diff options
| author | Eduardo Chappa <chappa@washington.edu> | 2020-08-27 20:15:48 -0600 |
|---|---|---|
| committer | Eduardo Chappa <chappa@washington.edu> | 2020-08-27 20:15:48 -0600 |
| commit | 116585bd28c0dbe4c4663229eb64755545601e6c (patch) | |
| tree | 7db6712f433b2c1d6084ef98f38ab4d78161022f | |
| parent | 6a37360355f253c2e6719d40f932534ed2607658 (diff) | |
| download | alpine-116585bd28c0dbe4c4663229eb64755545601e6c.tar.xz | |
* Ignore non-empty initial challenge in the GSSAPI authenticator.
Some SMTP servers send a non-empty initial challenge, causing
Alpine to cancel the authentication (in accordance to RFC).
Patch was submitted by Ignacio Reguero, but written by Jarek Polok,
to the re-alpine project (see https://sourceforge.net/p/re-alpine/bugs/16/)
Patch was resubmitted here, but the code was modified in an
equivalent but different way.
| -rw-r--r-- | imap/src/c-client/auth_gss.c | 5 | ||||
| -rw-r--r-- | pith/pine.hlp | 5 |
2 files changed, 8 insertions, 2 deletions
diff --git a/imap/src/c-client/auth_gss.c b/imap/src/c-client/auth_gss.c index 4ed612c2..52cf6d9d 100644 --- a/imap/src/c-client/auth_gss.c +++ b/imap/src/c-client/auth_gss.c @@ -100,12 +100,15 @@ responder,char *base, *trial = 65535; /* never retry */ /* get initial (empty) challenge */ if ((chal.value = (*challenger) (stream,(unsigned long *) &chal.length)) != NULL) { +#if 0 /* ignore non-empty challenge */ if (chal.length) { /* abort if challenge non-empty */ mm_log ("Server bug: non-empty initial GSSAPI challenge",WARN); (*responder) (stream,NIL,NIL,0); ret = LONGT; /* will get a BAD response back */ } - else if (mb->authuser[0] && strcmp (mb->authuser,myusername ())) { + else +#endif /* if 0 */ + if (mb->authuser[0] && strcmp (mb->authuser,myusername ())) { mm_log ("Can't use Kerberos: invalid /authuser",WARN); (*responder) (stream,NIL,NIL,0); ret = LONGT; /* will get a BAD response back */ diff --git a/pith/pine.hlp b/pith/pine.hlp index d9c34c59..d4810a6d 100644 --- a/pith/pine.hlp +++ b/pith/pine.hlp @@ -140,7 +140,7 @@ with help text for the config screen and the composer that didn't have any reasonable place to be called from. Dummy change to get revision in pine.hlp ============= h_revision ================= -Alpine Commit 503 2020-08-13 09:42:11 +Alpine Commit 504 2020-08-27 20:15:43 ============= h_news ================= <HTML> <HEAD> @@ -249,6 +249,9 @@ problems you find with this release. and <A HREF="h_config_user_certs_file"><!--#echo var="VAR_user-certs-file"--></A> which allow a user to specify locations for certificates that the user trusts. + +<LI> Ignore non-empty initial challenge in the GSSAPI authenticaor. Based + on a patch written by Jarek Polok, but submitted by Ignacio Reguero. </UL> <P> |