From fc5a3d34bb2dd42de653e2a2ad761d229aba8954 Mon Sep 17 00:00:00 2001
From: Eduardo Chappa <chappa@washington.edu>
Date: Sun, 1 Nov 2020 16:21:25 -0700
Subject:    * The previous commit does not allow clients to login using
 xoauth2, so      this commit fixes that.

---
 imap/src/c-client/auth_bea.c   |  6 +++---
 imap/src/c-client/auth_oa2.c   |  8 ++++----
 imap/src/c-client/imap4r1.c    | 19 +++++++++++--------
 imap/src/c-client/oauth2_aux.c |  4 +++-
 pith/pine.hlp                  |  2 +-
 5 files changed, 22 insertions(+), 17 deletions(-)

diff --git a/imap/src/c-client/auth_bea.c b/imap/src/c-client/auth_bea.c
index d9f5e06..4b001ac 100644
--- a/imap/src/c-client/auth_bea.c
+++ b/imap/src/c-client/auth_bea.c
@@ -109,7 +109,7 @@ long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder
       if (!base)
 	(*responder) (stream,NIL,NIL,0);
       *trial = 0;		/* cancel subsequent attempts */
-      ret = LONGT;		/* will get a BAD response back */
+      ret = base ? NIL : LONGT;		/* will get a BAD response back */
     }
     else {
       char ports[10];
@@ -145,12 +145,12 @@ long auth_oauthbearer_client (authchallenge_t challenger,authrespond_t responder
 	}
       }
       fs_give ((void **) &response);
+      if (!ret)
+	 *trial = 65535; 	/* don't retry if bad protocol */
     }
   }
   if(oauth2.param[OA2_Id].value) fs_give((void **) &oauth2.param[OA2_Id].value);
   if(oauth2.param[OA2_Secret].value) fs_give((void **) &oauth2.param[OA2_Secret].value);
   if(oauth2.param[OA2_Tenant].value) fs_give((void **) &oauth2.param[OA2_Tenant].value);
-  if (!ret)
-      *trial = 65535; 			/* don't retry if bad protocol */
   return ret;
 }
diff --git a/imap/src/c-client/auth_oa2.c b/imap/src/c-client/auth_oa2.c
index b446b40..47cd726 100644
--- a/imap/src/c-client/auth_oa2.c
+++ b/imap/src/c-client/auth_oa2.c
@@ -134,9 +134,9 @@ long auth_oauth2_client (authchallenge_t challenger,authrespond_t responder, cha
 
     /* empty challenge or user requested abort or client does not have info */
     if(tryanother || !oauth2.access_token) {
-       if (!base) (*responder) (stream,base,NIL,0);
+      if (!base) (*responder) (stream,base,NIL,0);
       *trial = 0;		/* cancel subsequent attempts */
-      ret = LONGT;		/* will get a BAD response back */
+      ret = base ? NIL : LONGT;		/* will get a BAD response back */
     }
     else {
       unsigned long rlen = strlen(OAUTH2_USER) + strlen(user)
@@ -164,12 +164,12 @@ long auth_oauth2_client (authchallenge_t challenger,authrespond_t responder, cha
 	}
       }
       fs_give ((void **) &response);
+      if (!ret)
+	*trial = 65535; 	/* don't retry if bad protocol */
     }
   }
   if(oauth2.param[OA2_Id].value) fs_give((void **) &oauth2.param[OA2_Id].value);
   if(oauth2.param[OA2_Secret].value) fs_give((void **) &oauth2.param[OA2_Secret].value);
   if(oauth2.param[OA2_Tenant].value) fs_give((void **) &oauth2.param[OA2_Tenant].value);
-  if (!ret)
-      *trial = 65535; 			/* don't retry if bad protocol */
   return ret;
 }
diff --git a/imap/src/c-client/imap4r1.c b/imap/src/c-client/imap4r1.c
index 344eada..6970396 100644
--- a/imap/src/c-client/imap4r1.c
+++ b/imap/src/c-client/imap4r1.c
@@ -1215,20 +1215,23 @@ long imap_auth (MAILSTREAM *stream,NETMBX *mb,char *tmp,char *usr)
 	ok = (*at->client) (imap_challenge,imap_response,base,"imap",mb,stream,
 			    net_port(LOCAL->netstream),&trial,usr);
 	LOCAL->sensitive = NIL;	/* unhide */
-	if(!base){
+
+	if(base && !trial){	/* do it now, instead of later */
+	  mm_log ("IMAP Authentication cancelled",ERROR);
+	  return NIL;
+	}
 				/* make sure have a response */
-	  if (!(reply = &LOCAL->reply)->tag)
+	if (!(reply = &LOCAL->reply)->tag)
 	    reply = imap_fake (stream,tag,
 			     "[CLOSED] IMAP connection broken (authenticate)");
-	  else if (compare_cstring (reply->tag,tag))
+	else if (compare_cstring (reply->tag,tag))
 	    while (compare_cstring ((reply = imap_reply (stream,tag))->tag,tag))
 	      imap_soutr (stream,"*");
 				/* good if SASL ok and success response */
-	  if (ok && imap_OK (stream,reply)){
-	     if(stream->auth.name) fs_give((void **) &stream->auth.name);
-	     stream->auth.name = cpystr(at->name);	/* save method name */
-	     return T;
-	  }
+	if (ok && imap_OK (stream,reply)){
+	   if(stream->auth.name) fs_give((void **) &stream->auth.name);
+	   stream->auth.name = cpystr(at->name);	/* save method name */
+	   return T;
 	}
 	if (!trial) {		/* if main program requested cancellation */
 	  mm_log ("IMAP Authentication cancelled",ERROR);
diff --git a/imap/src/c-client/oauth2_aux.c b/imap/src/c-client/oauth2_aux.c
index 6b7c401..420f3be 100644
--- a/imap/src/c-client/oauth2_aux.c
+++ b/imap/src/c-client/oauth2_aux.c
@@ -146,8 +146,10 @@ mm_login_oauth2_c_client_method (NETMBX *mb, char *user, char *method,
    }
 
    if(oauth2->param[OA2_Id].value == NULL
-	|| (oauth2->require_secret && oauth2->param[OA2_Secret].value == NULL))
+	|| (oauth2->require_secret && oauth2->param[OA2_Secret].value == NULL)){
+      *tryanother = 1;
       return;
+   }
 
    /* Do we have a method to execute? */
    if (oauth2->first_time && oauth2->server_mthd[OA2_GetDeviceCode].name){
diff --git a/pith/pine.hlp b/pith/pine.hlp
index 002b804..1f6f651 100644
--- a/pith/pine.hlp
+++ b/pith/pine.hlp
@@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any
 reasonable place to be called from.
 Dummy change to get revision in pine.hlp
 ============= h_revision =================
-Alpine Commit 514 2020-11-01 12:25:08
+Alpine Commit 515 2020-11-01 16:21:21
 ============= h_news =================
 <HTML>
 <HEAD>
-- 
cgit v1.2.3-54-g00ecf