luo980/curl
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Revert all SASL authzid (new feature) commits

Browse Source 
- Revert all commits related to the SASL authzid feature since the next
  release will be a patch release, 7.65.1.

Prior to this change CURLOPT_SASL_AUTHZID  / --sasl-authzid was destined
for the next release, assuming it would be a feature release 7.66.0.
However instead the next release will be a patch release, 7.65.1 and
will not contain any new features.

After the patch release after the reverted commits can be restored by
using cherry-pick:

git cherry-pick a14d72c a9499ff 8c1cc36 c2a8d52 0edf690

Details for all reverted commits:

Revert "os400: take care of CURLOPT_SASL_AUTHZID in curl_easy_setopt_ccsid()."

This reverts commit 0edf6907ae.

Revert "tests: Fix the line endings for the SASL alt-auth tests"

This reverts commit c2a8d52a13.

Revert "examples: Added SASL PLAIN authorisation identity (authzid) examples"

This reverts commit 8c1cc369d0.

Revert "curl: --sasl-authzid added to support CURLOPT_SASL_AUTHZID from the tool"

This reverts commit a9499ff136.

Revert "sasl: Implement SASL authorisation identity via CURLOPT_SASL_AUTHZID"

This reverts commit a14d72ca2f.
This commit is contained in:
Jay Satiro 2019-05-24 14:53:03 -04:00 committed by Daniel Stenberg
parent 84086b39c1
commit db8ec1fa38
No known key found for this signature in database
GPG Key ID: 5CC908FDB71E12C2
31 changed files with 17 additions and 763 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
docs/cmdline-opts/Makefile.inc
View File

@ -154,7 +154,6 @@ DPAGES = \
retry-delay.d \ retry-delay.d \
retry-max-time.d \ retry-max-time.d \
retry.d \ retry.d \
sasl-authzid.d \
sasl-ir.d \ sasl-ir.d \
service-name.d \ service-name.d \
show-error.d \ show-error.d \

11
docs/cmdline-opts/sasl-authzid.d
View File

@ -1,11 +0,0 @@
Long: sasl-authzid
Help: Use this identity to act as during SASL PLAIN authentication
Added: 7.66.0
---
Use this authorisation identity (authzid), during SASL PLAIN authentication,
in addition to the authentication identity (authcid) as specified by --user.
If the option isn't specified, the server will derive the authzid from the
authcid, but if specified, and depending on the server implementation, it may
be used to access another user's inbox, that the user has been granted access
to, or a shared mailbox for example.

4
docs/examples/Makefile.inc
View File

@ -5,7 +5,7 @@
# | (__| |_| | _ <| |___ # | (__| |_| | _ <| |___
# \___|\___/|_| \_\_____| # \___|\___/|_| \_\_____|
# #
# Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al. # Copyright (C) 1998 - 2018, Daniel Stenberg, <daniel@haxx.se>, et al.
# #
# This software is licensed as described in the file COPYING, which # This software is licensed as described in the file COPYING, which
# you should have received as part of this distribution. The terms # you should have received as part of this distribution. The terms
@ -35,7 +35,7 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface debug fileupload \
http2-upload http2-serverpush getredirect ftpuploadfrommem \ http2-upload http2-serverpush getredirect ftpuploadfrommem \
ftpuploadresume sslbackend postit2-formadd multi-formadd \ ftpuploadresume sslbackend postit2-formadd multi-formadd \
shared-connection-cache sftpuploadresume http2-pushinmemory parseurl \ shared-connection-cache sftpuploadresume http2-pushinmemory parseurl \
urlapi imap-authzid pop3-authzid smtp-authzid urlapi
# These examples require external dependencies that may not be commonly # These examples require external dependencies that may not be commonly
# available on POSIX systems, so don't bother attempting to compile them here. # available on POSIX systems, so don't bother attempting to compile them here.

71
docs/examples/imap-authzid.c
View File

@ -1,71 +0,0 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at https://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* IMAP example showing how to retreieve e-mails from a shared mailed box
* </DESC>
*/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to fetch mail using libcurl's IMAP
* capabilities.
*
* Note that this example requires libcurl 7.66.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set the username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* Set the authorisation identity (identity to act as) */
curl_easy_setopt(curl, CURLOPT_SASL_AUTHZID, "shared-mailbox");
/* Force PLAIN authentication */
curl_easy_setopt(curl, CURLOPT_LOGIN_OPTIONS, "AUTH=PLAIN");
/* This will fetch message 1 from the user's inbox */
curl_easy_setopt(curl, CURLOPT_URL,
"imap://imap.example.com/INBOX/;UID=1");
/* Perform the fetch */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

