
- result = Curl_pp_statemach(&imapc->pp, FALSE);
+ if(result || !imapc->ssldone)
+ return result;
+ }
+ result = Curl_pp_statemach(&imapc->pp, FALSE);
*done = (imapc->state == IMAP_STOP) ? TRUE : FALSE;
return result;
required */
static CURLcode imap_init(struct connectdata *conn)
{
+ CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct IMAP *imap = data->state.proto.imap;
+ struct IMAP *imap;
- if(!imap) {
- imap = data->state.proto.imap = calloc(sizeof(struct IMAP), 1);
- if(!imap)
- return CURLE_OUT_OF_MEMORY;
- }
+ imap = data->req.protop = calloc(sizeof(struct IMAP), 1);
+ if(!imap)
+ result = CURLE_OUT_OF_MEMORY;
- return CURLE_OK;
+ return result;
}
/* For the IMAP "protocol connect" and "doing" phases only */
/***********************************************************************
*
- * imap_connect() should do everything that is to be considered a part of
- * the connection phase.
+ * imap_connect()
+ *
+ * This function should do everything that is to be considered a part of the
+ * connection phase.
*
* The variable 'done' points to will be TRUE if the protocol-layer connect
- * phase is done when this function returns, or FALSE is not. When called as
- * a part of the easy interface, it will always be TRUE.
+ * phase is done when this function returns, or FALSE if not.
*/
static CURLcode imap_connect(struct connectdata *conn, bool *done)
{
*done = FALSE; /* default to not done yet */
- /* If there already is a protocol-specific struct allocated for this
- sessionhandle, deal with it */
- Curl_reset_reqproto(conn);
-
- /* Initialise the IMAP layer */
- result = imap_init(conn);
- if(result)
- return result;
-
/* We always support persistent connections in IMAP */
- conn->bits.close = FALSE;
+ connkeep(conn, "IMAP default");
/* Set the default response time-out */
pp->response_time = RESP_TIMEOUT;
pp->endofresp = imap_endofresp;
pp->conn = conn;
+ /* Set the default preferred authentication type and mechanism */
+ imapc->preftype = IMAP_TYPE_ANY;
+ imapc->prefmech = SASL_AUTH_ANY;
+
/* Initialise the pingpong layer */
Curl_pp_init(pp);
- /* Start off waiting for the server greeting response */
+ /* Parse the URL options */
+ result = imap_parse_url_options(conn);
+ if(result)
+ return result;
+
+ /* Start off waiting for the server greeting response */
state(conn, IMAP_SERVERGREET);
/* Start off with an response id of '*' */
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct IMAP *imap = data->state.proto.imap;
+ struct IMAP *imap = data->req.protop;
(void)premature;
return CURLE_OK;
if(status) {
- conn->bits.close = TRUE; /* marked for closure */
+ connclose(conn, "IMAP done with bad status"); /* marked for closure */
result = status; /* use the already set error code */
}
else if(!data->set.connect_only && !imap->custom &&
state(conn, IMAP_FETCH_FINAL);
else {
/* End the APPEND command first by sending an empty line */
- result = Curl_pp_sendf(&conn->proto.imapc.pp, "");
+ result = Curl_pp_sendf(&conn->proto.imapc.pp, "%s", "");
if(!result)
state(conn, IMAP_APPEND_FINAL);
}
Curl_safefree(imap->uidvalidity);
Curl_safefree(imap->uid);
Curl_safefree(imap->section);
+ Curl_safefree(imap->partial);
+ Curl_safefree(imap->query);
Curl_safefree(imap->custom);
Curl_safefree(imap->custom_params);
/* This is IMAP and no proxy */
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct IMAP *imap = data->state.proto.imap;
+ struct IMAP *imap = data->req.protop;
struct imap_conn *imapc = &conn->proto.imapc;
bool selected = FALSE;
/* Start the first command in the DO phase */
if(conn->data->set.upload)
/* APPEND can be executed directly */
- result = imap_append(conn);
+ result = imap_perform_append(conn);
else if(imap->custom && (selected || !imap->mailbox))
/* Custom command using the same mailbox or no mailbox */
- result = imap_custom(conn);
+ result = imap_perform_list(conn);
else if(!imap->custom && selected && imap->uid)
/* FETCH from the same mailbox */
- result = imap_fetch(conn);
- else if(imap->mailbox && !selected && (imap->custom || imap->uid))
+ result = imap_perform_fetch(conn);
+ else if(!imap->custom && selected && imap->query)
+ /* SEARCH the current mailbox */
+ result = imap_perform_search(conn);
+ else if(imap->mailbox && !selected &&
+ (imap->custom || imap->uid || imap->query))
/* SELECT the mailbox */
- result = imap_select(conn);
+ result = imap_perform_select(conn);
else
/* LIST */
- result = imap_list(conn);
+ result = imap_perform_list(conn);
if(result)
return result;
*done = FALSE; /* default to false */
- /* Since connections can be re-used between SessionHandles, there might be a
- connection already existing but on a fresh SessionHandle struct. As such
- we make sure we have a good IMAP struct to play with. For new connections
- the IMAP struct is allocated and setup in the imap_connect() function. */
- Curl_reset_reqproto(conn);
- result = imap_init(conn);
- if(result)
- return result;
-
/* Parse the URL path */
result = imap_parse_url_path(conn);
if(result)
/***********************************************************************
*
- * imap_logout()
- *
- * This should be called before calling sclose(). We should then wait for the
- * response from the server before returning. The calling code should then try
- * to close the connection.
