Check query strings of query-style lookups for quoting. Bug 2850

[user/henk/code/exim.git] / src / src / auths / gsasl_exim.c

diff --git a/src/src/auths/gsasl_exim.c b/src/src/auths/gsasl_exim.c
index 2d060d4dac2ba7acf0f73a82a293967ad318fc24..8f74f4d75b6adf50ee9d11b41f019d75f0ace708 100644 (file)
--- a/src/src/auths/gsasl_exim.c
+++ b/src/src/auths/gsasl_exim.c
@@ -112,7 +112,7 @@ void auth_gsasl_init(auth_instance *ablock) {}
 int auth_gsasl_server(auth_instance *ablock, uschar *data) {return 0;}
 int auth_gsasl_client(auth_instance *ablock, void * sx,
   int timeout, uschar *buffer, int buffsize) {return 0;}
-void auth_gsasl_version_report(FILE *f) {}
+gstring * auth_gsasl_version_report(gstring * g) {return NULL;}
 
 void
 auth_gsasl_macros(void)
@@ -642,10 +642,10 @@ static int
 server_callback(Gsasl *ctx, Gsasl_session *sctx, Gsasl_property prop,
   auth_instance *ablock)
 {
-char *tmps;
-uschar *s, *propval;
+char * tmps;
+uschar * s;
 int cbrc = GSASL_NO_CALLBACK;
-auth_gsasl_options_block *ob =
+auth_gsasl_options_block * ob =
   (auth_gsasl_options_block *)(ablock->options_block);
 
 HDEBUG(D_auth) debug_printf("GNU SASL callback %s for %s/%s as server\n",
@@ -786,7 +786,6 @@ set_client_prop(Gsasl_session * sctx, Gsasl_property prop, uschar * val,
   unsigned flags, uschar * buffer, int buffsize)
 {
 uschar * s;
-int rc;
 
 if (!val) return !!(flags & PROP_OPTIONAL);
 if (!(s = expand_string(val)) || !(flags & PROP_OPTIONAL) && !*s)
@@ -898,24 +897,27 @@ if (tls_out.channelbinding)
 for(s = NULL; ;)
   {
   uschar * outstr;
-  BOOL fail;
+  BOOL fail = TRUE;
 
   rc = gsasl_step64(sctx, CS s, CSS &outstr);
 
-  fail = initial
-    ? smtp_write_command(sx, SCMD_FLUSH,
-                       outstr ? "AUTH %s %s\r\n" : "AUTH %s\r\n",
-                       ablock->public_name, outstr) <= 0
-    : outstr
-    ? smtp_write_command(sx, SCMD_FLUSH, "%s\r\n", outstr) <= 0
-    : FALSE;
-  if (outstr && *outstr) free(outstr);
-  if (fail)
+  if (rc == GSASL_NEEDS_MORE || rc == GSASL_OK)
     {
-    yield = FAIL_SEND;
-    goto done;
+    fail = initial
+      ? smtp_write_command(sx, SCMD_FLUSH,
+                         outstr ? "AUTH %s %s\r\n" : "AUTH %s\r\n",
+                         ablock->public_name, outstr) <= 0
+      : outstr
+      ? smtp_write_command(sx, SCMD_FLUSH, "%s\r\n", outstr) <= 0
+      : FALSE;
+    free(outstr);
+    if (fail)
+      {
+      yield = FAIL_SEND;
+      goto done;
+      }
+    initial = FALSE;
     }
-  initial = FALSE;
 
   if (rc != GSASL_NEEDS_MORE)
     {
@@ -970,7 +972,7 @@ switch (prop)
     HDEBUG(D_auth)
       debug_printf(" filling in\n");
     gsasl_property_set(sctx, GSASL_CB_TLS_UNIQUE, CCS tls_out.channelbinding);
-    break;
+    return GSASL_OK;
   case GSASL_SCRAM_SALTED_PASSWORD:
     {
     uschar * client_spassword =
@@ -1003,14 +1005,12 @@ return GSASL_NO_CALLBACK;
 *                Diagnostic API                  *
 *************************************************/
 
-void
-auth_gsasl_version_report(FILE *f)
+gstring *
+auth_gsasl_version_report(gstring * g)
 {
-const char *runtime;
-runtime = gsasl_check_version(NULL);
-fprintf(f, "Library version: GNU SASL: Compile: %s\n"
-          "                           Runtime: %s\n",
-       GSASL_VERSION, runtime);
+return string_fmt_append(g, "Library version: GNU SASL: Compile: %s\n"
+                           "                           Runtime: %s\n",
+       GSASL_VERSION, gsasl_check_version(NULL));
 }