70
docs/examples/pop3-authzid.c
View File

@ -1,70 +0,0 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at https://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* POP3 example showing how to retrieve e-mails from a shared mailbox
* </DESC>
*/
#include <stdio.h>
#include <curl/curl.h>
/* This is a simple example showing how to retrieve mail using libcurl's POP3
* capabilities.
*
* Note that this example requires libcurl 7.66.0 or above.
*/
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
curl = curl_easy_init();
if(curl) {
/* Set the username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "user");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "secret");
/* Set the authorisation identity (identity to act as) */
curl_easy_setopt(curl, CURLOPT_SASL_AUTHZID, "shared-mailbox");
/* Force PLAIN authentication */
curl_easy_setopt(curl, CURLOPT_LOGIN_OPTIONS, "AUTH=PLAIN");
/* This will retrieve message 1 from the user's mailbox */
curl_easy_setopt(curl, CURLOPT_URL, "pop3://pop.example.com/1");
/* Perform the retr */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Always cleanup */
curl_easy_cleanup(curl);
}
return (int)res;
}

161
docs/examples/smtp-authzid.c
View File

@ -1,161 +0,0 @@
/***************************************************************************
* _ _ ____ _
* Project ___| | | | _ \| |
* / __| | | | |_) | |
* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
* Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
* are also available at https://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* furnished to do so, under the terms of the COPYING file.
*
* This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
* KIND, either express or implied.
*
***************************************************************************/
/* <DESC>
* Send e-mail on behalf of another user with SMTP
* </DESC>
*/
#include <stdio.h>
#include <string.h>
#include <curl/curl.h>
/*
* This is a simple example show how to send an email using libcurl's SMTP
* capabilities.
*
* Note that this example requires libcurl 7.66.0 or above.
*/
/* The libcurl options want plain addresses, the viewable headers in the mail
* can very well get a full name as well.
*/
#define FROM_ADDR "<ursel@example.org>"
#define SENDER_ADDR "<kurt@example.org>"
#define TO_ADDR "<addressee@example.net>"
#define FROM_MAIL "Ursel " FROM_ADDR
#define SENDER_MAIL "Kurt " SENDER_ADDR
#define TO_MAIL "A Receiver " TO_ADDR
static const char *payload_text[] = {
"Date: Mon, 29 Nov 2010 21:54:29 +1100\r\n",
"To: " TO_MAIL "\r\n",
"From: " FROM_MAIL "\r\n",
"Sender: " SENDER_MAIL "\r\n",
"Message-ID: <dcd7cb36-11db-487a-9f3a-e652a9458efd@"
"rfcpedant.example.org>\r\n",
"Subject: SMTP example message\r\n",
"\r\n", /* empty line to divide headers from body, see RFC5322 */
"The body of the message starts here.\r\n",
"\r\n",
"It could be a lot of lines, could be MIME encoded, whatever.\r\n",
"Check RFC5322.\r\n",
NULL
};
struct upload_status {
int lines_read;
};
static size_t payload_source(void *ptr, size_t size, size_t nmemb, void *userp)
{
struct upload_status *upload_ctx = (struct upload_status *)userp;
const char *data;
if((size == 0) || (nmemb == 0) || ((size*nmemb) < 1)) {
return 0;
}
data = payload_text[upload_ctx->lines_read];
if(data) {
size_t len = strlen(data);
memcpy(ptr, data, len);
upload_ctx->lines_read++;
return len;
}
return 0;
}
int main(void)
{
CURL *curl;
CURLcode res = CURLE_OK;
struct curl_slist *recipients = NULL;
struct upload_status upload_ctx;
upload_ctx.lines_read = 0;
curl = curl_easy_init();
if(curl) {
/* This is the URL for your mailserver. In this example we connect to the
smtp-submission port as we require an authenticated connection. */
curl_easy_setopt(curl, CURLOPT_URL, "smtp://mail.example.com:587");
/* Set the username and password */
curl_easy_setopt(curl, CURLOPT_USERNAME, "kurt");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "xipj3plmq");
/* Set the authorisation identity (identity to act as) */
curl_easy_setopt(curl, CURLOPT_SASL_AUTHZID, "ursel");
/* Force PLAIN authentication */
curl_easy_setopt(curl, CURLOPT_LOGIN_OPTIONS, "AUTH=PLAIN");
/* Note that this option isn't strictly required, omitting it will result
* in libcurl sending the MAIL FROM command with empty sender data. All
* autoresponses should have an empty reverse-path, and should be directed
* to the address in the reverse-path which triggered them. Otherwise,
* they could cause an endless loop. See RFC 5321 Section 4.5.5 for more
* details.
*/
curl_easy_setopt(curl, CURLOPT_MAIL_FROM, FROM_ADDR);
/* Add a recipient, in this particular case it corresponds to the
* To: addressee in the header. */
recipients = curl_slist_append(recipients, TO_ADDR);
curl_easy_setopt(curl, CURLOPT_MAIL_RCPT, recipients);
/* We're using a callback function to specify the payload (the headers and
* body of the message). You could just use the CURLOPT_READDATA option to
* specify a FILE pointer to read from. */
curl_easy_setopt(curl, CURLOPT_READFUNCTION, payload_source);
curl_easy_setopt(curl, CURLOPT_READDATA, &upload_ctx);
curl_easy_setopt(curl, CURLOPT_UPLOAD, 1L);
/* Send the message */
res = curl_easy_perform(curl);
/* Check for errors */
if(res != CURLE_OK)
fprintf(stderr, "curl_easy_perform() failed: %s\n",
curl_easy_strerror(res));
/* Free the list of recipients */
curl_slist_free_all(recipients);
/* curl won't send the QUIT command until you call cleanup, so you should
* be able to re-use this connection for additional messages (setting
* CURLOPT_MAIL_FROM and CURLOPT_MAIL_RCPT as required, and calling
* curl_easy_perform() again. It may not be a good idea to keep the
* connection open for a very long time though (more than a few minutes
* may result in the server timing out the connection), and you do want to
* clean up in the end.
*/
curl_easy_cleanup(curl);
}
return (int)res;
}

