/* For CAPA responses */ static CURLcode pop3_state_capa_resp(struct connectdata *conn, int pop3code, pop3state instate) { CURLcode result = CURLE_OK; (void)instate; /* no use for this yet */ if(pop3code == '+' && conn->proto.pop3c.authtypes) { /* Check supported authentication types by decreasing order of security */ if(conn->proto.pop3c.authtypes & POP3_TYPE_SASL) result = pop3_authenticate(conn); #ifndef CURL_DISABLE_CRYPTO_AUTH else if(conn->proto.pop3c.authtypes & POP3_TYPE_APOP) result = pop3_state_apop(conn); #endif else if(conn->proto.pop3c.authtypes & POP3_TYPE_CLEARTEXT) result = pop3_state_user(conn); else { infof(conn->data, "No known authentication types supported!\n"); result = CURLE_LOGIN_DENIED; /* Other types not supported */ } } else result = pop3_state_user(conn); return result; }
static CURLcode pop3_authenticate(struct connectdata *conn) { CURLcode result = CURLE_OK; struct pop3_conn *pop3c = &conn->proto.pop3c; const char *mech = NULL; pop3state authstate = POP3_STOP; /* Check we have a username and password to authenticate with and end the connect phase if we don't */ if(!conn->bits.user_passwd) { state(conn, POP3_STOP); return result; } /* Calculate the supported authentication mechanism by decreasing order of security */ if(pop3c->authtypes & POP3_TYPE_SASL) { #ifndef CURL_DISABLE_CRYPTO_AUTH if(pop3c->authmechs & SASL_MECH_DIGEST_MD5) { mech = "DIGEST-MD5"; authstate = POP3_AUTH_DIGESTMD5; pop3c->authused = SASL_MECH_DIGEST_MD5; } else if(pop3c->authmechs & SASL_MECH_CRAM_MD5) { mech = "CRAM-MD5"; authstate = POP3_AUTH_CRAMMD5; pop3c->authused = SASL_MECH_CRAM_MD5; } else #endif #ifdef USE_NTLM if(pop3c->authmechs & SASL_MECH_NTLM) { mech = "NTLM"; authstate = POP3_AUTH_NTLM; pop3c->authused = SASL_MECH_NTLM; } else #endif if(pop3c->authmechs & SASL_MECH_LOGIN) { mech = "LOGIN"; authstate = POP3_AUTH_LOGIN; pop3c->authused = SASL_MECH_LOGIN; } else if(pop3c->authmechs & SASL_MECH_PLAIN) { mech = "PLAIN"; authstate = POP3_AUTH_PLAIN; pop3c->authused = SASL_MECH_PLAIN; } } if(mech) { /* Perform SASL based authentication */ result = Curl_pp_sendf(&pop3c->pp, "AUTH %s", mech); if(!result) state(conn, authstate); } #ifndef CURL_DISABLE_CRYPTO_AUTH else if(pop3c->authtypes & POP3_TYPE_APOP) /* Perform APOP authentication */ result = pop3_state_apop(conn); #endif else if(pop3c->authtypes & POP3_TYPE_CLEARTEXT) /* Perform clear text authentication */ result = pop3_state_user(conn); else { /* Other mechanisms not supported */ infof(conn->data, "No known authentication mechanisms supported!\n"); result = CURLE_LOGIN_DENIED; } return result; }