[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[bug-mailutils] handle SASL additional authentication output
From: |
Simon Josefsson |
Subject: |
[bug-mailutils] handle SASL additional authentication output |
Date: |
Thu, 24 Sep 2009 15:00:20 +0200 |
User-agent: |
Gnus/5.110011 (No Gnus v0.11) Emacs/23.1 (gnu/linux) |
The SCRAM-SHA-1 stuff wasn't completely working as I thought earlier,
the code to print additional responses didn't wait for the required
empty client response.
/Simon
>From 5129044bd776b2af42ff66265aee397d1f4477b4 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <address@hidden>
Date: Thu, 24 Sep 2009 14:59:34 +0200
Subject: [PATCH] Make IMAP server wait for empty final client response.
* imap4d/auth_gsasl.c: Fix.
---
imap4d/auth_gsasl.c | 15 ++++++++++++---
1 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/imap4d/auth_gsasl.c b/imap4d/auth_gsasl.c
index f170f81..3ea71ed 100644
--- a/imap4d/auth_gsasl.c
+++ b/imap4d/auth_gsasl.c
@@ -109,10 +109,19 @@ auth_gsasl (struct imap4d_command *command, char
*auth_type, char **username)
return RESP_NO;
}
- /* Some SASL mechanisms output data when GSASL_OK is returned */
+ /* Some SASL mechanisms output additional data when GSASL_OK is
+ returned, and clients must respond with an empty response. */
if (output[0])
- util_send ("+ %s\r\n", output);
-
+ {
+ util_send ("+ %s\r\n", output);
+ imap4d_getline (&input_str, &input_size, &input_len);
+ if (input_len != 0)
+ {
+ mu_diag_output (MU_DIAG_NOTICE, _("Non-empty client response"));
+ return RESP_NO;
+ }
+ }
+
free (output);
if (*username == NULL)
--
1.6.3.3
- [bug-mailutils] handle SASL additional authentication output,
Simon Josefsson <=