2
docs/libcurl/curl_easy_setopt.3
View File

@ -256,8 +256,6 @@ TLS authentication methods. See \fICURLOPT_TLSAUTH_TYPE(3)\fP
Proxy TLS authentication methods. See \fICURLOPT_PROXY_TLSAUTH_TYPE(3)\fP Proxy TLS authentication methods. See \fICURLOPT_PROXY_TLSAUTH_TYPE(3)\fP
.IP CURLOPT_PROXYAUTH .IP CURLOPT_PROXYAUTH
HTTP proxy authentication methods. See \fICURLOPT_PROXYAUTH(3)\fP HTTP proxy authentication methods. See \fICURLOPT_PROXYAUTH(3)\fP
.IP CURLOPT_SASL_AUTHZID
SASL authorisation identity (identity to act as). See \fICURLOPT_SASL_AUTHZID(3)\fP
.IP CURLOPT_SASL_IR .IP CURLOPT_SASL_IR
Enable SASL initial response. See \fICURLOPT_SASL_IR(3)\fP Enable SASL initial response. See \fICURLOPT_SASL_IR(3)\fP
.IP CURLOPT_XOAUTH2_BEARER .IP CURLOPT_XOAUTH2_BEARER

64
docs/libcurl/opts/CURLOPT_SASL_AUTHZID.3
View File

@ -1,64 +0,0 @@
.\" **************************************************************************
.\" * _ _ ____ _
.\" * Project ___| | | | _ \| |
.\" * / __| | | | |_) | |
.\" * | (__| |_| | _ <| |___
.\" * \___|\___/|_| \_\_____|
.\" *
.\" * Copyright (C) 1998 - 2019, Daniel Stenberg, <daniel@haxx.se>, et al.
.\" *
.\" * This software is licensed as described in the file COPYING, which
.\" * you should have received as part of this distribution. The terms
.\" * are also available at https://curl.haxx.se/docs/copyright.html.
.\" *
.\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell
.\" * copies of the Software, and permit persons to whom the Software is
.\" * furnished to do so, under the terms of the COPYING file.
.\" *
.\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
.\" * KIND, either express or implied.
.\" *
.\" **************************************************************************
.\"
.TH CURLOPT_SASL_AUTHZID 3 "17 July 2019" "libcurl 7.66.0" "curl_easy_setopt options"
.SH NAME
CURLOPT_SASL_AUTHZID \- authorisation identity (identity to act as)
.SH SYNOPSIS
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SASL_AUTHZID, char *authzid);
.SH DESCRIPTION
Pass a char * as parameter, which should be pointing to the zero terminated
authorisation identity (authzid) for the transfer. Only applicable to the PLAIN
SASL authentication mechanism where it is optional.
When not specified only the authentication identity (authcid) as specified by
the username will be sent to the server, along with the password. The server
will derive a authzid from the authcid when not provided, which it will then
uses internally.
When the authzid is specified, the use of which is server dependent, it can be
used to access another user's inbox, that the user has been granted access to,
or a shared mailbox for example.
.SH DEFAULT
blank
.SH PROTOCOLS
IMAP, POP3 and SMTP
.SH EXAMPLE
.nf
CURL *curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "imap://example.com/");
curl_easy_setopt(curl, CURLOPT_USERNAME, "Kurt");
curl_easy_setopt(curl, CURLOPT_PASSWORD, "xipj3plmq");
curl_easy_setopt(curl, CURLOPT_SASL_AUTHZID, "Ursel");
ret = curl_easy_perform(curl);
curl_easy_cleanup(curl);
}
.fi
.SH AVAILABILITY
Added in 7.66.0
.SH RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
.SH "SEE ALSO"
.BR CURLOPT_USERNAME "(3), " CURLOPT_PASSWORD "(3), ".BR CURLOPT_USERPWD "(3)"

