* Ignore non-empty initial challenge in the GSSAPI authenticator.

    Some SMTP servers send a non-empty initial challenge, causing
    Alpine to cancel the authentication (in accordance to RFC).
    Patch was submitted by Ignacio Reguero, but written by Jarek Polok,
    to the re-alpine project (see https://sourceforge.net/p/re-alpine/bugs/16/)
    Patch was resubmitted here, but the code was modified in an
    equivalent but different way.

1 files changed, 4 insertions, 1 deletions

diff --git a/imap/src/c-client/auth_gss.c b/imap/src/c-client/auth_gss.c
index 4ed612c..52cf6d9 100644
--- a/imap/src/c-client/auth_gss.c
+++ b/imap/src/c-client/auth_gss.c
@@ -100,12 +100,15 @@ responder,char *base,
   *trial = 65535;		/* never retry */
 				/* get initial (empty) challenge */
   if ((chal.value = (*challenger) (stream,(unsigned long *) &chal.length)) != NULL) {
+#if 0				/* ignore non-empty challenge */
     if (chal.length) {		/* abort if challenge non-empty */
       mm_log ("Server bug: non-empty initial GSSAPI challenge",WARN);
       (*responder) (stream,NIL,NIL,0);
       ret = LONGT;		/* will get a BAD response back */
     }
-    else if (mb->authuser[0] && strcmp (mb->authuser,myusername ())) {
+    else
+#endif /* if 0 */
+    if (mb->authuser[0] && strcmp (mb->authuser,myusername ())) {
       mm_log ("Can't use Kerberos: invalid /authuser",WARN);
       (*responder) (stream,NIL,NIL,0);
       ret = LONGT;		/* will get a BAD response back */