Hi,

a company I work for use libcurl in their applications. I've run some SMTP- and SMTP extension tests with curl and my conclusion is that it seems to support what we need apart from one thing which I will get back to:

BACKGROUND
===========

Today libcurl allows: PLAIN, LOGIN and CRAM-MD5, but a client application may not want to send its credentials in the clear, thus has a need to require CRAM-MD5 only, even if the SMTP server sends a list of all three (or more). If the server does not support CRAM-MD5 the client will rather abort than go down the LOGIN and PLAIN path.

FEATURE
===========

A possibility to control what kind of authentication mechanism to allow from an SMTP client. NOT compile time, but execution time.

INTENTION
===========

My intention is to write (or ask someone else to write) additional code that adds this feature in a way that it can be accepted upstream (by someone curl responsible), where tests will be included in the delivery. This way, the rest of the community can use this feature and we don't have to do a merge for every libcurl source upgrade.

REQUEST
===========

Pointers and initial help on how to go about this, API design suggestions and perhaps an API review. Just to follow the API intentions of curl, we don't need C programming baby sitters.

Comments?

BRs
/Sune

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-10-14