xref: /third_party/curl/lib/curl_sasl.c

32  * Draft   LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
83  * This is used to cleanup any libraries or curl modules used by the sasl
160 CURLcode Curl_sasl_parse_url_auth_option(struct SASL *sasl,
169   if(sasl->resetprefs) {
170     sasl->resetprefs = FALSE;
171     sasl->prefmech = SASL_AUTH_NONE;
175     sasl->prefmech = SASL_AUTH_DEFAULT;
179       sasl->prefmech |= mechbit;
192 void Curl_sasl_init(struct SASL *sasl, struct Curl_easy *data,
197   sasl->params = params;           /* Set protocol dependent parameters */
198   sasl->state = SASL_STOP;         /* Not yet running */
199   sasl->curmech = NULL;            /* No mechanism yet. */
200   sasl->authmechs = SASL_AUTH_NONE; /* No known authentication mechanism yet */
201   sasl->prefmech = params->defmechs; /* Default preferred mechanisms */
202   sasl->authused = SASL_AUTH_NONE; /* The authentication mechanism used */
203   sasl->resetprefs = TRUE;         /* Reset prefmech upon AUTH parsing. */
204   sasl->mutual_auth = FALSE;       /* No mutual authentication (GSSAPI only) */
205   sasl->force_ir = FALSE;          /* Respect external option */
224       sasl->prefmech = mechs;
233 static void sasl_state(struct SASL *sasl, struct Curl_easy *data,
260   if(sasl->state != newstate)
262           (void *)sasl, names[sasl->state], names[newstate]);
267   sasl->state = newstate;
273 static CURLcode get_server_message(struct SASL *sasl, struct Curl_easy *data,
278   result = sasl->params->getmessage(data, out);
279   if(!result && (sasl->params->flags & SASL_FLAG_BASE64)) {
297 static CURLcode build_message(struct SASL *sasl, struct bufref *msg)
301   if(sasl->params->flags & SASL_FLAG_BASE64) {
325 bool Curl_sasl_can_authenticate(struct SASL *sasl, struct Curl_easy *data)
332   if(sasl->authmechs & sasl->prefmech & SASL_MECH_EXTERNAL)
343 CURLcode Curl_sasl_start(struct SASL *sasl, struct Curl_easy *data,
358     sasl->params->service;
366   sasl->force_ir = force_ir;    /* Latch for future use */
367   sasl->authused = 0;           /* No mechanism used yet */
368   enabledmechs = sasl->authmechs & sasl->prefmech;
376     sasl->authused = SASL_MECH_EXTERNAL;
385       sasl->mutual_auth = FALSE;
389       sasl->authused = SASL_MECH_GSSAPI;
396                                                       sasl->mutual_auth,
407       sasl->authused = SASL_MECH_SCRAM_SHA_256;
420       sasl->authused = SASL_MECH_SCRAM_SHA_1;
436       sasl->authused = SASL_MECH_DIGEST_MD5;
441       sasl->authused = SASL_MECH_CRAM_MD5;
450       sasl->authused = SASL_MECH_NTLM;
465       sasl->authused = SASL_MECH_OAUTHBEARER;
477       sasl->authused = SASL_MECH_XOAUTH2;
487       sasl->authused = SASL_MECH_PLAIN;
498       sasl->authused = SASL_MECH_LOGIN;
506     sasl->curmech = mech;
508       result = build_message(sasl, &resp);
510     if(sasl->params->maxirlen &&
511        strlen(mech) + Curl_bufref_len(&resp) > sasl->params->maxirlen)
515       result = sasl->params->sendauth(data, mech, &resp);
519       sasl_state(sasl, data, Curl_bufref_ptr(&resp) ? state2 : state1);
532 CURLcode Curl_sasl_continue(struct SASL *sasl, struct Curl_easy *data,
545     sasl->params->service;
555   if(sasl->state == SASL_FINAL) {
556     if(code != sasl->params->finalcode)
559     sasl_state(sasl, data, SASL_STOP);
563   if(sasl->state != SASL_CANCEL && sasl->state != SASL_OAUTH2_RESP &&
564      code != sasl->params->contcode) {
566     sasl_state(sasl, data, SASL_STOP);
570   switch(sasl->state) {
590     result = get_server_message(sasl, data, &serverdata);
599     result = get_server_message(sasl, data, &serverdata);
605     result = get_server_message(sasl, data, &serverdata);
610     if(!result && (sasl->params->flags & SASL_FLAG_BASE64))
629     result = get_server_message(sasl, data, &serverdata);
646                                                   sasl->mutual_auth, NULL,
652     result = get_server_message(sasl, data, &serverdata);
654       if(sasl->mutual_auth) {
659                                                       sasl->mutual_auth,
676     result = get_server_message(sasl, data, &serverdata);
688     if(sasl->authused == SASL_MECH_OAUTHBEARER) {
706     if(code == sasl->params->finalcode) {
709       sasl_state(sasl, data, SASL_STOP);
712     else if(code == sasl->params->contcode) {
719       sasl_state(sasl, data, SASL_STOP);
725     sasl->authmechs ^= sasl->authused;
728     return Curl_sasl_start(sasl, data, sasl->force_ir, progress);
740     result = sasl->params->cancelauth(data, sasl->curmech);
744     result = build_message(sasl, &resp);
746       result = sasl->params->contauth(data, sasl->curmech, &resp);
756   sasl_state(sasl, data, newstate);

Indexes created Thu Nov 07 10:32:03 CST 2024