The SCRAM-SHA-1 stuff wasn't completely working as I thought earlier,
the code to print additional responses didn't wait for the required
empty client response.
/Simon
From 5129044bd776b2af42ff66265aee397d1f4477b4 Mon Sep 17 00:00:00 2001
From: Simon Josefsson <
simon@...>
Date: Thu, 24 Sep 2009 14:59:34 +0200
Subject: [PATCH] Make IMAP server wait for empty final client response.
* imap4d/auth_gsasl.c: Fix.
---
imap4d/auth_gsasl.c | 15 ++++++++++++---
1 files changed, 12 insertions(+), 3 deletions(-)
diff --git a/imap4d/auth_gsasl.c b/imap4d/auth_gsasl.c
index f170f81..3ea71ed 100644
--- a/imap4d/auth_gsasl.c
+++ b/imap4d/auth_gsasl.c
@@ -109,10 +109,19 @@ auth_gsasl (struct imap4d_command *command, char *auth_type, char **username)
return RESP_NO;
}
- /* Some SASL mechanisms output data when GSASL_OK is returned */
+ /* Some SASL mechanisms output additional data when GSASL_OK is
+ returned, and clients must respond with an empty response. */
if (output[0])
- util_send ("+ %s\r\n", output);
-
+ {
+ util_send ("+ %s\r\n", output);
+ imap4d_getline (&input_str, &input_size, &input_len);
+ if (input_len != 0)
+ {
+ mu_diag_output (MU_DIAG_NOTICE, _("Non-empty client response"));
+ return RESP_NO;
+ }
+ }
+
free (output);
if (*username == NULL)
--
1.6.3.3
_______________________________________________
Bug-mailutils mailing list
Bug-mailutils@...
http://lists.gnu.org/mailman/listinfo/bug-mailutils
