Hiya, On Sun, 25 Aug 2013, Kyle L. Huff wrote:
> Perhaps in addition to moving the call to checkpassword() to > after the parameter collection it might be intuitive to add a new > type to checkpasswd() - say, "XOAUTH2 Access Token" - to prompt > for an omitted bearer. This would handle cases where the auth > mech was explicitly defined as AUTH=XOAUTH2, but no bearer > token was provided. Nice idea - I will look into moving checkpasswd(). > Below is an example of the behavior of a few examples with the > included patches. Hopefully this gives you a better context of the > current behavior. > > command: curl --url "smtps://smtp.domain.com:465" -u > [email protected];AUTH=XOAUTH2 --bearer ya29.AHES...xMbS > result: prompts for password; auth LOGIN is attempted Interesting - I would have expected OAUTH to be attempted :( > Also, I removed the check for conn->bearer from the functions > imap_perform_authenticate and smtp_perform_authenticate, as > I believe this check lacks sanity. With that check If the bearer is > absent the result would is "No known authentication mechanisms > supported!", which I believe should result in code 334 "Authentication > Failure". Any check for the bearer should be done elsewhere (if at all). That makes more sense. Finally, I see from the patch files that you've used a slightly different name and email address for your commits than the one you post here as. I would prefer to use the same so the change log in git is more "humanly" readable - I can fix this up rather than posting new patches but just wanted to check if you would prefer "Kyle L. Huff" or "Kyle Huff" ? Kind Regards Steve ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