1
docs/libcurl/opts/Makefile.inc
View File

@ -272,7 +272,6 @@ man_MANS = \
CURLOPT_RTSP_SESSION_ID.3 \ CURLOPT_RTSP_SESSION_ID.3 \
CURLOPT_RTSP_STREAM_URI.3 \ CURLOPT_RTSP_STREAM_URI.3 \
CURLOPT_RTSP_TRANSPORT.3 \ CURLOPT_RTSP_TRANSPORT.3 \
CURLOPT_SASL_AUTHZID.3 \
CURLOPT_SASL_IR.3 \ CURLOPT_SASL_IR.3 \
CURLOPT_SEEKDATA.3 \ CURLOPT_SEEKDATA.3 \
CURLOPT_SEEKFUNCTION.3 \ CURLOPT_SEEKFUNCTION.3 \

1
docs/libcurl/symbols-in-versions
View File

@ -553,7 +553,6 @@ CURLOPT_RTSP_SERVER_CSEQ 7.20.0
CURLOPT_RTSP_SESSION_ID 7.20.0 CURLOPT_RTSP_SESSION_ID 7.20.0
CURLOPT_RTSP_STREAM_URI 7.20.0 CURLOPT_RTSP_STREAM_URI 7.20.0
CURLOPT_RTSP_TRANSPORT 7.20.0 CURLOPT_RTSP_TRANSPORT 7.20.0
CURLOPT_SASL_AUTHZID 7.66.0
CURLOPT_SASL_IR 7.31.0 CURLOPT_SASL_IR 7.31.0
CURLOPT_SEEKDATA 7.18.0 CURLOPT_SEEKDATA 7.18.0
CURLOPT_SEEKFUNCTION 7.18.0 CURLOPT_SEEKFUNCTION 7.18.0

3
include/curl/curl.h
View File

@ -1921,9 +1921,6 @@ typedef enum {
/* maximum age of a connection to consider it for reuse (in seconds) */ /* maximum age of a connection to consider it for reuse (in seconds) */
CINIT(MAXAGE_CONN, LONG, 288), CINIT(MAXAGE_CONN, LONG, 288),
/* SASL authorisation identity */
CINIT(SASL_AUTHZID, STRINGPOINT, 289),
CURLOPT_LASTENTRY /* the last unused */ CURLOPT_LASTENTRY /* the last unused */
} CURLoption; } CURLoption;

1
include/curl/typecheck-gcc.h
View File

@ -309,7 +309,6 @@ _CURL_WARNING(_curl_easy_getinfo_err_curl_off_t,
(option) == CURLOPT_RTSP_SESSION_ID || \ (option) == CURLOPT_RTSP_SESSION_ID || \
(option) == CURLOPT_RTSP_STREAM_URI || \ (option) == CURLOPT_RTSP_STREAM_URI || \
(option) == CURLOPT_RTSP_TRANSPORT || \ (option) == CURLOPT_RTSP_TRANSPORT || \
(option) == CURLOPT_SASL_AUTHZID || \
(option) == CURLOPT_SERVICE_NAME || \ (option) == CURLOPT_SERVICE_NAME || \
(option) == CURLOPT_SOCKS5_GSSAPI_SERVICE || \ (option) == CURLOPT_SOCKS5_GSSAPI_SERVICE || \
(option) == CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 || \ (option) == CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 || \

10
lib/curl_sasl.c
View File

@ -370,9 +370,8 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
sasl->authused = SASL_MECH_PLAIN; sasl->authused = SASL_MECH_PLAIN;
if(force_ir || data->set.sasl_ir) if(force_ir || data->set.sasl_ir)
result = Curl_auth_create_plain_message(data, conn->sasl_authzid, result = Curl_auth_create_plain_message(data, NULL, conn->user,
conn->user, conn->passwd, conn->passwd, &resp, &len);
&resp, &len);
} }
else if(enabledmechs & SASL_MECH_LOGIN) { else if(enabledmechs & SASL_MECH_LOGIN) {
mech = SASL_MECH_STRING_LOGIN; mech = SASL_MECH_STRING_LOGIN;
@ -454,9 +453,8 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
*progress = SASL_DONE; *progress = SASL_DONE;
return result; return result;
case SASL_PLAIN: case SASL_PLAIN:
result = Curl_auth_create_plain_message(data, conn->sasl_authzid, result = Curl_auth_create_plain_message(data, NULL, conn->user,
conn->user, conn->passwd, conn->passwd, &resp, &len);
&resp, &len);
break; break;
case SASL_LOGIN: case SASL_LOGIN:
result = Curl_auth_create_login_message(data, conn->user, &resp, &len); result = Curl_auth_create_login_message(data, conn->user, &resp, &len);

6
lib/setopt.c
View File

@ -2400,12 +2400,6 @@ static CURLcode vsetopt(struct Curl_easy *data, CURLoption option,
break; break;
#endif #endif
case CURLOPT_SASL_AUTHZID:
/* Authorisation identity (identity to act as) */
result = Curl_setstropt(&data->set.str[STRING_SASL_AUTHZID],
va_arg(param, char *));
break;
case CURLOPT_SASL_IR: case CURLOPT_SASL_IR:
/* Enable/disable SASL initial response */ /* Enable/disable SASL initial response */
data->set.sasl_ir = (0 != va_arg(param, long)) ? TRUE : FALSE; data->set.sasl_ir = (0 != va_arg(param, long)) ? TRUE : FALSE;

