From 970ba64f07bf5523c7098235664f2ce02962a128 Mon Sep 17 00:00:00 2001 From: Phil Pennock Date: Mon, 30 Sep 2013 00:57:07 -0400 Subject: Fix dovecot with empty 334 challenge. Thomas Morper reported, with 4.82RC1, that he saw "334 NULL" as the challenge when using AUTH PLAIN to Dovecot when the client does not send an initial response. I could replicate. This was caused by commit 3f1df0e3 on 2012-11-19 (PP/13 of 4.82); I was too cautious in the robustness fixes; the clue came in this line of debug output: 76430 dovecot: warning: ignoring trailing tab This change removes that check, and documents in a comment that this input is acceptable protocol-wise, and why. With this fix: AUTH PLAIN 334 AGZyZWRlcmljAGh1bXB0eS1kdW1wdHk= 235 Authentication succeeded --- src/src/auths/dovecot.c | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) (limited to 'src') diff --git a/src/src/auths/dovecot.c b/src/src/auths/dovecot.c index 032a089ca..94b315209 100644 --- a/src/src/auths/dovecot.c +++ b/src/src/auths/dovecot.c @@ -118,7 +118,6 @@ static int strcut(uschar *str, uschar **ptrs, int nptrs) { uschar *last_sub_start = str; - uschar *lastvalid = str + Ustrlen(str); int n; for (n = 0; n < nptrs; n++) @@ -137,16 +136,14 @@ strcut(uschar *str, uschar **ptrs, int nptrs) str++; } - if (last_sub_start < lastvalid) { - if (n <= nptrs) { - *ptrs = last_sub_start; - } else { - HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs); - n = nptrs; - } + /* It's acceptable for the string to end with a tab character. We see + this in AUTH PLAIN without an initial response from the client, which + causing us to send "334 " and get the data from the client. */ + if (n <= nptrs) { + *ptrs = last_sub_start; } else { - n--; - HDEBUG(D_auth) debug_printf("dovecot: warning: ignoring trailing tab\n"); + HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs); + n = nptrs; } return n <= nptrs ? n : nptrs; -- cgit v1.2.3