diff options
| author | Phil Pennock <pdp@exim.org> | 2012-05-25 05:01:39 -0400 |
|---|---|---|
| committer | Phil Pennock <pdp@exim.org> | 2012-05-25 05:01:39 -0400 |
| commit | 16880d1a95a51a8b57692b216512e8cbb7cc917d (patch) | |
| tree | 862d5048c49c28ecd910232347880923981bb708 | |
| parent | ab6dcfbe67abc6ed4a85be60510eb5fff58e170d (diff) | |
| download | exim4-16880d1a95a51a8b57692b216512e8cbb7cc917d.tar.gz | |
Cyrus SASL auth: SSF retrieval was incorrect.
Exim thought protection layer was required, which is not implemented.
Patch from Wolfgang Breyha.
Fixes bug 1254
| -rw-r--r-- | doc/doc-txt/ChangeLog | 4 | ||||
| -rw-r--r-- | src/src/auths/cyrus_sasl.c | 7 |
2 files changed, 8 insertions, 3 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index b7a6a00e4..e7b807e3c 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -154,6 +154,10 @@ PP/36 Define _GNU_SOURCE in exim.h; it's needed for some releases of conflicts. Defined before os.h is pulled in, so if a given platform needs to override this, it can. +PP/37 Unbreak Cyrus SASL auth: SSF retrieval was incorrect, Exim thought + protection layer was required, which is not implemented. + Bugzilla 1254, patch from Wolfgang Breyha. + Exim version 4.77 ----------------- diff --git a/src/src/auths/cyrus_sasl.c b/src/src/auths/cyrus_sasl.c index 8c66b8f76..9b80f8d83 100644 --- a/src/src/auths/cyrus_sasl.c +++ b/src/src/auths/cyrus_sasl.c @@ -205,7 +205,7 @@ uschar *debug = NULL; /* Stops compiler complaining */ sasl_callback_t cbs[]={{SASL_CB_LIST_END, NULL, NULL}}; sasl_conn_t *conn; char *realm_expanded; -int rc, firsttime=1, clen, negotiated_ssf; +int rc, firsttime=1, clen, *negotiated_ssf_ptr=NULL, negotiated_ssf; unsigned int inlen, outlen; input=data; @@ -258,7 +258,7 @@ if( rc != SASL_OK ) if (tls_cipher) { - rc = sasl_setprop(conn, SASL_SSF_EXTERNAL, &tls_bits); + rc = sasl_setprop(conn, SASL_SSF_EXTERNAL, (sasl_ssf_t *) &tls_bits); if (rc != SASL_OK) { HDEBUG(D_auth) debug_printf("Cyrus SASL EXTERNAL SSF set %d failed: %s\n", @@ -392,7 +392,7 @@ while(rc==SASL_CONTINUE) debug_printf("Cyrus SASL %s authentication succeeded for %s\n", ob->server_mech, auth_vars[0]); - rc = sasl_getprop(conn, SASL_SSF, (const void **)(&negotiated_ssf)); + rc = sasl_getprop(conn, SASL_SSF, (const void **)(&negotiated_ssf_ptr)); if (rc != SASL_OK) { HDEBUG(D_auth) @@ -405,6 +405,7 @@ while(rc==SASL_CONTINUE) sasl_done(); return FAIL; } + negotiated_ssf = *negotiated_ssf_ptr; HDEBUG(D_auth) debug_printf("Cyrus SASL %s negotiated SSF: %d\n", ob->server_mech, negotiated_ssf); if (negotiated_ssf > 0) |