9
lib/url.c
View File

@ -715,7 +715,6 @@ static void conn_free(struct connectdata *conn)
Curl_safefree(conn->user); Curl_safefree(conn->user);
Curl_safefree(conn->passwd); Curl_safefree(conn->passwd);
Curl_safefree(conn->oauth_bearer); Curl_safefree(conn->oauth_bearer);
Curl_safefree(conn->sasl_authzid);
Curl_safefree(conn->options); Curl_safefree(conn->options);
Curl_safefree(conn->http_proxy.user); Curl_safefree(conn->http_proxy.user);
Curl_safefree(conn->socks_proxy.user); Curl_safefree(conn->socks_proxy.user);
@ -3464,14 +3463,6 @@ static CURLcode create_conn(struct Curl_easy *data,
} }
} }
if(data->set.str[STRING_SASL_AUTHZID]) {
conn->sasl_authzid = strdup(data->set.str[STRING_SASL_AUTHZID]);
if(!conn->sasl_authzid) {
result = CURLE_OUT_OF_MEMORY;
goto out;
}
}
#ifdef USE_UNIX_SOCKETS #ifdef USE_UNIX_SOCKETS
if(data->set.str[STRING_UNIX_SOCKET_PATH]) { if(data->set.str[STRING_UNIX_SOCKET_PATH]) {
conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]); conn->unix_domain_socket = strdup(data->set.str[STRING_UNIX_SOCKET_PATH]);

2
lib/urldata.h
View File

@ -871,7 +871,6 @@ struct connectdata {
char *options; /* options string, allocated */ char *options; /* options string, allocated */
char *oauth_bearer; /* bearer token for OAuth 2.0, allocated */ char *oauth_bearer; /* bearer token for OAuth 2.0, allocated */
char *sasl_authzid; /* authorisation identity string, allocated */
int httpversion; /* the HTTP version*10 reported by the server */ int httpversion; /* the HTTP version*10 reported by the server */
int rtspversion; /* the RTSP version*10 reported by the server */ int rtspversion; /* the RTSP version*10 reported by the server */
@ -1493,7 +1492,6 @@ enum dupstring {
#ifdef USE_ALTSVC #ifdef USE_ALTSVC
STRING_ALTSVC, /* CURLOPT_ALTSVC */ STRING_ALTSVC, /* CURLOPT_ALTSVC */
#endif #endif
STRING_SASL_AUTHZID, /* CURLOPT_SASL_AUTHZID */
/* -- end of zero-terminated strings -- */ /* -- end of zero-terminated strings -- */
STRING_LASTZEROTERMINATED, STRING_LASTZEROTERMINATED,

1
packages/OS400/README.OS400
View File

@ -120,7 +120,6 @@ options:
CURLOPT_RTSP_SESSION_UID CURLOPT_RTSP_SESSION_UID
CURLOPT_RTSP_STREAM_URI CURLOPT_RTSP_STREAM_URI
CURLOPT_RTSP_TRANSPORT CURLOPT_RTSP_TRANSPORT
CURLOPT_SASL_AUTHZID
CURLOPT_SERVICE_NAME CURLOPT_SERVICE_NAME
CURLOPT_SOCKS5_GSSAPI_SERVICE CURLOPT_SOCKS5_GSSAPI_SERVICE
CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 CURLOPT_SSH_HOST_PUBLIC_KEY_MD5

8
packages/OS400/ccsidcurl.c
View File

@ -1139,7 +1139,12 @@ curl_easy_setopt_ccsid(CURL *curl, CURLoption tag, ...)
if(testwarn) { if(testwarn) {
testwarn = 0; testwarn = 0;
if((int) STRING_LASTZEROTERMINATED != (int) STRING_SASL_AUTHZID + 1 || if(
#ifdef USE_ALTSVC
(int) STRING_LASTZEROTERMINATED != (int) STRING_ALTSVC + 1 ||
#else
(int) STRING_LASTZEROTERMINATED != (int) STRING_DOH + 1 ||
#endif
(int) STRING_LAST != (int) STRING_COPYPOSTFIELDS + 1) (int) STRING_LAST != (int) STRING_COPYPOSTFIELDS + 1)
curl_mfprintf(stderr, curl_mfprintf(stderr,
"*** WARNING: curl_easy_setopt_ccsid() should be reworked ***\n"); "*** WARNING: curl_easy_setopt_ccsid() should be reworked ***\n");
@ -1206,7 +1211,6 @@ curl_easy_setopt_ccsid(CURL *curl, CURLoption tag, ...)
case CURLOPT_RTSP_SESSION_ID: case CURLOPT_RTSP_SESSION_ID:
case CURLOPT_RTSP_STREAM_URI: case CURLOPT_RTSP_STREAM_URI:
case CURLOPT_RTSP_TRANSPORT: case CURLOPT_RTSP_TRANSPORT:
case CURLOPT_SASL_AUTHZID:
case CURLOPT_SERVICE_NAME: case CURLOPT_SERVICE_NAME:
case CURLOPT_SOCKS5_GSSAPI_SERVICE: case CURLOPT_SOCKS5_GSSAPI_SERVICE:
case CURLOPT_SSH_HOST_PUBLIC_KEY_MD5: case CURLOPT_SSH_HOST_PUBLIC_KEY_MD5:

