Mercurial > dovecot > core-2.2
changeset 984:907b9845eaa6 HEAD
PLAIN SASL-authentication was a bit broken.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Mon, 20 Jan 2003 15:53:31 +0200 |
parents | f57cc4bfa195 |
children | 961617a56fb9 |
files | src/auth/auth-plain.c src/login/client-authenticate.c |
diffstat | 2 files changed, 15 insertions(+), 14 deletions(-) [+] |
line wrap: on
line diff
--- a/src/auth/auth-plain.c Mon Jan 20 13:49:29 2003 +0200 +++ b/src/auth/auth-plain.c Mon Jan 20 15:53:31 2003 +0200 @@ -13,7 +13,7 @@ { struct auth_cookie_reply_data *cookie_reply = cookie->context; struct auth_reply_data reply; - const char *user; + const char *authid, *authenid; char *pass; size_t i, count, len; @@ -23,27 +23,29 @@ reply.result = AUTH_RESULT_FAILURE; memcpy(reply.cookie, cookie->cookie, AUTH_COOKIE_SIZE); - /* data should contain user\0...\0pass */ - user = (const char *) data; - pass = NULL; + /* authorization ID \0 authentication ID \0 pass. + we'll ignore authorization ID for now. */ + authid = (const char *) data; + authenid = NULL; pass = NULL; + count = 0; for (i = 0; i < request->data_size; i++) { - if (data[i] == '\0' && ++count == 2) { - i++; - if (i == request->data_size) - pass = ""; + if (data[i] == '\0') { + if (++count == 1) + authenid = data + i+1; else { + i++; len = request->data_size - i; pass = t_malloc(len+1); - memcpy(pass, (const char *) data + i, len); - pass[len] = '\0'; + memcpy(pass, data + i, len); + pass[len] = '\0'; + break; } - break; } } if (pass != NULL) { - if (userinfo->verify_plain(user, pass, cookie_reply)) { + if (userinfo->verify_plain(authenid, pass, cookie_reply)) { cookie_reply->success = TRUE; reply.result = AUTH_RESULT_SUCCESS;
--- a/src/login/client-authenticate.c Mon Jan 20 13:49:29 2003 +0200 +++ b/src/login/client-authenticate.c Mon Jan 20 15:53:31 2003 +0200 @@ -208,9 +208,8 @@ return TRUE; } - /* code it into user\0user\0password */ + /* authorization ID \0 authentication ID \0 pass */ buffer_set_used_size(client->plain_login, 0); - buffer_append(client->plain_login, user, strlen(user)); buffer_append_c(client->plain_login, '\0'); buffer_append(client->plain_login, user, strlen(user)); buffer_append_c(client->plain_login, '\0');