diff options
| author | Eduardo Chappa <chappa@washington.edu> | 2019-10-27 17:57:47 -0600 |
|---|---|---|
| committer | Eduardo Chappa <chappa@washington.edu> | 2019-10-27 17:57:47 -0600 |
| commit | bb598d500bcce509fa48ee7134ae632459cf1735 (patch) | |
| tree | 929c543cce35544924f189e3c667084154ceee61 | |
| parent | fe5ffafc188fe02e8a8c11dad1b8747f0ac17ff2 (diff) | |
| download | alpine-bb598d500bcce509fa48ee7134ae632459cf1735.tar.xz | |
* Fix a bug in commit 418e8bc5789d... which made Alpine ignore a challenge
during authentication using CRAM-MD5. The intention was to ignore the
challenge in the PLAIN authentication. This made Alpine fail to
authenticate when using the CRAM-MD5 authenticator. Reported by Stefan
Mueller.
| -rw-r--r-- | imap/src/c-client/auth_pla.c | 2 | ||||
| -rw-r--r-- | imap/src/c-client/smtp.c | 12 | ||||
| -rw-r--r-- | pith/pine.hlp | 2 |
3 files changed, 8 insertions, 8 deletions
diff --git a/imap/src/c-client/auth_pla.c b/imap/src/c-client/auth_pla.c index 6cc26c7..7888b23 100644 --- a/imap/src/c-client/auth_pla.c +++ b/imap/src/c-client/auth_pla.c @@ -65,11 +65,13 @@ long auth_plain_client (authchallenge_t challenger,authrespond_t responder, /* get initial (empty) challenge */ if ((challenge = (*challenger) (stream,&clen)) != NULL) { fs_give ((void **) &challenge); +#if 0 if (clen) { /* abort if challenge non-empty */ mm_log ("Server bug: non-empty initial PLAIN challenge",WARN); (*responder) (stream,NIL,0); ret = LONGT; /* will get a BAD response back */ } +#endif mm_login (mb,user, &pwd,*trial); if (!pwd) { /* empty challenge or user requested abort */ (*responder) (stream,NIL,0); diff --git a/imap/src/c-client/smtp.c b/imap/src/c-client/smtp.c index c79d9cf..d1c9a7c 100644 --- a/imap/src/c-client/smtp.c +++ b/imap/src/c-client/smtp.c @@ -357,14 +357,12 @@ void *smtp_challenge (void *s,unsigned long *len) char tmp[MAILTMPLEN]; void *ret = NIL; SENDSTREAM *stream = (SENDSTREAM *) s; - if (stream->replycode == SMTPAUTHREADY){ - if(!(ret = rfc822_base64 ((unsigned char *) stream->reply + 4, + if ((stream->replycode == SMTPAUTHREADY) && + !(ret = rfc822_base64 ((unsigned char *) stream->reply + 4, strlen (stream->reply + 4),len))) { - sprintf (tmp,"SMTP SERVER BUG (invalid challenge, continuing): %.80s",stream->reply+4); - mm_log (tmp,ERROR); - ret = cpystr(""); /* This is silly: fake a reply, it will be ignored */ - } - *len = 0L; /* This is even sillier, fake challenge is empty... */ + sprintf (tmp,"SMTP SERVER BUG (invalid challenge, continuing): %.80s",stream->reply+4); + mm_log (tmp,ERROR); + ret = cpystr(""); /* This is silly: fake a reply, it will be ignored */ } return ret; } diff --git a/pith/pine.hlp b/pith/pine.hlp index 5219650..2e7438a 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 373 2019-10-08 21:05:01 +Alpine Commit 374 2019-10-27 17:57:41 ============= h_news ================= <HTML> <HEAD> |