2
packages/OS400/curl.inc.in
View File

@ -1418,8 +1418,6 @@
d c 10287 d c 10287
d CURLOPT_MAXAGE_CONN... d CURLOPT_MAXAGE_CONN...
d c 00288 d c 00288
d CURLOPT_SASL_AUTHZID...
d c 10289
* *
/if not defined(CURL_NO_OLDIES) /if not defined(CURL_NO_OLDIES)
d CURLOPT_FILE c 10001 d CURLOPT_FILE c 10001

1
src/tool_cfgable.c
View File

@ -133,7 +133,6 @@ static void free_config_fields(struct OperationConfig *config)
Curl_safefree(config->krblevel); Curl_safefree(config->krblevel);
Curl_safefree(config->oauth_bearer); Curl_safefree(config->oauth_bearer);
Curl_safefree(config->sasl_authzid);
Curl_safefree(config->unix_socket_path); Curl_safefree(config->unix_socket_path);
Curl_safefree(config->writeout); Curl_safefree(config->writeout);

1
src/tool_cfgable.h
View File

@ -97,7 +97,6 @@ struct OperationConfig {
char *mail_from; char *mail_from;
struct curl_slist *mail_rcpt; struct curl_slist *mail_rcpt;
char *mail_auth; char *mail_auth;
char *sasl_authzid; /* Authorisation identity (identity to use) */
bool sasl_ir; /* Enable/disable SASL initial response */ bool sasl_ir; /* Enable/disable SASL initial response */
bool proxytunnel; bool proxytunnel;
bool ftp_append; /* APPE on ftp */ bool ftp_append; /* APPE on ftp */

6
src/tool_getparam.c
View File

@ -177,8 +177,7 @@ static const struct LongShort aliases[]= {
{"$H", "mail-auth", ARG_STRING}, {"$H", "mail-auth", ARG_STRING},
{"$I", "post303", ARG_BOOL}, {"$I", "post303", ARG_BOOL},
{"$J", "metalink", ARG_BOOL}, {"$J", "metalink", ARG_BOOL},
{"$6", "sasl-authzid", ARG_STRING}, {"$K", "sasl-ir", ARG_BOOL},
{"$K", "sasl-ir", ARG_BOOL },
{"$L", "test-event", ARG_BOOL}, {"$L", "test-event", ARG_BOOL},
{"$M", "unix-socket", ARG_FILENAME}, {"$M", "unix-socket", ARG_FILENAME},
{"$N", "path-as-is", ARG_BOOL}, {"$N", "path-as-is", ARG_BOOL},
@ -1100,9 +1099,6 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
#endif #endif
break; break;
} }
case '6': /* --sasl-authzid */
GetStr(&config->sasl_authzid, nextarg);
break;
case 'K': /* --sasl-ir */ case 'K': /* --sasl-ir */
config->sasl_ir = toggle; config->sasl_ir = toggle;
break; break;

2
src/tool_help.c
View File

@ -385,8 +385,6 @@ static const struct helptxt helptext[] = {
"Wait time between retries"}, "Wait time between retries"},
{" --retry-max-time <seconds>", {" --retry-max-time <seconds>",
"Retry only within this period"}, "Retry only within this period"},
{" --sasl-authzid <identity> ",
"Use this identity to act as during SASL PLAIN authentication"},
{" --sasl-ir", {" --sasl-ir",
"Enable initial response in SASL authentication"}, "Enable initial response in SASL authentication"},
{" --service-name <name>", {" --service-name <name>",

5
src/tool_operate.c
View File

@ -1501,10 +1501,6 @@ static CURLcode operate_do(struct GlobalConfig *global,
if(config->mail_auth) if(config->mail_auth)
my_setopt_str(curl, CURLOPT_MAIL_AUTH, config->mail_auth); my_setopt_str(curl, CURLOPT_MAIL_AUTH, config->mail_auth);
/* new in 7.66.0 */
if(config->sasl_authzid)
my_setopt_str(curl, CURLOPT_SASL_AUTHZID, config->sasl_authzid);
/* new in 7.31.0 */ /* new in 7.31.0 */
if(config->sasl_ir) if(config->sasl_ir)
my_setopt(curl, CURLOPT_SASL_IR, 1L); my_setopt(curl, CURLOPT_SASL_IR, 1L);
@ -1528,7 +1524,6 @@ static CURLcode operate_do(struct GlobalConfig *global,
config->unix_socket_path); config->unix_socket_path);
} }
} }
/* new in 7.45.0 */ /* new in 7.45.0 */
if(config->proto_default) if(config->proto_default)
my_setopt_str(curl, CURLOPT_DEFAULT_PROTOCOL, config->proto_default); my_setopt_str(curl, CURLOPT_DEFAULT_PROTOCOL, config->proto_default);

