Gitweb:
http://git.exim.org/exim.git/commitdiff/16880d1a95a51a8b57692b216512e8cbb7cc917d
Commit: 16880d1a95a51a8b57692b216512e8cbb7cc917d
Parent: ab6dcfbe67abc6ed4a85be60510eb5fff58e170d
Author: Phil Pennock <pdp@???>
AuthorDate: Fri May 25 05:01:39 2012 -0400
Committer: Phil Pennock <pdp@???>
CommitDate: Fri May 25 05:01:39 2012 -0400
Cyrus SASL auth: SSF retrieval was incorrect.
Exim thought protection layer was required, which is not implemented.
Patch from Wolfgang Breyha.
Fixes bug 1254
---
doc/doc-txt/ChangeLog | 4 ++++
src/src/auths/cyrus_sasl.c | 7 ++++---
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index b7a6a00..e7b807e 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -154,6 +154,10 @@ PP/36 Define _GNU_SOURCE in exim.h; it's needed for some releases of
conflicts. Defined before os.h is pulled in, so if a given platform
needs to override this, it can.
+PP/37 Unbreak Cyrus SASL auth: SSF retrieval was incorrect, Exim thought
+ protection layer was required, which is not implemented.
+ Bugzilla 1254, patch from Wolfgang Breyha.
+
Exim version 4.77
-----------------
diff --git a/src/src/auths/cyrus_sasl.c b/src/src/auths/cyrus_sasl.c
index 8c66b8f..9b80f8d 100644
--- a/src/src/auths/cyrus_sasl.c
+++ b/src/src/auths/cyrus_sasl.c
@@ -205,7 +205,7 @@ uschar *debug = NULL; /* Stops compiler complaining */
sasl_callback_t cbs[]={{SASL_CB_LIST_END, NULL, NULL}};
sasl_conn_t *conn;
char *realm_expanded;
-int rc, firsttime=1, clen, negotiated_ssf;
+int rc, firsttime=1, clen, *negotiated_ssf_ptr=NULL, negotiated_ssf;
unsigned int inlen, outlen;
input=data;
@@ -258,7 +258,7 @@ if( rc != SASL_OK )
if (tls_cipher)
{
- rc = sasl_setprop(conn, SASL_SSF_EXTERNAL, &tls_bits);
+ rc = sasl_setprop(conn, SASL_SSF_EXTERNAL, (sasl_ssf_t *) &tls_bits);
if (rc != SASL_OK)
{
HDEBUG(D_auth) debug_printf("Cyrus SASL EXTERNAL SSF set %d failed: %s\n",
@@ -392,7 +392,7 @@ while(rc==SASL_CONTINUE)
debug_printf("Cyrus SASL %s authentication succeeded for %s\n",
ob->server_mech, auth_vars[0]);
- rc = sasl_getprop(conn, SASL_SSF, (const void **)(&negotiated_ssf));
+ rc = sasl_getprop(conn, SASL_SSF, (const void **)(&negotiated_ssf_ptr));
if (rc != SASL_OK)
{
HDEBUG(D_auth)
@@ -405,6 +405,7 @@ while(rc==SASL_CONTINUE)
sasl_done();
return FAIL;
}
+ negotiated_ssf = *negotiated_ssf_ptr;
HDEBUG(D_auth)
debug_printf("Cyrus SASL %s negotiated SSF: %d\n", ob->server_mech, negotiated_ssf);
if (negotiated_ssf > 0)
