summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPhil Pennock <pdp@exim.org>2012-05-25 05:01:39 -0400
committerPhil Pennock <pdp@exim.org>2012-05-25 05:01:39 -0400
commit16880d1a95a51a8b57692b216512e8cbb7cc917d (patch)
tree862d5048c49c28ecd910232347880923981bb708
parentab6dcfbe67abc6ed4a85be60510eb5fff58e170d (diff)
Cyrus SASL auth: SSF retrieval was incorrect.
Exim thought protection layer was required, which is not implemented. Patch from Wolfgang Breyha. Fixes bug 1254
-rw-r--r--doc/doc-txt/ChangeLog4
-rw-r--r--src/src/auths/cyrus_sasl.c7
2 files changed, 8 insertions, 3 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index b7a6a00e4..e7b807e3c 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -154,6 +154,10 @@ PP/36 Define _GNU_SOURCE in exim.h; it's needed for some releases of
conflicts. Defined before os.h is pulled in, so if a given platform
needs to override this, it can.
+PP/37 Unbreak Cyrus SASL auth: SSF retrieval was incorrect, Exim thought
+ protection layer was required, which is not implemented.
+ Bugzilla 1254, patch from Wolfgang Breyha.
+
Exim version 4.77
-----------------
diff --git a/src/src/auths/cyrus_sasl.c b/src/src/auths/cyrus_sasl.c
index 8c66b8f76..9b80f8d83 100644
--- a/src/src/auths/cyrus_sasl.c
+++ b/src/src/auths/cyrus_sasl.c
@@ -205,7 +205,7 @@ uschar *debug = NULL; /* Stops compiler complaining */
sasl_callback_t cbs[]={{SASL_CB_LIST_END, NULL, NULL}};
sasl_conn_t *conn;
char *realm_expanded;
-int rc, firsttime=1, clen, negotiated_ssf;
+int rc, firsttime=1, clen, *negotiated_ssf_ptr=NULL, negotiated_ssf;
unsigned int inlen, outlen;
input=data;
@@ -258,7 +258,7 @@ if( rc != SASL_OK )
if (tls_cipher)
{
- rc = sasl_setprop(conn, SASL_SSF_EXTERNAL, &tls_bits);
+ rc = sasl_setprop(conn, SASL_SSF_EXTERNAL, (sasl_ssf_t *) &tls_bits);
if (rc != SASL_OK)
{
HDEBUG(D_auth) debug_printf("Cyrus SASL EXTERNAL SSF set %d failed: %s\n",
@@ -392,7 +392,7 @@ while(rc==SASL_CONTINUE)
debug_printf("Cyrus SASL %s authentication succeeded for %s\n",
ob->server_mech, auth_vars[0]);
- rc = sasl_getprop(conn, SASL_SSF, (const void **)(&negotiated_ssf));
+ rc = sasl_getprop(conn, SASL_SSF, (const void **)(&negotiated_ssf_ptr));
if (rc != SASL_OK)
{
HDEBUG(D_auth)
@@ -405,6 +405,7 @@ while(rc==SASL_CONTINUE)
sasl_done();
return FAIL;
}
+ negotiated_ssf = *negotiated_ssf_ptr;
HDEBUG(D_auth)
debug_printf("Cyrus SASL %s negotiated SSF: %d\n", ob->server_mech, negotiated_ssf);
if (negotiated_ssf > 0)