sasl: Don't send authcid as authzid for the PLAIN mechanism as per RFC 4616

RFC 4616 specifies the authzid is optional in the client authentication
message and that the server will derive the authorisation identity
(authzid) from the authentication identity (authcid) when not specified
by the client.

lib/curl_sasl.c

@@ -367,7 +367,7 @@ CURLcode Curl_sasl_start(struct SASL *sasl, struct connectdata *conn,
       sasl->authused = SASL_MECH_PLAIN;
 
       if(force_ir || data->set.sasl_ir)
-        result = Curl_auth_create_plain_message(data, conn->user, conn->user,
+        result = Curl_auth_create_plain_message(data, NULL, conn->user,
                                                 conn->passwd, &resp, &len);
     }
     else if(enabledmechs & SASL_MECH_LOGIN) {
@@ -450,7 +450,7 @@ CURLcode Curl_sasl_continue(struct SASL *sasl, struct connectdata *conn,
     *progress = SASL_DONE;
     return result;
   case SASL_PLAIN:
-    result = Curl_auth_create_plain_message(data, conn->user, conn->user,
+    result = Curl_auth_create_plain_message(data, NULL, conn->user,
                                             conn->passwd, &resp, &len);
     break;
   case SASL_LOGIN:

tests/data/test819

@@ -14,7 +14,7 @@ RFC4616
 <servercmd>
 AUTH PLAIN
 REPLY AUTHENTICATE +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A002 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A002 OK AUTHENTICATE completed
 </servercmd>
 <data>
 From: me@somewhere
@@ -47,7 +47,7 @@ IMAP plain authentication
 <protocol>
 A001 CAPABILITY
 A002 AUTHENTICATE PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 A003 SELECT 819
 A004 FETCH 1 BODY[]
 A005 LOGOUT

tests/data/test825

@@ -47,7 +47,7 @@ IMAP plain authentication with initial response
 <verify>
 <protocol>
 A001 CAPABILITY
-A002 AUTHENTICATE PLAIN dXNlcgB1c2VyAHNlY3JldA==
+A002 AUTHENTICATE PLAIN AHVzZXIAc2VjcmV0
 A003 SELECT 825
 A004 FETCH 1 BODY[]
 A005 LOGOUT

tests/data/test833

@@ -18,7 +18,7 @@ AUTH CRAM-MD5 PLAIN
 REPLY "AUTHENTICATE CRAM-MD5" + Rubbish
 REPLY * A002 NO AUTH exchange cancelled by client
 REPLY "AUTHENTICATE PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
 </servercmd>
 <data>
 From: me@somewhere
@@ -56,7 +56,7 @@ A001 CAPABILITY
 A002 AUTHENTICATE CRAM-MD5
 *
 A003 AUTHENTICATE PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 A004 SELECT 833
 A005 FETCH 1 BODY[]
 A006 LOGOUT

tests/data/test834

@@ -18,7 +18,7 @@ REPLY "AUTHENTICATE NTLM" +
 REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish
 REPLY * A002 NO AUTH exchange cancelled by client
 REPLY "AUTHENTICATE PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
 </servercmd>
 <data>
 From: me@somewhere
@@ -67,7 +67,7 @@ A002 AUTHENTICATE NTLM
 TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
 *
 A003 AUTHENTICATE PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 A004 SELECT 834
 A005 FETCH 1 BODY[]
 A006 LOGOUT

tests/data/test835

@@ -18,7 +18,7 @@ AUTH DIGEST-MD5 PLAIN
 REPLY "AUTHENTICATE DIGEST-MD5" + Rubbish
 REPLY * A002 NO AUTH exchange cancelled by client
 REPLY "AUTHENTICATE PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== A003 OK AUTHENTICATE completed
+REPLY AHVzZXIAc2VjcmV0 A003 OK AUTHENTICATE completed
 </servercmd>
 <data>
 From: me@somewhere
@@ -58,7 +58,7 @@ A001 CAPABILITY
 A002 AUTHENTICATE DIGEST-MD5
 *
 A003 AUTHENTICATE PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 A004 SELECT 835
 A005 FETCH 1 BODY[]
 A006 LOGOUT

tests/data/test865

@@ -16,7 +16,7 @@ RFC5034
 <servercmd>
 AUTH PLAIN
 REPLY AUTH +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
 </servercmd>
 <data>
 From: me@somewhere
@@ -49,7 +49,7 @@ pop3://%HOSTIP:%POP3PORT/865 -u user:secret
 <protocol>
 CAPA
 AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 RETR 865
 QUIT
 </protocol>