7
tests/data/Makefile.inc
View File

@ -93,21 +93,20 @@ test809 test810 test811 test812 test813 test814 test815 test816 test817 \
test818 test819 test820 test821 test822 test823 test824 test825 test826 \ test818 test819 test820 test821 test822 test823 test824 test825 test826 \
test827 test828 test829 test830 test831 test832 test833 test834 test835 \ test827 test828 test829 test830 test831 test832 test833 test834 test835 \
test836 test837 test838 test839 test840 test841 test842 test843 test844 \ test836 test837 test838 test839 test840 test841 test842 test843 test844 \
test845 test846 test847 test848 test849 \ test845 test846 test847 \
\ \
test850 test851 test852 test853 test854 test855 test856 test857 test858 \ test850 test851 test852 test853 test854 test855 test856 test857 test858 \
test859 test860 test861 test862 test863 test864 test865 test866 test867 \ test859 test860 test861 test862 test863 test864 test865 test866 test867 \
test868 test869 test870 test871 test872 test873 test874 test875 test876 \ test868 test869 test870 test871 test872 test873 test874 test875 test876 \
test877 test878 test879 test880 test881 test882 test883 test884 test885 \ test877 test878 test879 test880 test881 test882 test883 test884 test885 \
test886 test887 test888 test889 test890 test891 test892 test893 \ test886 test887 test888 test889 test890 test891 \
\ \
test900 test901 test902 test903 test904 test905 test906 test907 test908 \ test900 test901 test902 test903 test904 test905 test906 test907 test908 \
test909 test910 test911 test912 test913 test914 test915 test916 test917 \ test909 test910 test911 test912 test913 test914 test915 test916 test917 \
test918 test919 test920 test921 test922 test923 test924 test925 test926 \ test918 test919 test920 test921 test922 test923 test924 test925 test926 \
test927 test928 test929 test930 test931 test932 test933 test934 test935 \ test927 test928 test929 test930 test931 test932 test933 test934 test935 \
test936 test937 test938 test939 test940 test941 test942 test943 test944 \ test936 test937 test938 test939 test940 test941 test942 test943 test944 \
test945 test946 test947 test948 test949 test950 test951 test952 test953 \ test945 test946 test947 test948 test949 test950 test951 test952 \
test954 \
\ \
test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 \ test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 \
test1008 test1009 test1010 test1011 test1012 test1013 test1014 test1015 \ test1008 test1009 test1010 test1011 test1012 test1013 test1014 test1015 \

56
tests/data/test848
View File

@ -1,56 +0,0 @@
<testcase>
<info>
<keywords>
IMAP
SASL
SASL AUTH PLAIN
RFC4616
</keywords>
</info>
#
# Server-side
<reply>
<servercmd>
AUTH PLAIN
REPLY AUTHENTICATE +
REPLY c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ= A002 OK AUTHENTICATE completed
</servercmd>
<data>
From: me@somewhere
To: fake@nowhere
body
--
yours sincerely
</data>
</reply>
#
# Client-side
<client>
<server>
imap
</server>
<name>
IMAP plain authentication with alternative authorization identity
</name>
<command>
'imap://%HOSTIP:%IMAPPORT/848/;MAILINDEX=1' -u user:secret --sasl-authzid shared-mailbox
</command>
</client>
#
# Verify data after the test has been "shot"
<verify>
<protocol>
A001 CAPABILITY
A002 AUTHENTICATE PLAIN
c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ=
A003 SELECT 848
A004 FETCH 1 BODY[]
A005 LOGOUT
</protocol>
</verify>
</testcase>

51
tests/data/test849
View File

@ -1,51 +0,0 @@
<testcase>
<info>
<keywords>
IMAP
SASL
SASL AUTH PLAIN
RFC4616
</keywords>
</info>
#
# Server-side
<reply>
<servercmd>
AUTH PLAIN
REPLY AUTHENTICATE +
REPLY dXJzZWwAa3VydAB4aXBqM3BsbXE= A002 NO Not authorized
</servercmd>
</reply>
#
# Client-side
<client>
<server>
imap
</server>
<name>
IMAP plain authentication with alternative authorization identity (Not authorized)
</name>
<command>
'imap://%HOSTIP:%IMAPPORT/849/;MAILINDEX=1' -u kurt:xipj3plmq --sasl-authzid ursel
</command>
</client>
#
# Verify data after the test has been "shot"
<verify>
# 67 - CURLE_LOGIN_DENIED
<errorcode>
67
</errorcode>
#
# The multi interface considers a broken "CONNECT" as a prematurely broken
# transfer and such a connection will not get a "LOGOUT"
<protocol>
A001 CAPABILITY
A002 AUTHENTICATE PLAIN
dXJzZWwAa3VydAB4aXBqM3BsbXE=
</protocol>
</verify>
</testcase>

