[dovecot-cvs] dovecot/src/auth mech-digest-md5.c,1.37,1.38
cras at dovecot.org
cras at dovecot.org
Fri Feb 24 12:05:18 EET 2006
Update of /var/lib/cvs/dovecot/src/auth
In directory talvi:/tmp/cvs-serv19543/src/auth
Modified Files:
mech-digest-md5.c
Log Message:
If no realms are given in configuration file, advertise an empty realm. Also
if realms are given and client sends an invalid realm, write the realm to
log.
Index: mech-digest-md5.c
===================================================================
RCS file: /var/lib/cvs/dovecot/src/auth/mech-digest-md5.c,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -d -r1.37 -r1.38
--- mech-digest-md5.c 13 Jan 2006 20:25:57 -0000 1.37
+++ mech-digest-md5.c 24 Feb 2006 10:05:16 -0000 1.38
@@ -9,11 +9,14 @@
#include "md5.h"
#include "randgen.h"
#include "str.h"
+#include "str-sanitize.h"
#include "mech.h"
#include "passdb.h"
#include <stdlib.h>
+#define MAX_REALM_LEN 64
+
/* Linear whitespace */
#define IS_LWS(c) ((c) == ' ' || (c) == '\t')
@@ -86,9 +89,13 @@
str = t_str_new(256);
- for (tmp = auth->auth_realms; *tmp != NULL; tmp++) {
- str_printfa(str, "realm=\"%s\"", *tmp);
- str_append_c(str, ',');
+ if (*auth->auth_realms == NULL) {
+ /* If no realms are given, at least Cyrus SASL client defaults
+ to destination host name */
+ str_append(str, "realm=\"\",");
+ } else {
+ for (tmp = auth->auth_realms; *tmp != NULL; tmp++)
+ str_printfa(str, "realm=\"%s\",", *tmp);
}
str_printfa(str, "nonce=\"%s\",", request->nonce);
@@ -232,7 +239,7 @@
tmp = request->auth_request.auth->auth_realms;
for (; *tmp != NULL; tmp++) {
- if (strcasecmp(realm, *tmp) == 0)
+ if (strcmp(realm, *tmp) == 0)
return TRUE;
}
@@ -295,13 +302,14 @@
static bool auth_handle_response(struct digest_auth_request *request,
char *key, char *value, const char **error)
{
- int i;
+ unsigned int i;
str_lcase(key);
if (strcmp(key, "realm") == 0) {
if (!verify_realm(request, value)) {
- *error = "Invalid realm";
+ *error = t_strdup_printf("Invalid realm: %s",
+ str_sanitize(value, MAX_REALM_LEN));
return FALSE;
}
if (request->realm == NULL && *value != '\0')
@@ -472,8 +480,6 @@
authzid="authzid-value"
*/
- t_push();
-
*error = NULL;
failed = FALSE;
@@ -508,8 +514,6 @@
if (request->qop_value == NULL)
request->qop_value = p_strdup(request->pool, "auth");
- t_pop();
-
return !failed;
}
More information about the dovecot-cvs
mailing list