[exim-cvs] Fix dovecot with empty 334 challenge.

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Exim Git Commits Mailing List
Dátum:  
Címzett: exim-cvs
Tárgy: [exim-cvs] Fix dovecot with empty 334 challenge.
Gitweb: http://git.exim.org/exim.git/commitdiff/970ba64f07bf5523c7098235664f2ce02962a128
Commit:     970ba64f07bf5523c7098235664f2ce02962a128
Parent:     12d0043db4d843869ed6e85dcb1c87c17bc8b82e
Author:     Phil Pennock <pdp@???>
AuthorDate: Mon Sep 30 00:57:07 2013 -0400
Committer:  Phil Pennock <pdp@???>
CommitDate: Mon Sep 30 00:57:07 2013 -0400


    Fix dovecot with empty 334 challenge.


    Thomas Morper reported, with 4.82RC1, that he saw "334 NULL" as the
    challenge when using AUTH PLAIN to Dovecot when the client does not send
    an initial response.  I could replicate.


    This was caused by commit 3f1df0e3 on 2012-11-19 (PP/13 of 4.82); I was
    too cautious in the robustness fixes; the clue came in this line of
    debug output:


        76430 dovecot: warning: ignoring trailing tab


    This change removes that check, and documents in a comment that this
    input is acceptable protocol-wise, and why.


    With this fix:


        AUTH PLAIN
        334
        AGZyZWRlcmljAGh1bXB0eS1kdW1wdHk=
        235 Authentication succeeded
---
 src/src/auths/dovecot.c |   17 +++++++----------
 1 files changed, 7 insertions(+), 10 deletions(-)


diff --git a/src/src/auths/dovecot.c b/src/src/auths/dovecot.c
index 032a089..94b3152 100644
--- a/src/src/auths/dovecot.c
+++ b/src/src/auths/dovecot.c
@@ -118,7 +118,6 @@ static int
 strcut(uschar *str, uschar **ptrs, int nptrs)
 {
        uschar *last_sub_start = str;
-       uschar *lastvalid = str + Ustrlen(str);
        int n;


        for (n = 0; n < nptrs; n++)
@@ -137,16 +136,14 @@ strcut(uschar *str, uschar **ptrs, int nptrs)
                str++;
        }


-       if (last_sub_start < lastvalid) {
-              if (n <= nptrs) {
-                       *ptrs = last_sub_start;
-               } else {
-                       HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs);
-                       n = nptrs;
-              }
+       /* It's acceptable for the string to end with a tab character.  We see
+       this in AUTH PLAIN without an initial response from the client, which
+       causing us to send "334 " and get the data from the client. */
+       if (n <= nptrs) {
+               *ptrs = last_sub_start;
        } else {
-              n--;
-              HDEBUG(D_auth) debug_printf("dovecot: warning: ignoring trailing tab\n");
+               HDEBUG(D_auth) debug_printf("dovecot: warning: too many results from tab-splitting; saw %d fields, room for %d\n", n, nptrs);
+               n = nptrs;
        }


        return n <= nptrs ? n : nptrs;