queue_run_in_order means we cannot do this, as ordering becomes
indeterminate.
+JH/24 Bug 2524: fix the cyrus_sasl auth driver gssapi usage. A previous fix
+ had introduced a string-copy (for ensuring NUL-termination) which was not
+ appropriate for that case, which can include embedded NUL bytes in the
+ block of data. Investigation showed the copy to actually be needless, the
+ data being length-specified.
+
Exim version 4.93
-----------------
/* No data should have been sent with the AUTH command */
-if (*data != 0) return UNEXPECTED;
+if (*data) return UNEXPECTED;
/* Send the challenge, read the return */
check that the remaining length is 32. */
auth_vars[0] = expand_nstring[1] = clear;
-while (*clear != 0 && !isspace(*clear)) clear++;
+while (*clear && !isspace(*clear)) clear++;
if (!isspace(*clear)) return FAIL;
*clear++ = 0;
}
else
{
- /* make sure that we have a null-terminated string */
- out2 = string_copyn(output, outlen);
+ /* auth_get_data() takes a length-specfied block of binary
+ which can include zeroes; no terminating NUL is needed */
- if ((rc = auth_get_data(&input, out2, outlen)) != OK)
+ if ((rc = auth_get_data(&input, output, outlen)) != OK)
{
/* we couldn't get the data, so free up the library before
returning whatever error we get */
/* Get the username and copy it into $auth1 and $1. The former is now the
preferred variable; the latter is the original variable. */
- if ((sasl_getprop(conn, SASL_USERNAME, (const void **)(&out2))) != SASL_OK)
+ if ((sasl_getprop(conn, SASL_USERNAME, (const void **)&out2)) != SASL_OK)
{
HDEBUG(D_auth)
debug_printf("Cyrus SASL library will not tell us the username: %s\n",
* Issue a challenge and get a response *
*************************************************/
-/* This function is used by authentication drivers to output a challenge
-to the SMTP client and read the response line.
+/* This function is used by authentication drivers to b64-encode and
+output a challenge to the SMTP client, and read the response line.
Arguments:
aptr set to point to the response (which is in big_buffer)
- challenge the challenge text (unencoded, may be binary)
- challen the length of the challenge text
+ challenge the challenge data (unencoded, may be binary)
+ challen the length of the challenge data, in bytes
Returns: OK on success
BAD64 if response too large for buffer
}
HDEBUG(D_auth) debug_printf("gssapi: missing initial response, nudging.\n");
- error_out = auth_get_data(&from_client, US"", 0);
- if (error_out != OK)
+ if ((error_out = auth_get_data(&from_client, US"", 0)) != OK)
goto ERROR_OUT;
handled_empty_ir = TRUE;
continue;
projects / exim.git / commitdiff