Lines Matching refs:SASL
24 * RFC4422 Simple Authentication and Security Layer (SASL)
27 * RFC7628 A Set of SASL Mechanisms for OAuth
28 * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
73 * This is used to cleanup any libraries or curl modules used by the sasl
107 * Convert a SASL mechanism name into a token.
115 * Returns the SASL mechanism token or 0 if no match.
145 CURLcode Curl_sasl_parse_url_auth_option(struct SASL *sasl,
154 if(sasl->resetprefs) {
155 sasl->resetprefs = FALSE;
156 sasl->prefmech = SASL_AUTH_NONE;
160 sasl->prefmech = SASL_AUTH_DEFAULT;
164 sasl->prefmech |= mechbit;
175 * Initializes the SASL structure.
177 void Curl_sasl_init(struct SASL *sasl, const struct SASLproto *params)
179 sasl->params = params; /* Set protocol dependent parameters */
180 sasl->state = SASL_STOP; /* Not yet running */
181 sasl->authmechs = SASL_AUTH_NONE; /* No known authentication mechanism yet */
182 sasl->prefmech = SASL_AUTH_DEFAULT; /* Prefer all mechanisms */
183 sasl->authused = SASL_AUTH_NONE; /* No the authentication mechanism used */
184 sasl->resetprefs = TRUE; /* Reset prefmech upon AUTH parsing. */
185 sasl->mutual_auth = FALSE; /* No mutual authentication (GSSAPI only) */
186 sasl->force_ir = FALSE; /* Respect external option */
192 * This is the ONLY way to change SASL state!
194 static void state(struct SASL *sasl, struct connectdata *conn,
220 if(sasl->state != newstate)
221 infof(conn->data, "SASL %p state change from %s to %s\n",
222 (void *)sasl, names[sasl->state], names[newstate]);
227 sasl->state = newstate;
235 bool Curl_sasl_can_authenticate(struct SASL *sasl, struct connectdata *conn)
242 if(sasl->authmechs & sasl->prefmech & SASL_MECH_EXTERNAL)
251 * Calculate the required login details for SASL authentication.
253 CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
270 sasl->params->service;
273 sasl->force_ir = force_ir; /* Latch for future use */
274 sasl->authused = 0; /* No mechanism used yet */
275 enabledmechs = sasl->authmechs & sasl->prefmech;
283 sasl->authused = SASL_MECH_EXTERNAL;
293 sasl->mutual_auth = FALSE; /* TODO: Calculate mutual authentication */
297 sasl->authused = SASL_MECH_GSSAPI;
304 sasl->mutual_auth,
315 sasl->authused = SASL_MECH_DIGEST_MD5;
320 sasl->authused = SASL_MECH_CRAM_MD5;
329 sasl->authused = SASL_MECH_NTLM;
345 sasl->authused = SASL_MECH_OAUTHBEARER;
357 sasl->authused = SASL_MECH_XOAUTH2;
368 sasl->authused = SASL_MECH_PLAIN;
378 sasl->authused = SASL_MECH_LOGIN;
386 if(resp && sasl->params->maxirlen &&
387 strlen(mech) + len > sasl->params->maxirlen) {
392 result = sasl->params->sendauth(conn, mech, resp);
395 state(sasl, conn, resp ? state2 : state1);
409 CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
427 sasl->params->service;
434 if(sasl->state == SASL_FINAL) {
435 if(code != sasl->params->finalcode)
438 state(sasl, conn, SASL_STOP);
442 if(sasl->state != SASL_CANCEL && sasl->state != SASL_OAUTH2_RESP &&
443 code != sasl->params->contcode) {
445 state(sasl, conn, SASL_STOP);
449 switch(sasl->state) {
471 sasl->params->getmessage(data->state.buffer, &serverdata);
479 sasl->params->getmessage(data->state.buffer, &serverdata);
504 sasl->params->getmessage(data->state.buffer, &serverdata);
520 sasl->mutual_auth, NULL,
526 sasl->params->getmessage(data->state.buffer, &serverdata);
527 if(sasl->mutual_auth) {
532 sasl->mutual_auth,
544 sasl->params->getmessage(data->state.buffer, &serverdata);
554 if(sasl->authused == SASL_MECH_OAUTHBEARER) {
573 if(code == sasl->params->finalcode) {
576 state(sasl, conn, SASL_STOP);
579 else if(code == sasl->params->contcode) {
589 state(sasl, conn, SASL_STOP);
595 sasl->authmechs ^= sasl->authused;
597 /* Start an alternative SASL authentication */
598 result = Curl_sasl_start(sasl, conn, sasl->force_ir, progress);
599 newstate = sasl->state; /* Use state from Curl_sasl_start() */
602 failf(data, "Unsupported SASL authentication mechanism");
610 result = sasl->params->sendcont(conn, "*");
615 result = sasl->params->sendcont(conn, resp);
625 state(sasl, conn, newstate);
