X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Fauths%2Fget_data.c;h=88359658ab5c3300f610bc152a64841924f9fd9e;hb=8f0d0a3138e138ffa6bcc94c8378f5eb22573f0e;hp=37dcd37cc54a43ed6fe23780eb58df3ad46d822b;hpb=a310a8d09c56e6049714ae4e4070c16ecb6aa2b1;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/src/src/auths/get_data.c b/src/src/auths/get_data.c index 37dcd37cc..88359658a 100644 --- a/src/src/auths/get_data.c +++ b/src/src/auths/get_data.c @@ -3,6 +3,7 @@ *************************************************/ /* Copyright (c) University of Cambridge 1995 - 2018 */ +/* Copyright (c) The Exim Maintainers 2020 */ /* See the file NOTICE for conditions of use and distribution. */ #include "../exim.h" @@ -53,13 +54,13 @@ return OK; * Issue a challenge and get a response * *************************************************/ -/* This function is used by authentication drivers to output a challenge -to the SMTP client and read the response line. +/* This function is used by authentication drivers to b64-encode and +output a challenge to the SMTP client, and read the response line. Arguments: aptr set to point to the response (which is in big_buffer) - challenge the challenge text (unencoded, may be binary) - challen the length of the challenge text + challenge the challenge data (unencoded, may be binary) + challen the length of the challenge data, in bytes Returns: OK on success BAD64 if response too large for buffer @@ -167,18 +168,20 @@ if (!ss) len = Ustrlen(ss); /* The character ^ is used as an escape for a binary zero character, which is -needed for the PLAIN mechanism. It must be doubled if really needed. */ +needed for the PLAIN mechanism. It must be doubled if really needed. + +The parsing ambiguity of ^^^ is taken as ^^ -> ^ ; ^ -> NUL - and there is +no way to get a leading ^ after a NUL. We would need to intro new syntax to +support that (probably preferring to take a more-standard exim list as a source +and concat the elements with intervening NULs. Either a magic marker on the +source string for client_send, or a new option). */ for (int i = 0; i < len; i++) if (ss[i] == '^') if (ss[i+1] != '^') ss[i] = 0; else - { - i++; - len--; - memmove(ss + i, ss + i + 1, len - i); - } + if (--len > i+1) memmove(ss + i + 1, ss + i + 2, len - i); /* The first string is attached to the AUTH command; others are sent unembellished. */ @@ -197,7 +200,7 @@ else has succeeded. There may be more data to send, but is there any point in provoking an error here? */ -if (smtp_read_response(sx, US buffer, buffsize, '2', timeout)) +if (smtp_read_response(sx, buffer, buffsize, '2', timeout)) { *inout = NULL; return OK;