On Sat, Aug 24, 2013 at 4:58 PM, Steve Holme <[email protected]> wrote:
> Many thanks for your efforts here. My pleasure! It almost seems like writing it was less effort than your review. (and maybe that is evident with all the white-space issues I missed...) > Do you know if OAUTH 2.0 is supported in POP3 as well? POP3 might support OAUTH 2.0, but I have not found a provider that has implemented it. I know that presently the google POP3 service does not support OAUTH 2.0. > * I'm not sure the check for conn->xoauth2_bearer is best placed in > smtp_statemach_act() as it a) doesn't allow for returning an error code and > b) isn't checked when the initial response is used - suggest moving it into > smtp_state_auth_xoauth2_resp() You are correct, that was a vestige of some testing I was doing. I removed it. > case 'u' (line 1639) but the check for err is still outside that if > statement I was trying to avoid an error if no password was specified, since the bearer token is the password. I have since changed it to only evaluate err if the bearer token is not present. I still don't like this though, because it only works if the user has specified the --bearer parameter before the --user parameter. Perhaps there is way I am not aware of to look ahead in the options provided to determine if the --bearer parameter has been specified, negating the need for a password. > The most important items in this list were the lack of setting state2 in > smtp_perform_authenticate() and the use of a stack based buffer in the sasl > code. All of the items you mentioned have been corrected and the only notes for any of the items you listed are added above. When I wrote the stack based buffer in the sasl file, I was without internet access using an older version of cURL source -- it felt dirty at the time but I tried to match the conventions used elsewhere in the same file. I should have checked those areas after I pulled in the more recent commits. > Additionally, could you please split patch 1 into two separate patches: one > for adding bearer token support and the second for adding the support to > SMTP as that will help keep things separate when I come to commit your > changes which I will do one at a time allowing the auto builds to pick up > anything I may have missed. Not a problem; git makes that easy! Thank you very much for your attention to this project and the related patches. -- Kyle L. Huff http://curetheitch.com http://webpg.org
0001-curllib-add-basic-SASL-XOAUTH2-support.patch
Description: Binary data
0002-curllib-IMAP-add-basic-SASL-XOAUTH2-support-to-IMAP.patch
Description: Binary data
0003-curllib-SMTP-add-basic-SASL-XOAUTH2-support-to-SMTP.patch
Description: Binary data
0004-curl-binary-add-basic-SASL-XOAUTH2-support-to-binary.patch
Description: Binary data
0005-curl-help-add-bearer-option-to-help.patch
Description: Binary data
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