- *
- */
-static CURLcode imap_logout(struct connectdata *conn)
-{
- CURLcode result = CURLE_OK;
-
- /* Send the LOGOUT command */
- result = imap_sendf(conn, "LOGOUT", NULL);
- if(result)
- return result;
-
- state(conn, IMAP_LOGOUT);
-
- result = imap_block_statemach(conn);
-
- return result;
-}
-
-/***********************************************************************
- *
* imap_disconnect()
*
* Disconnect from an IMAP server. Cleanup protocol-specific per-connection
/* The IMAP session may or may not have been allocated/setup at this
point! */
- if(!dead_connection && imapc->pp.conn)
- (void)imap_logout(conn); /* ignore errors on LOGOUT */
+ if(!dead_connection && imapc->pp.conn && imapc->pp.conn->bits.protoconnstart)
+ if(!imap_perform_logout(conn))
+ (void)imap_block_statemach(conn); /* ignore errors on LOGOUT */
/* Disconnect from the server */
Curl_pp_disconnect(&imapc->pp);
return CURLE_OK;
}
+/* Call this when the DO phase has completed */
+static CURLcode imap_dophase_done(struct connectdata *conn, bool connected)
+{
+ struct IMAP *imap = conn->data->req.protop;
+
+ (void)connected;
+
+ if(imap->transfer != FTPTRANSFER_BODY)
+ /* no data to transfer */
+ Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
+
+ return CURLE_OK;
+}
+
+/* Called from multi.c while DOing */
+static CURLcode imap_doing(struct connectdata *conn, bool *dophase_done)
+{
+ CURLcode result = imap_multi_statemach(conn, dophase_done);
+
+ if(result)
+ DEBUGF(infof(conn->data, "DO phase failed\n"));
+ else if(*dophase_done) {
+ result = imap_dophase_done(conn, FALSE /* not connected */);
+
+ DEBUGF(infof(conn->data, "DO phase is complete\n"));
+ }
+
+ return result;
+}
+
+/***********************************************************************
+ *
+ * imap_regular_transfer()
+ *
+ * The input argument is already checked for validity.
+ *
+ * Performs all commands done before a regular transfer between a local and a
+ * remote host.
+ */
+static CURLcode imap_regular_transfer(struct connectdata *conn,
+ bool *dophase_done)
+{
+ CURLcode result = CURLE_OK;
+ bool connected = FALSE;
+ struct SessionHandle *data = conn->data;
+
+ /* Make sure size is unknown at this point */
+ data->req.size = -1;
+
+ /* Set the progress data */
+ Curl_pgrsSetUploadCounter(data, 0);
+ Curl_pgrsSetDownloadCounter(data, 0);
+ Curl_pgrsSetUploadSize(data, -1);
+ Curl_pgrsSetDownloadSize(data, -1);
+
+ /* Carry out the perform */
+ result = imap_perform(conn, &connected, dophase_done);
+
+ /* Perform post DO phase operations if necessary */
+ if(!result && *dophase_done)
+ result = imap_dophase_done(conn, connected);
+
+ return result;
+}
+
+static CURLcode imap_setup_connection(struct connectdata *conn)
+{
+ struct SessionHandle *data = conn->data;
+
+ /* Initialise the IMAP layer */
+ CURLcode result = imap_init(conn);
+ if(result)
+ return result;
+
+ if(conn->bits.httpproxy && !data->set.tunnel_thru_httpproxy) {
+ /* Unless we have asked to tunnel IMAP operations through the proxy, we
+ switch and use HTTP operations only */
+#ifndef CURL_DISABLE_HTTP
+ if(conn->handler == &Curl_handler_imap)
+ conn->handler = &Curl_handler_imap_proxy;
+ else {
+#ifdef USE_SSL
+ conn->handler = &Curl_handler_imaps_proxy;
+#else
+ failf(data, "IMAPS not supported!");
+ return CURLE_UNSUPPORTED_PROTOCOL;
+#endif
+ }
+
+ /* set it up as an HTTP connection instead */
+ return conn->handler->setup_connection(conn);
+#else
+ failf(data, "IMAP over http proxy requires HTTP support built-in!");
+ return CURLE_UNSUPPORTED_PROTOCOL;
+#endif
+ }
+
+ data->state.path++; /* don't include the initial slash */
+
+ return CURLE_OK;
+}
+
+/***********************************************************************
+ *
+ * imap_sendf()
+ *
+ * Sends the formated string as an IMAP command to the server.
