curl: --sasl-authzid added

curl · Apr 20, 2019 · 71870ce · 71870ce
1 parent d5e5454
commit 71870ce
Show file tree

Hide file tree

Showing 7 changed files with 26 additions and 1 deletion.
diff --git a/docs/cmdline-opts/Makefile.inc b/docs/cmdline-opts/Makefile.inc
@@ -154,6 +154,7 @@ DPAGES =					\
   retry-delay.d					\
   retry-max-time.d				\
   retry.d					\
+  sasl-authzid.d					\
   sasl-ir.d					\
   service-name.d				\
   show-error.d					\

diff --git a/docs/cmdline-opts/sasl-authzid.d b/docs/cmdline-opts/sasl-authzid.d
@@ -0,0 +1,11 @@
+Long: sasl-authzid
+Help: Use this identity to act as during SASL PLAIN authentication
+Added: 7.65.0
+---
+Use this authorisation identity (authzid), during SASL PLAIN authentication,
+in addition to the authentication identity (authcid) as specified by --user.
+
+If the option isn't specified, the server will derive the authzid from the
+authcid, but if specified, and depending on the server implementation, it may
+be used to access another user's inbox, that the user has been granted access
+to, or a shared mailbox for example.
diff --git a/src/tool_cfgable.c b/src/tool_cfgable.c
@@ -133,6 +133,7 @@ static void free_config_fields(struct OperationConfig *config)
   Curl_safefree(config->krblevel);
 
   Curl_safefree(config->oauth_bearer);
+  Curl_safefree(config->sasl_authzid);
 
   Curl_safefree(config->unix_socket_path);
   Curl_safefree(config->writeout);

diff --git a/src/tool_cfgable.h b/src/tool_cfgable.h
@@ -97,6 +97,7 @@ struct OperationConfig {
   char *mail_from;
   struct curl_slist *mail_rcpt;
   char *mail_auth;
+  char *sasl_authzid;       /* Authorisation identity (identity to use) */
   bool sasl_ir;             /* Enable/disable SASL initial response */
   bool proxytunnel;
   bool ftp_append;          /* APPE on ftp */

diff --git a/src/tool_getparam.c b/src/tool_getparam.c
@@ -177,7 +177,8 @@ static const struct LongShort aliases[]= {
   {"$H", "mail-auth",                ARG_STRING},
   {"$I", "post303",                  ARG_BOOL},
   {"$J", "metalink",                 ARG_BOOL},
-  {"$K", "sasl-ir",                  ARG_BOOL},
+  {"$6", "sasl-authzid",             ARG_STRING},
+  {"$K", "sasl-ir",                  ARG_BOOL },
   {"$L", "test-event",               ARG_BOOL},
   {"$M", "unix-socket",              ARG_FILENAME},
   {"$N", "path-as-is",               ARG_BOOL},
@@ -1094,6 +1095,9 @@ ParameterError getparameter(const char *flag, /* f or -long-flag */
 #endif
           break;
         }
+      case '6': /* --sasl-authzid */
+        GetStr(&config->sasl_authzid, nextarg);
+        break;
       case 'K': /* --sasl-ir */
         config->sasl_ir = toggle;
         break;

diff --git a/src/tool_help.c b/src/tool_help.c
@@ -385,6 +385,8 @@ static const struct helptxt helptext[] = {
    "Wait time between retries"},
   {"    --retry-max-time <seconds>",
    "Retry only within this period"},
+  {"    --sasl-authzid <identity> ",
+   "Use this identity to act as during SASL PLAIN authentication"},
   {"    --sasl-ir",
    "Enable initial response in SASL authentication"},
   {"    --service-name <name>",

diff --git a/src/tool_operate.c b/src/tool_operate.c
@@ -1494,6 +1494,10 @@ static CURLcode operate_do(struct GlobalConfig *global,
         if(config->mail_auth)
           my_setopt_str(curl, CURLOPT_MAIL_AUTH, config->mail_auth);
 
+        /* new in 7.65.0 */
+        if(config->sasl_authzid)
+          my_setopt_str(curl, CURLOPT_SASL_AUTHZID, config->sasl_authzid);
+
         /* new in 7.31.0 */
         if(config->sasl_ir)
           my_setopt(curl, CURLOPT_SASL_IR, 1L);
@@ -1517,6 +1521,7 @@ static CURLcode operate_do(struct GlobalConfig *global,
                           config->unix_socket_path);
           }
         }
+
         /* new in 7.45.0 */
         if(config->proto_default)
           my_setopt_str(curl, CURLOPT_DEFAULT_PROTOCOL, config->proto_default);