diff options
author | Eduardo Chappa <chappa@washington.edu> | 2020-02-19 00:39:42 -0700 |
---|---|---|
committer | Eduardo Chappa <chappa@washington.edu> | 2020-02-19 00:39:42 -0700 |
commit | cd53b13aa5acaecb776c82cd6566122a6893240d (patch) | |
tree | 4e811c0dfdebf647b564f4f9659c388c87a44f4c /imap/src/c-client/auth_pla.c | |
parent | 8781af1dfc9fdc1fbc08b281cc418bee8dde604d (diff) | |
download | alpine-cd53b13aa5acaecb776c82cd6566122a6893240d.tar.xz |
* Added support for SALS-IR (rfc 4959) and similar support for other
protocols (SMTP, NNTP, POP3) as some SMTP servers do not support a
round-trip two step authentication. For example, davmail does not
support PLAIN authentication in SMTP using the challenge-response
scheme. Implemented after a report by Geoffrey Bodwin.
Diffstat (limited to 'imap/src/c-client/auth_pla.c')
-rw-r--r-- | imap/src/c-client/auth_pla.c | 20 |
1 files changed, 10 insertions, 10 deletions
diff --git a/imap/src/c-client/auth_pla.c b/imap/src/c-client/auth_pla.c index 6b58948a..befd7f8c 100644 --- a/imap/src/c-client/auth_pla.c +++ b/imap/src/c-client/auth_pla.c @@ -27,13 +27,13 @@ * Last Edited: 30 August 2006 */ -long auth_plain_client (authchallenge_t challenger,authrespond_t responder, +long auth_plain_client (authchallenge_t challenger,authrespond_t responder,char *base, char *service,NETMBX *mb,void *stream, unsigned long port, unsigned long *trial,char *user); char *auth_plain_server (authresponse_t responder,int argc,char *argv[]); AUTHENTICATOR auth_pla = { - AU_AUTHUSER | AU_HIDE, /* allow authuser, hidden */ + AU_AUTHUSER | AU_HIDE | AU_SINGLE, /* allow authuser, hidden, single trip */ "PLAIN", /* authenticator name */ NIL, /* always valid */ auth_plain_client, /* client method */ @@ -52,30 +52,30 @@ AUTHENTICATOR auth_pla = { * Returns: T if success, NIL otherwise, number of trials incremented if retry */ -long auth_plain_client (authchallenge_t challenger,authrespond_t responder, +long auth_plain_client (authchallenge_t challenger,authrespond_t responder,char *base, char *service,NETMBX *mb,void *stream, unsigned long port, unsigned long *trial,char *user) { char *u, *pwd = NIL; - void *challenge; + void *challenge = NIL; unsigned long clen; long ret = NIL; /* snarl if not SSL/TLS session */ if (!mb->sslflag && !mb->tlsflag) mm_log ("SECURITY PROBLEM: insecure server advertised AUTH=PLAIN",WARN); /* get initial (empty) challenge */ - if ((challenge = (*challenger) (stream,&clen)) != NULL) { - fs_give ((void **) &challenge); + if(base || (challenge = (*challenger) (stream,&clen)) != NULL) { + if(base == NIL) fs_give ((void **) &challenge); #if 0 - if (clen) { /* abort if challenge non-empty */ + if (clen) { /* abort if challenge non-empty */ mm_log ("Server bug: non-empty initial PLAIN challenge",WARN); (*responder) (stream,NIL,0); - ret = LONGT; /* will get a BAD response back */ + ret = LONGT; /* will get a BAD response back */ } #endif mm_login (mb,user, &pwd,*trial); if (!pwd) { /* empty challenge or user requested abort */ - (*responder) (stream,NIL,0); + (*responder) (stream,NIL,NIL,0); *trial = 0; /* cancel subsequent attempts */ ret = LONGT; /* will get a BAD response back */ } @@ -92,7 +92,7 @@ long auth_plain_client (authchallenge_t challenger,authrespond_t responder, /* copy password */ for (u = pwd; *u; *t++ = *u++); /* send credentials */ - if ((*responder) (stream,response,rlen)) { + if ((*responder) (stream,base,response,rlen)) { if ((challenge = (*challenger) (stream,&clen)) != NULL) fs_give ((void **) &challenge); else { |