+ *
+ * Designed to never block.
+ */
+static CURLcode imap_sendf(struct connectdata *conn, const char *fmt, ...)
+{
+ CURLcode result = CURLE_OK;
+ struct imap_conn *imapc = &conn->proto.imapc;
+ char *taggedfmt;
+ va_list ap;
+
+ DEBUGASSERT(fmt);
+
+ /* Calculate the next command ID wrapping at 3 digits */
+ imapc->cmdid = (imapc->cmdid + 1) % 1000;
+
+ /* Calculate the tag based on the connection ID and command ID */
+ snprintf(imapc->resptag, sizeof(imapc->resptag), "%c%03d",
+ 'A' + curlx_sltosi(conn->connection_id % 26), imapc->cmdid);
+
+ /* Prefix the format with the tag */
+ taggedfmt = aprintf("%s %s", imapc->resptag, fmt);
+ if(!taggedfmt)
+ return CURLE_OUT_OF_MEMORY;
+
+ /* Send the data with the tag */
+ va_start(ap, fmt);
+ result = Curl_pp_vsendf(&imapc->pp, taggedfmt, ap);
+ va_end(ap);
+
+ Curl_safefree(taggedfmt);
+
+ return result;
+}
+
+/***********************************************************************
+ *
+ * imap_atom()
+ *
+ * Checks the input string for characters that need escaping and returns an
+ * atom ready for sending to the server.
+ *
+ * The returned string needs to be freed.
+ *
+ */
+static char *imap_atom(const char *str)
+{
+ const char *p1;
+ char *p2;
+ size_t backsp_count = 0;
+ size_t quote_count = 0;
+ bool space_exists = FALSE;
+ size_t newlen = 0;
+ char *newstr = NULL;
+
+ if(!str)
+ return NULL;
+
+ /* Count any unescaped characters */
+ p1 = str;
+ while(*p1) {
+ if(*p1 == '\\')
+ backsp_count++;
+ else if(*p1 == '"')
+ quote_count++;
+ else if(*p1 == ' ')
+ space_exists = TRUE;
+
+ p1++;
+ }
+
+ /* Does the input contain any unescaped characters? */
+ if(!backsp_count && !quote_count && !space_exists)
+ return strdup(str);
+
+ /* Calculate the new string length */
+ newlen = strlen(str) + backsp_count + quote_count + (space_exists ? 2 : 0);
+
+ /* Allocate the new string */
+ newstr = (char *) malloc((newlen + 1) * sizeof(char));
+ if(!newstr)
+ return NULL;
+
+ /* Surround the string in quotes if necessary */
+ p2 = newstr;
+ if(space_exists) {
+ newstr[0] = '"';
+ newstr[newlen - 1] = '"';
+ p2++;
+ }
+
+ /* Copy the string, escaping backslash and quote characters along the way */
+ p1 = str;
+ while(*p1) {
+ if(*p1 == '\\' || *p1 == '"') {
+ *p2 = '\\';
+ p2++;
+ }
+
+ *p2 = *p1;
+
+ p1++;
+ p2++;
+ }
+
+ /* Terminate the string */
+ newstr[newlen] = '\0';
+
+ return newstr;
+}
+
/***********************************************************************
*
* imap_is_bchar()
/***********************************************************************
*
+ * imap_parse_url_options()
+ *
+ * Parse the URL login options.
