# HG changeset patch # User Brendan Cully # Date 1157736633 0 # Node ID 4b8ef24b823e8295d58f599cb1d7014270dec064 # Parent 6fd5fb51a9dc102a1b39dcda26201c60215ee954 Don't send protocol garbage to sasl_decode64 during POP authentication. Also enable SASL plaintext: $foo_authenticators is a more general solution. --- a/mutt_sasl.c Fri Sep 08 15:45:57 2006 +0000 +++ b/mutt_sasl.c Fri Sep 08 17:30:33 2006 +0000 @@ -221,15 +221,10 @@ int mutt_sasl_client_new (CONNECTION* co return -1; } - /* set security properties. We use NOPLAINTEXT globally, since we can - * just fall back to LOGIN in the IMAP case anyway. If that doesn't - * work for POP, we can make it a flag or move this code into - * imap/auth_sasl.c */ memset (&secprops, 0, sizeof (secprops)); /* Work around a casting bug in the SASL krb4 module */ secprops.max_ssf = 0x7fff; secprops.maxbufsize = M_SASL_MAXBUF; - secprops.security_flags |= SASL_SEC_NOPLAINTEXT; if (sasl_setprop (*saslconn, SASL_SEC_PROPS, &secprops) != SASL_OK) { dprint (1, (debugfile, --- a/pop_auth.c Fri Sep 08 15:45:57 2006 +0000 +++ b/pop_auth.c Fri Sep 08 17:30:33 2006 +0000 @@ -46,8 +46,7 @@ static pop_auth_res_t pop_auth_sasl (POP char inbuf[LONG_STRING]; const char* mech; const char *pc = NULL; - unsigned int len, olen; - unsigned char client_start; + unsigned int len, olen, client_start; if (mutt_sasl_client_new (pop_data->conn, &saslconn) < 0) { @@ -74,7 +73,7 @@ static pop_auth_res_t pop_auth_sasl (POP return POP_A_UNAVAIL; } - client_start = (olen > 0); + client_start = olen; mutt_message _("Authenticating (SASL)..."); @@ -93,11 +92,11 @@ static pop_auth_res_t pop_auth_sasl (POP return POP_A_SOCKET; } - if (rc != SASL_CONTINUE) + if (!client_start && rc != SASL_CONTINUE) break; if (!mutt_strncmp (inbuf, "+ ", 2) - && sasl_decode64 (inbuf, strlen (inbuf), buf, LONG_STRING-1, &len) != SASL_OK) + && sasl_decode64 (inbuf+2, strlen (inbuf+2), buf, LONG_STRING-1, &len) != SASL_OK) { dprint (1, (debugfile, "pop_auth_sasl: error base64-decoding server response.\n")); goto bail; @@ -112,7 +111,10 @@ static pop_auth_res_t pop_auth_sasl (POP mutt_sasl_interact (interaction); } else + { + olen = client_start; client_start = 0; + } if (rc != SASL_CONTINUE && (olen == 0 || rc != SASL_OK)) break;