Re: [exim-dev] [Debian #299743] exim4: Only try configured m…

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Marc Haber
CC: Juergen Kreileder, exim-dev, Matthew Byng-Maddick
Subject: Re: [exim-dev] [Debian #299743] exim4: Only try configured mechs in cyrus_sasl authenticator
On Mon, 4 Apr 2005, Marc Haber wrote:

> On Mon, Apr 04, 2005 at 10:01:48AM +0100, Philip Hazel wrote:
> > That one I *have* lost. I recall seeing discussing going on, and I was
> > waiting for some outcome, and probably overlooked it. Please send the
> > patch again.
>
> Here it is. Author is Jürgen Kreileder


Thanks. Turns out I hadn't lost it after all. It was still in my
"exim-dev" inbox, waiting to be processed. Anyway, I have applied the
patch, but modified it slightly. See below. Trivial tests work, so I
assume that all is well.

-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book:    http://www.uit.co.uk/exim-book



*** exim-4.50/src/auths/cyrus_sasl.c        Thu Feb 17 14:49:11 2005
--- auths/cyrus_sasl.c    Tue Apr  5 15:22:56 2005
***************
*** 71,88 ****
  enable consistency checks to be done, or anything else that needs
  to be set up. */


  void
  auth_cyrus_sasl_init(auth_instance *ablock)
  {
  auth_cyrus_sasl_options_block *ob =
    (auth_cyrus_sasl_options_block *)(ablock->options_block);
- sasl_callback_t cbs[]={{SASL_CB_LIST_END, NULL, NULL}};
- sasl_conn_t *conn;
  uschar *list, *listptr, *buffer;
  int rc, i;
  unsigned int len;
  uschar *rs_point;


  /* default the mechanism to our "public name" */
  if(ob->server_mech == NULL)
    ob->server_mech=string_copy(ablock->public_name);
--- 71,112 ----
  enable consistency checks to be done, or anything else that needs
  to be set up. */


+ 
+ /* Auxiliary function, passed in data to sasl_server_init(). */
+ 
+ static int 
+ mysasl_config(void *context, 
+               const char *plugin_name,
+               const char *option,
+               const char **result,
+               unsigned int *len)
+ {
+ if (context && !strcmp(option, "mech_list")) 
+   {
+   *result = context;
+   if (len != NULL) *len = strlen(*result);
+   return SASL_OK;
+   }
+ return SASL_FAIL;
+ }
+ 
+ /* Here's the real function */
+ 
  void
  auth_cyrus_sasl_init(auth_instance *ablock)
  {
  auth_cyrus_sasl_options_block *ob =
    (auth_cyrus_sasl_options_block *)(ablock->options_block);
  uschar *list, *listptr, *buffer;
  int rc, i;
  unsigned int len;
  uschar *rs_point;


+ sasl_conn_t *conn;
+ sasl_callback_t cbs[]={
+   {SASL_CB_GETOPT, NULL, NULL },
+   {SASL_CB_LIST_END, NULL, NULL}};
+ 
  /* default the mechanism to our "public name" */
  if(ob->server_mech == NULL)
    ob->server_mech=string_copy(ablock->public_name);
***************
*** 90,96 ****
--- 114,125 ----
  /* we're going to initialise the library to check that there is an
   * authenticator of type whatever mechanism we're using
   */
+ 
+ cbs[0].proc = &mysasl_config;
+ cbs[0].context = ob->server_mech; 
+  
  rc=sasl_server_init(cbs, "exim");
+ 
  if( rc != SASL_OK )
    log_write(0, LOG_PANIC_DIE|LOG_CONFIG_FOR, "%s authenticator:  "
        "couldn't initialise Cyrus SASL library.", ablock->name);