+ */
+static CURLcode imap_parse_url_options(struct connectdata *conn)
+{
+ CURLcode result = CURLE_OK;
+ struct imap_conn *imapc = &conn->proto.imapc;
+ const char *options = conn->options;
+ const char *ptr = options;
+ bool reset = TRUE;
+
+ while(ptr && *ptr) {
+ const char *key = ptr;
+
+ while(*ptr && *ptr != '=')
+ ptr++;
+
+ if(strnequal(key, "AUTH", 4)) {
+ size_t len = 0;
+ const char *value = ++ptr;
+
+ if(reset) {
+ reset = FALSE;
+ imapc->preftype = IMAP_TYPE_NONE;
+ imapc->prefmech = SASL_AUTH_NONE;
+ }
+
+ while(*ptr && *ptr != ';') {
+ ptr++;
+ len++;
+ }
+
+ if(strnequal(value, "*", len)) {
+ imapc->preftype = IMAP_TYPE_ANY;
+ imapc->prefmech = SASL_AUTH_ANY;
+ }
+ else if(strnequal(value, SASL_MECH_STRING_LOGIN, len)) {
+ imapc->preftype = IMAP_TYPE_SASL;
+ imapc->prefmech |= SASL_MECH_LOGIN;
+ }
+ else if(strnequal(value, SASL_MECH_STRING_PLAIN, len)) {
+ imapc->preftype = IMAP_TYPE_SASL;
+ imapc->prefmech |= SASL_MECH_PLAIN;
+ }
+ else if(strnequal(value, SASL_MECH_STRING_CRAM_MD5, len)) {
+ imapc->preftype = IMAP_TYPE_SASL;
+ imapc->prefmech |= SASL_MECH_CRAM_MD5;
+ }
+ else if(strnequal(value, SASL_MECH_STRING_DIGEST_MD5, len)) {
+ imapc->preftype = IMAP_TYPE_SASL;
+ imapc->prefmech |= SASL_MECH_DIGEST_MD5;
+ }
+ else if(strnequal(value, SASL_MECH_STRING_GSSAPI, len)) {
+ imapc->preftype = IMAP_TYPE_SASL;
+ imapc->prefmech |= SASL_MECH_GSSAPI;
+ }
+ else if(strnequal(value, SASL_MECH_STRING_NTLM, len)) {
+ imapc->preftype = IMAP_TYPE_SASL;
+ imapc->prefmech |= SASL_MECH_NTLM;
+ }
+ else if(strnequal(value, SASL_MECH_STRING_XOAUTH2, len)) {
+ imapc->preftype = IMAP_TYPE_SASL;
+ imapc->prefmech |= SASL_MECH_XOAUTH2;
+ }
+
+ if(*ptr == ';')
+ ptr++;
+ }
+ else
+ result = CURLE_URL_MALFORMAT;
+ }
+
+ return result;
+}
+
+/***********************************************************************
+ *
* imap_parse_url_path()
*
* Parse the URL path into separate path components.
/* The imap struct is already initialised in imap_connect() */
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct IMAP *imap = data->state.proto.imap;
+ struct IMAP *imap = data->req.protop;
const char *begin = data->state.path;
const char *ptr = begin;
DEBUGF(infof(conn->data, "IMAP URL parameter '%s' = '%s'\n", name, value));
- /* Process the known hierarchical parameters (UIDVALIDITY, UID and SECTION)
- stripping of the trailing slash character if it is present.
+ /* Process the known hierarchical parameters (UIDVALIDITY, UID, SECTION and
+ PARTIAL) stripping of the trailing slash character if it is present.
Note: Unknown parameters trigger a URL_MALFORMAT error. */
if(Curl_raw_equal(name, "UIDVALIDITY") && !imap->uidvalidity) {
imap->section = value;
value = NULL;
}
+ else if(Curl_raw_equal(name, "PARTIAL") && !imap->partial) {
+ if(valuelen > 0 && value[valuelen - 1] == '/')
+ value[valuelen - 1] = '\0';
+
+ imap->partial = value;
+ value = NULL;
+ }
else {
Curl_safefree(name);
Curl_safefree(value);
Curl_safefree(value);
}
+ /* Does the URL contain a query parameter? Only valid when we have a mailbox
+ and no UID as per RFC-5092 */
+ if(imap->mailbox && !imap->uid && *ptr == '?') {
+ /* Find the length of the query parameter */
+ begin = ++ptr;
+ while(imap_is_bchar(*ptr))
+ ptr++;
+
+ /* Decode the query parameter */
+ result = Curl_urldecode(data, begin, ptr - begin, &imap->query, NULL,
+ TRUE);
+ if(result)
+ return result;
+ }
+
/* Any extra stuff at the end of the URL is an error */
if(*ptr)
return CURLE_URL_MALFORMAT;
return CURLE_OK;
}
+/***********************************************************************
+ *
+ * imap_parse_custom_request()
+ *
+ * Parse the custom request.
