Unlike PLAIN, XOAUTH2 and OAUTHBEARER, CRAM-MD5 authentication is not
supported by libcurl and requires OpenSSL. If the user tries to use
CRAM-MD5 authentication without OpenSSL, the previous behaviour was to
attempt to authenticate and fail with a die(error). Handle this in a
better way by first checking if OpenSSL is available and then attempting
to authenticate. If OpenSSL is not available, print an error message and
exit gracefully.
Signed-off-by: Aditya Garg <gargaditya08@xxxxxxxx>
---
imap-send.c | 61 ++++++++++++++++++-----------------------------------
1 file changed, 20 insertions(+), 41 deletions(-)
diff --git a/imap-send.c b/imap-send.c
index 6522f80964..c6e47ddc42 100644
--- a/imap-send.c
+++ b/imap-send.c
@@ -1008,6 +1008,24 @@ static int auth_plain(struct imap_store *ctx, const char *prompt UNUSED)
return 0;
}
+static int auth_cram_md5(struct imap_store *ctx, const char *prompt)
+{
+ int ret;
+ char *response;
+
+ response = cram(prompt, ctx->cfg->user, ctx->cfg->pass);
+
+ ret = socket_write(&ctx->imap->buf.sock, response, strlen(response));
+ if (ret != strlen(response)) {
+ free(response);
+ return error("IMAP error: sending response failed");
+ }
+
+ free(response);
+
+ return 0;
+}
+
static int auth_oauthbearer(struct imap_store *ctx, const char *prompt UNUSED)
{
int ret;
@@ -1050,38 +1068,13 @@ static int auth_xoauth2(struct imap_store *ctx, const char *prompt UNUSED)
#else
-static char *cram(const char *challenge_64 UNUSED,
- const char *user UNUSED,
- const char *pass UNUSED)
-{
- die("If you want to use CRAM-MD5 authenticate method, "
- "you have to build git-imap-send with OpenSSL library.");
-}
-
#define auth_plain NULL
+#define auth_cram_md5 NULL
#define auth_oauthbearer NULL
#define auth_xoauth2 NULL
#endif
-static int auth_cram_md5(struct imap_store *ctx, const char *prompt)
-{
- int ret;
- char *response;
-
- response = cram(prompt, ctx->cfg->user, ctx->cfg->pass);
-
- ret = socket_write(&ctx->imap->buf.sock, response, strlen(response));
- if (ret != strlen(response)) {
- free(response);
- return error("IMAP error: sending response failed");
- }
-
- free(response);
-
- return 0;
-}
-
static void server_fill_credential(struct imap_server_conf *srvc, struct credential *cred)
{
if (srvc->user && srvc->pass)
@@ -1288,26 +1281,12 @@ static struct imap_store *imap_open_store(struct imap_server_conf *srvc, const c
server_fill_credential(srvc, &cred);
if (srvc->auth_method) {
- struct imap_cmd_cb cb;
-
if (!strcmp(srvc->auth_method, "PLAIN")) {
if (try_auth_method(srvc, ctx, imap, "PLAIN", AUTH_PLAIN, auth_plain))
goto bail;
} else if (!strcmp(srvc->auth_method, "CRAM-MD5")) {
- if (!CAP(AUTH_CRAM_MD5)) {
- fprintf(stderr, "You specified "
- "CRAM-MD5 as authentication method, "
- "but %s doesn't support it.\n", srvc->host);
- goto bail;
- }
- /* CRAM-MD5 */
-
- memset(&cb, 0, sizeof(cb));
- cb.cont = auth_cram_md5;
- if (imap_exec(ctx, &cb, "AUTHENTICATE CRAM-MD5") != RESP_OK) {
- fprintf(stderr, "IMAP error: AUTHENTICATE CRAM-MD5 failed\n");
+ if (try_auth_method(srvc, ctx, imap, "CRAM-MD5", AUTH_CRAM_MD5, auth_cram_md5))
goto bail;
- }
} else if (!strcmp(srvc->auth_method, "OAUTHBEARER")) {
if (try_auth_method(srvc, ctx, imap, "OAUTHBEARER", AUTH_OAUTHBEARER, auth_oauthbearer))
goto bail;
--
2.49.0
