Lines Matching refs:SASL
24 * RFC4422 Simple Authentication and Security Layer (SASL)
27 * Draft LOGIN SASL Mechanism <draft-murchison-sasl-login-00.txt>
1196 * This is used to cleanup any libraries or curl modules used by the sasl
1230 * Convert a SASL mechanism name into a token.
1238 * Returns the SASL mechanism token or 0 if no match.
1268 CURLcode Curl_sasl_parse_url_auth_option(struct SASL *sasl,
1278 if(sasl->resetprefs) {
1279 sasl->resetprefs = FALSE;
1280 sasl->prefmech = SASL_AUTH_NONE;
1284 sasl->prefmech = SASL_AUTH_DEFAULT;
1287 sasl->prefmech |= mechbit;
1297 * Initializes the SASL structure.
1299 void Curl_sasl_init(struct SASL *sasl, const struct SASLproto *params)
1301 sasl->params = params; /* Set protocol dependent parameters */
1302 sasl->state = SASL_STOP; /* Not yet running */
1303 sasl->authmechs = SASL_AUTH_NONE; /* No known authentication mechanism yet */
1304 sasl->prefmech = SASL_AUTH_DEFAULT; /* Prefer all mechanisms */
1305 sasl->authused = SASL_AUTH_NONE; /* No the authentication mechanism used */
1306 sasl->resetprefs = TRUE; /* Reset prefmech upon AUTH parsing. */
1307 sasl->mutual_auth = FALSE; /* No mutual authentication (GSSAPI only) */
1308 sasl->force_ir = FALSE; /* Respect external option */
1314 * This is the ONLY way to change SASL state!
1316 static void state(struct SASL *sasl, struct connectdata *conn,
1341 if(sasl->state != newstate)
1342 infof(conn->data, "SASL %p state change from %s to %s\n",
1343 (void *)sasl, names[sasl->state], names[newstate]);
1348 sasl->state = newstate;
1356 bool Curl_sasl_can_authenticate(struct SASL *sasl, struct connectdata *conn)
1363 if(sasl->authmechs & sasl->prefmech & SASL_MECH_EXTERNAL)
1372 * Calculate the required login details for SASL authentication.
1374 CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
1386 sasl->force_ir = force_ir; /* Latch for future use */
1387 sasl->authused = 0; /* No mechanism used yet */
1388 enabledmechs = sasl->authmechs & sasl->prefmech;
1396 sasl->authused = SASL_MECH_EXTERNAL;
1404 sasl->mutual_auth = FALSE; /* TODO: Calculate mutual authentication */
1408 sasl->authused = SASL_MECH_GSSAPI;
1413 sasl->params->service,
1414 sasl->mutual_auth,
1424 sasl->authused = SASL_MECH_DIGEST_MD5;
1429 sasl->authused = SASL_MECH_CRAM_MD5;
1438 sasl->authused = SASL_MECH_NTLM;
1449 sasl->authused = SASL_MECH_XOAUTH2;
1460 sasl->authused = SASL_MECH_LOGIN;
1468 sasl->authused = SASL_MECH_PLAIN;
1477 if(resp && sasl->params->maxirlen &&
1478 strlen(mech) + len > sasl->params->maxirlen) {
1484 result = sasl->params->sendauth(conn, mech, resp);
1487 state(sasl, conn, resp? state2: state1);
1502 CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
1518 if(sasl->state == SASL_FINAL) {
1519 if(code != sasl->params->finalcode)
1522 state(sasl, conn, SASL_STOP);
1526 if(sasl->state != SASL_CANCEL && code != sasl->params->contcode) {
1528 state(sasl, conn, SASL_STOP);
1532 switch(sasl->state) {
1553 sasl->params->getmessage(data->state.buffer, &serverdata);
1561 sasl->params->getmessage(data->state.buffer, &serverdata);
1564 sasl->params->service,
1583 sasl->params->getmessage(data->state.buffer, &serverdata);
1597 sasl->params->service,
1598 sasl->mutual_auth, NULL,
1604 sasl->params->getmessage(data->state.buffer, &serverdata);
1605 if(sasl->mutual_auth) {
1609 sasl->mutual_auth,
1621 sasl->params->getmessage(data->state.buffer, &serverdata);
1636 sasl->authmechs ^= sasl->authused;
1638 /* Start an alternative SASL authentication */
1639 result = Curl_sasl_start(sasl, conn, sasl->force_ir, progress);
1640 newstate = sasl->state; /* Use state from Curl_sasl_start() */
1643 failf(data, "Unsupported SASL authentication mechanism");
1651 result = sasl->params->sendcont(conn, "*");
1656 result = sasl->params->sendcont(conn, resp);
1666 state(sasl, conn, newstate);
