diff options
| author | Phil Pennock <pdp@exim.org> | 2013-09-30 00:57:07 -0400 |
|---|---|---|
| committer | Phil Pennock <pdp@exim.org> | 2013-09-30 00:57:07 -0400 |
| commit | 970ba64f07bf5523c7098235664f2ce02962a128 (patch) | |
| tree | a63d0f9bd021f18747deafefde8b3ad216fa9c57 /src | |
| parent | 12d0043db4d843869ed6e85dcb1c87c17bc8b82e (diff) | |
Fix dovecot with empty 334 challenge.
Thomas Morper reported, with 4.82RC1, that he saw "334 NULL" as the
challenge when using AUTH PLAIN to Dovecot when the client does not send
an initial response. I could replicate.
This was caused by commit 3f1df0e3 on 2012-11-19 (PP/13 of 4.82); I was
too cautious in the robustness fixes; the clue came in this line of
debug output:
76430 dovecot: warning: ignoring trailing tab
This change removes that check, and documents in a comment that this
input is acceptable protocol-wise, and why.
With this fix:
AUTH PLAIN
334
AGZyZWRlcmljAGh1bXB0eS1kdW1wdHk=
235 Authentication succeeded
Diffstat (limited to 'src')
| -rw-r--r-- | src/src/auths/dovecot.c | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/src/src/auths/dovecot.c b/src/src/auths/dovecot.c index 032a089ca..94b315209 100644 --- a/src/src/auths/dovecot.c +++ b/src/src/auths/dovecot.c @@ -118,7 +118,6 @@ static int strcut(uschar *str, uschar **ptrs, int nptrs) { uschar *last_sub_start = str; - uschar *lastvalid = str + Ustrlen(str); int n; for (n = 0; n < nptrs; n++) @@ -137,16 +136,14 @@ strcut(uschar *str, uschar **ptrs, int nptrs) str++; } - if (last_sub_start < lastvalid) { - if (n <= nptrs) { - *ptrs = last_sub_start; - } else { - HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs); - n = nptrs; - } + /* It's acceptable for the string to end with a tab character. We see + this in AUTH PLAIN without an initial response from the client, which + causing us to send "334 " and get the data from the client. */ + if (n <= nptrs) { + *ptrs = last_sub_start; } else { - n--; - HDEBUG(D_auth) debug_printf("dovecot: warning: ignoring trailing tab\n"); + HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs); + n = nptrs; } return n <= nptrs ? n : nptrs; |