tests/data/test871

@@ -48,7 +48,7 @@ pop3://%HOSTIP:%POP3PORT/871 -u user:secret --sasl-ir
 <verify>
 <protocol>
 CAPA
-AUTH PLAIN dXNlcgB1c2VyAHNlY3JldA==
+AUTH PLAIN AHVzZXIAc2VjcmV0
 RETR 871
 QUIT
 </protocol>

tests/data/test879

@@ -20,7 +20,7 @@ AUTH CRAM-MD5 PLAIN
 REPLY "AUTH CRAM-MD5" + Rubbish
 REPLY * -ERR AUTH exchange cancelled by client
 REPLY "AUTH PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
 </servercmd>
 <data>
 From: me@somewhere
@@ -58,7 +58,7 @@ CAPA
 AUTH CRAM-MD5
 *
 AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 RETR 879
 QUIT
 </protocol>

tests/data/test880

@@ -20,7 +20,7 @@ REPLY "AUTH NTLM" +
 REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= + Rubbish
 REPLY * -ERR AUTH exchange cancelled by client
 REPLY "AUTH PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
 </servercmd>
 <data>
 From: me@somewhere
@@ -69,7 +69,7 @@ AUTH NTLM
 TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
 *
 AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 RETR 880
 QUIT
 </protocol>

tests/data/test881

@@ -20,7 +20,7 @@ AUTH DIGEST-MD5 PLAIN
 REPLY "AUTH DIGEST-MD5" + Rubbish
 REPLY * -ERR AUTH exchange cancelled by client
 REPLY "AUTH PLAIN" +
-REPLY dXNlcgB1c2VyAHNlY3JldA== +OK Login successful
+REPLY AHVzZXIAc2VjcmV0 +OK Login successful
 </servercmd>
 <data>
 From: me@somewhere
@@ -60,7 +60,7 @@ CAPA
 AUTH DIGEST-MD5
 *
 AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 RETR 881
 QUIT
 </protocol>

tests/data/test903

@@ -15,7 +15,7 @@ RFC4954
 <servercmd>
 AUTH PLAIN
 REPLY AUTH 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
 </servercmd>
 </reply>
 
@@ -42,7 +42,7 @@ smtp://%HOSTIP:%SMTPPORT/903 --mail-rcpt recipient@example.com --mail-from sende
 <protocol>
 EHLO 903
 AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 MAIL FROM:<sender@example.com>
 RCPT TO:<recipient@example.com>
 DATA

tests/data/test919

@@ -41,7 +41,7 @@ smtp://%HOSTIP:%SMTPPORT/919 --mail-rcpt recipient@example.com --mail-from sende
 <verify>
 <protocol>
 EHLO 919
-AUTH PLAIN dXNlcgB1c2VyAHNlY3JldA==
+AUTH PLAIN AHVzZXIAc2VjcmV0
 MAIL FROM:<sender@example.com>
 RCPT TO:<recipient@example.com>
 DATA

tests/data/test935

@@ -19,7 +19,7 @@ AUTH CRAM-MD5 PLAIN
 REPLY "AUTH CRAM-MD5" 334 Rubbish
 REPLY * 501 AUTH exchange cancelled by client
 REPLY "AUTH PLAIN" 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
 </servercmd>
 </reply>
 
@@ -51,7 +51,7 @@ EHLO 935
 AUTH CRAM-MD5
 *
 AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 MAIL FROM:<sender@example.com>
 RCPT TO:<recipient@example.com>
 DATA

tests/data/test936

@@ -19,7 +19,7 @@ REPLY "AUTH NTLM" 334 NTLM supported
 REPLY TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA= 334 Rubbish
 REPLY * 501 AUTH exchange cancelled by client
 REPLY "AUTH PLAIN" 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
 </servercmd>
 </reply>
 
@@ -62,7 +62,7 @@ AUTH NTLM
 TlRMTVNTUAABAAAABoIIAAAAAAAAAAAAAAAAAAAAAAA=
 *
 AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 MAIL FROM:<sender@example.com>
 RCPT TO:<recipient@example.com>
 DATA

tests/data/test937

@@ -19,7 +19,7 @@ AUTH DIGEST-MD5 PLAIN
 REPLY "AUTH DIGEST-MD5" 334 Rubbish
 REPLY * 501 AUTH exchange cancelled by client
 REPLY "AUTH PLAIN" 334 PLAIN supported
-REPLY dXNlcgB1c2VyAHNlY3JldA== 235 Authenticated
+REPLY AHVzZXIAc2VjcmV0 235 Authenticated
 </servercmd>
 </reply>
 
@@ -53,7 +53,7 @@ EHLO 937
 AUTH DIGEST-MD5
 *
 AUTH PLAIN
-dXNlcgB1c2VyAHNlY3JldA==
+AHVzZXIAc2VjcmV0
 MAIL FROM:<sender@example.com>
 RCPT TO:<recipient@example.com>
 DATA