X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=src%2Fsrc%2Fauths%2Fspa.c;h=48ca879f26ea4b7ce33b3f26b52c95aef7c36644;hb=f656d13573661ac5a0d4fc49b932a3c961ee3eca;hp=31451344e544a14f7c33329cc04168ec60439e17;hpb=0756eb3cb50d73a77b486e47528f7cb1bffdb299;p=user%2Fhenk%2Fcode%2Fexim.git diff --git a/src/src/auths/spa.c b/src/src/auths/spa.c index 31451344e..48ca879f2 100644 --- a/src/src/auths/spa.c +++ b/src/src/auths/spa.c @@ -1,10 +1,10 @@ -/* $Cambridge: exim/src/src/auths/spa.c,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */ +/* $Cambridge: exim/src/src/auths/spa.c,v 1.4 2005/01/04 10:00:43 ph10 Exp $ */ /************************************************* * Exim - an Internet mail transport agent * *************************************************/ -/* Copyright (c) University of Cambridge 1995 - 2004 */ +/* Copyright (c) University of Cambridge 1995 - 2005 */ /* See the file NOTICE for conditions of use and distribution. */ /* This file, which provides support for Microsoft's Secure Password @@ -135,7 +135,7 @@ if (auth_get_no64_data(&data, US"NTLM supported") != OK) return FAIL; } -if (spa_base64_to_bits((char *)(&request), (const char *)(data)) < 0) +if (spa_base64_to_bits((char *)(&request), sizeof(request), (const char *)(data)) < 0) { DEBUG(D_auth) debug_printf("auth_spa_server(): bad base64 data in " "request: %s\n", data); @@ -155,7 +155,7 @@ if (auth_get_no64_data(&data, msgbuf) != OK) } /* dump client response */ -if (spa_base64_to_bits((char *)(&response), (const char *)(data)) < 0) +if (spa_base64_to_bits((char *)(&response), sizeof(response), (const char *)(data)) < 0) { DEBUG(D_auth) debug_printf("auth_spa_server(): bad base64 data in " "response: %s\n", data); @@ -258,19 +258,12 @@ auth_spa_client( char *domain = NULL; char *username, *password; - if (smtp_write_command(outblock, FALSE, "AUTH %s\r\n", - ablock->public_name) < 0) - return FAIL_SEND; - - /* wait for the 3XX OK message */ - if (!smtp_read_response(inblock, (uschar *)buffer, buffsize, '3', timeout)) - return FAIL; - /* Code added by PH to expand the options */ username = CS expand_string(ob->spa_username); if (username == NULL) { + if (expand_string_forcedfail) return CANCELLED; string_format(buffer, buffsize, "expansion of \"%s\" failed in %s " "authenticator: %s", ob->spa_username, ablock->name, expand_string_message); @@ -280,6 +273,7 @@ auth_spa_client( password = CS expand_string(ob->spa_password); if (password == NULL) { + if (expand_string_forcedfail) return CANCELLED; string_format(buffer, buffsize, "expansion of \"%s\" failed in %s " "authenticator: %s", ob->spa_password, ablock->name, expand_string_message); @@ -291,6 +285,7 @@ auth_spa_client( domain = CS expand_string(ob->spa_domain); if (domain == NULL) { + if (expand_string_forcedfail) return CANCELLED; string_format(buffer, buffsize, "expansion of \"%s\" failed in %s " "authenticator: %s", ob->spa_domain, ablock->name, expand_string_message); @@ -300,6 +295,14 @@ auth_spa_client( /* Original code */ + if (smtp_write_command(outblock, FALSE, "AUTH %s\r\n", + ablock->public_name) < 0) + return FAIL_SEND; + + /* wait for the 3XX OK message */ + if (!smtp_read_response(inblock, (uschar *)buffer, buffsize, '3', timeout)) + return FAIL; + DSPA("\n\n%s authenticator: using domain %s\n\n", ablock->name, domain); @@ -321,7 +324,7 @@ auth_spa_client( /* convert the challenge into the challenge struct */ DSPA("\n\n%s authenticator: challenge (%s)\n\n", ablock->name, buffer + 4); - spa_base64_to_bits ((char *)(&challenge), (const char *)(buffer + 4)); + spa_base64_to_bits ((char *)(&challenge), sizeof(challenge), (const char *)(buffer + 4)); spa_build_auth_response (&challenge, &response, CS username, CS password);