+ */
static CURLcode imap_parse_custom_request(struct connectdata *conn)
{
CURLcode result = CURLE_OK;
struct SessionHandle *data = conn->data;
- struct IMAP *imap = data->state.proto.imap;
+ struct IMAP *imap = data->req.protop;
const char *custom = data->set.str[STRING_CUSTOMREQUEST];
if(custom) {
return result;
}
-/* Call this when the DO phase has completed */
-static CURLcode imap_dophase_done(struct connectdata *conn, bool connected)
-{
- struct IMAP *imap = conn->data->state.proto.imap;
-
- (void)connected;
-
- if(imap->transfer != FTPTRANSFER_BODY)
- /* no data to transfer */
- Curl_setup_transfer(conn, -1, -1, FALSE, NULL, -1, NULL);
-
- return CURLE_OK;
-}
-
-/* Called from multi.c while DOing */
-static CURLcode imap_doing(struct connectdata *conn, bool *dophase_done)
-{
- CURLcode result = imap_multi_statemach(conn, dophase_done);
-
- if(result)
- DEBUGF(infof(conn->data, "DO phase failed\n"));
- else {
- if(*dophase_done) {
- result = imap_dophase_done(conn, FALSE /* not connected */);
-
- DEBUGF(infof(conn->data, "DO phase is complete\n"));
- }
- }
-
- return result;
-}
-
/***********************************************************************
*
- * imap_regular_transfer()
- *
- * The input argument is already checked for validity.
+ * imap_calc_sasl_details()
*
- * Performs all commands done before a regular transfer between a local and a
- * remote host.
+ * Calculate the required login details for SASL authentication.
*/
-static CURLcode imap_regular_transfer(struct connectdata *conn,
- bool *dophase_done)
+static CURLcode imap_calc_sasl_details(struct connectdata *conn,
+ const char **mech,
+ char **initresp, size_t *len,
+ imapstate *state1, imapstate *state2)
{
CURLcode result = CURLE_OK;
- bool connected = FALSE;
struct SessionHandle *data = conn->data;
+ struct imap_conn *imapc = &conn->proto.imapc;
- /* Make sure size is unknown at this point */
- data->req.size = -1;
-
- Curl_pgrsSetUploadCounter(data, 0);
- Curl_pgrsSetDownloadCounter(data, 0);
- Curl_pgrsSetUploadSize(data, 0);
- Curl_pgrsSetDownloadSize(data, 0);
-
- result = imap_perform(conn, &connected, dophase_done);
-
- if(!result) {
- if(!*dophase_done)
- /* The DO phase has not completed yet */
- return CURLE_OK;
-
- result = imap_dophase_done(conn, connected);
+ /* Calculate the supported authentication mechanism, by decreasing order of
+ security, as well as the initial response where appropriate */
+#if defined(USE_KERBEROS5)
+ if((imapc->authmechs & SASL_MECH_GSSAPI) &&
+ (imapc->prefmech & SASL_MECH_GSSAPI)) {
+ imapc->mutual_auth = FALSE; /* TODO: Calculate mutual authentication */
+
+ *mech = SASL_MECH_STRING_GSSAPI;
+ *state1 = IMAP_AUTHENTICATE_GSSAPI;
+ *state2 = IMAP_AUTHENTICATE_GSSAPI_TOKEN;
+ imapc->authused = SASL_MECH_GSSAPI;
+
+ if(imapc->ir_supported || data->set.sasl_ir)
+ result = Curl_sasl_create_gssapi_user_message(data, conn->user,
+ conn->passwd, "imap",
+ imapc->mutual_auth,
+ NULL, &conn->krb5,
+ initresp, len);
}
-
- return result;
-}
-
-static CURLcode imap_setup_connection(struct connectdata *conn)