57
tests/data/test892
View File

@ -1,57 +0,0 @@
<testcase>
<info>
<keywords>
POP3
SASL
SASL AUTH PLAIN
RFC1734
RFC4616
RFC5034
</keywords>
</info>
#
# Server-side
<reply>
<servercmd>
AUTH PLAIN
REPLY AUTH +
REPLY c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ= +OK Login successful
</servercmd>
<data>
From: me@somewhere
To: fake@nowhere
body
--
yours sincerely
</data>
</reply>
#
# Client-side
<client>
<server>
pop3
</server>
<name>
POP3 plain authentication with alternative authorization identity
</name>
<command>
pop3://%HOSTIP:%POP3PORT/892 -u user:secret --sasl-authzid shared-mailbox
</command>
</client>
#
# Verify data after the test has been "shot"
<verify>
<protocol>
CAPA
AUTH PLAIN
c2hhcmVkLW1haWxib3gAdXNlcgBzZWNyZXQ=
RETR 892
QUIT
</protocol>
</verify>
</testcase>

53
tests/data/test893
View File

@ -1,53 +0,0 @@
<testcase>
<info>
<keywords>
POP3
SASL
SASL AUTH PLAIN
RFC1734
RFC4616
RFC5034
</keywords>
</info>
#
# Server-side
<reply>
<servercmd>
AUTH PLAIN
REPLY AUTH +
REPLY dXJzZWwAa3VydAB4aXBqM3BsbXE= -ERR Not authorized
</servercmd>
</reply>
#
# Client-side
<client>
<server>
pop3
</server>
<name>
POP3 plain authentication with alternative authorization identity (Not authorized)
</name>
<command>
pop3://%HOSTIP:%POP3PORT/893 -u kurt:xipj3plmq --sasl-authzid ursel
</command>
</client>
#
# Verify data after the test has been "shot"
<verify>
# 67 - CURLE_LOGIN_DENIED
<errorcode>
67
</errorcode>
#
# The multi interface considers a broken "CONNECT" as a prematurely broken
# transfer and such a connection will not get a "QUIT"
<protocol>
CAPA
AUTH PLAIN
dXJzZWwAa3VydAB4aXBqM3BsbXE=
</protocol>
</verify>
</testcase>

56
tests/data/test953
View File

@ -1,56 +0,0 @@
<testcase>
<info>
<keywords>
SMTP
SASL
SASL AUTH PLAIN
RFC4616
RFC4954
</keywords>
</info>
#
# Server-side
<reply>
<servercmd>
AUTH PLAIN
REPLY AUTH 334 PLAIN supported
REPLY dXJzZWwAa3VydAB4aXBqM3BsbXE= 235 Authenticated
</servercmd>
</reply>
#
# Client-side
<client>
<server>
smtp
</server>
<name>
SMTP plain authentication with alternative authorization identity
</name>
<stdin>
mail body
</stdin>
<command>
smtp://%HOSTIP:%SMTPPORT/953 --mail-rcpt recipient@example.com --mail-from sender@example.com -u kurt:xipj3plmq --sasl-authzid ursel -T -
</command>
</client>
#
# Verify data after the test has been "shot"
<verify>
<protocol>
EHLO 953
AUTH PLAIN
dXJzZWwAa3VydAB4aXBqM3BsbXE=
MAIL FROM:<sender@example.com>
RCPT TO:<recipient@example.com>
DATA
QUIT
</protocol>
<upload>
mail body
.
</upload>
</verify>
</testcase>

55
tests/data/test954
View File

@ -1,55 +0,0 @@
<testcase>
<info>
<keywords>
SMTP
SASL
SASL AUTH PLAIN
RFC4616
RFC4954
</keywords>
</info>
#
# Server-side
<reply>
<servercmd>
AUTH PLAIN
REPLY AUTH 334 PLAIN supported
REPLY dXJzZWwAa3VydAB4aXBqM3BsbXE= 501 Not authorized
</servercmd>
</reply>
#
# Client-side
<client>
<server>
smtp
</server>
<name>
SMTP plain authentication with alternative authorization identity (Not authorized)
</name>
<stdin>
mail body
</stdin>
<command>
smtp://%HOSTIP:%SMTPPORT/954 --mail-rcpt recipient@example.com --mail-from sender@example.com -u kurt:xipj3plmq --sasl-authzid ursel -T -
</command>
</client>
#
# Verify data after the test has been "shot"
<verify>
# 67 - CURLE_LOGIN_DENIED
<errorcode>
67
</errorcode>
#
# The multi interface considers a broken "CONNECT" as a prematurely broken
# transfer and such a connection will not get a "QUIT"
<protocol>
EHLO 954
AUTH PLAIN
dXJzZWwAa3VydAB4aXBqM3BsbXE=
</protocol>
</verify>
</testcase>