-{
- struct SessionHandle *data = conn->data;
-
- if(conn->bits.httpproxy && !data->set.tunnel_thru_httpproxy) {
- /* Unless we have asked to tunnel IMAP operations through the proxy, we
- switch and use HTTP operations only */
-#ifndef CURL_DISABLE_HTTP
- if(conn->handler == &Curl_handler_imap)
- conn->handler = &Curl_handler_imap_proxy;
- else {
-#ifdef USE_SSL
- conn->handler = &Curl_handler_imaps_proxy;
-#else
- failf(data, "IMAPS not supported!");
- return CURLE_UNSUPPORTED_PROTOCOL;
+ else
#endif
- }
+#ifndef CURL_DISABLE_CRYPTO_AUTH
+ if((imapc->authmechs & SASL_MECH_DIGEST_MD5) &&
+ (imapc->prefmech & SASL_MECH_DIGEST_MD5)) {
+ *mech = SASL_MECH_STRING_DIGEST_MD5;
+ *state1 = IMAP_AUTHENTICATE_DIGESTMD5;
+ imapc->authused = SASL_MECH_DIGEST_MD5;
+ }
+ else if((imapc->authmechs & SASL_MECH_CRAM_MD5) &&
+ (imapc->prefmech & SASL_MECH_CRAM_MD5)) {
+ *mech = SASL_MECH_STRING_CRAM_MD5;
+ *state1 = IMAP_AUTHENTICATE_CRAMMD5;
+ imapc->authused = SASL_MECH_CRAM_MD5;
+ }
+ else
+#endif
+#ifdef USE_NTLM
+ if((imapc->authmechs & SASL_MECH_NTLM) &&
+ (imapc->prefmech & SASL_MECH_NTLM)) {
+ *mech = SASL_MECH_STRING_NTLM;
+ *state1 = IMAP_AUTHENTICATE_NTLM;
+ *state2 = IMAP_AUTHENTICATE_NTLM_TYPE2MSG;
+ imapc->authused = SASL_MECH_NTLM;
- /* We explicitly mark this connection as persistent here as we're doing
- IMAP over HTTP and thus we accidentally avoid setting this value
- otherwise */
- conn->bits.close = FALSE;
-#else
- failf(data, "IMAP over http proxy requires HTTP support built-in!");
- return CURLE_UNSUPPORTED_PROTOCOL;
+ if(imapc->ir_supported || data->set.sasl_ir)
+ result = Curl_sasl_create_ntlm_type1_message(conn->user, conn->passwd,
+ &conn->ntlm,
+ initresp, len);
+ }
+ else
#endif
+ if(((imapc->authmechs & SASL_MECH_XOAUTH2) &&
+ (imapc->prefmech & SASL_MECH_XOAUTH2) &&
+ (imapc->prefmech != SASL_AUTH_ANY)) || conn->xoauth2_bearer) {
+ *mech = SASL_MECH_STRING_XOAUTH2;
+ *state1 = IMAP_AUTHENTICATE_XOAUTH2;
+ *state2 = IMAP_AUTHENTICATE_FINAL;
+ imapc->authused = SASL_MECH_XOAUTH2;
+
+ if(imapc->ir_supported || data->set.sasl_ir)
+ result = Curl_sasl_create_xoauth2_message(data, conn->user,
+ conn->xoauth2_bearer,
+ initresp, len);
+ }
+ else if((imapc->authmechs & SASL_MECH_LOGIN) &&
+ (imapc->prefmech & SASL_MECH_LOGIN)) {
+ *mech = SASL_MECH_STRING_LOGIN;
+ *state1 = IMAP_AUTHENTICATE_LOGIN;
+ *state2 = IMAP_AUTHENTICATE_LOGIN_PASSWD;
+ imapc->authused = SASL_MECH_LOGIN;
+
+ if(imapc->ir_supported || data->set.sasl_ir)
+ result = Curl_sasl_create_login_message(data, conn->user, initresp, len);
}
+ else if((imapc->authmechs & SASL_MECH_PLAIN) &&
+ (imapc->prefmech & SASL_MECH_PLAIN)) {
+ *mech = SASL_MECH_STRING_PLAIN;
+ *state1 = IMAP_AUTHENTICATE_PLAIN;
+ *state2 = IMAP_AUTHENTICATE_FINAL;
+ imapc->authused = SASL_MECH_PLAIN;
- data->state.path++; /* don't include the initial slash */
+ if(imapc->ir_supported || data->set.sasl_ir)
+ result = Curl_sasl_create_plain_message(data, conn->user, conn->passwd,
+ initresp, len);
+ }
- return CURLE_OK;
+ return result;
}
#endif /* CURL_DISABLE_IMAP */