Skip to content
Snippets Groups Projects
Commit 71e908a1 authored by Stephan Bosch's avatar Stephan Bosch
Browse files

managesieve-login: Fixed proxy to allow SASL mechanisms other than PLAIN. 

Also made sure that any capability-derived state information is reset properly before a new capability reply is to be parsed.
parent 2bb0c624
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
src/managesieve-login/client.h
+ 1
1
View file @ 71e908a1
......@@ -31,7 +31,7 @@ struct managesieve_client {
unsigned int auth_mech_name_parsed:1;
unsigned int proxy_starttls:1;
unsigned int proxy_sasl_plain:1;
unsigned int proxy_sasl:1;
unsigned int proxy_xclient:1;
};
......
src/managesieve-login/managesieve-proxy.c
+ 13
6
View file @ 71e908a1
......@@ -78,9 +78,11 @@ static int proxy_write_auth
i_assert(client->common.proxy_ttl > 1);
if ( !client->proxy_sasl_plain ) {
if ( !client->proxy_sasl ) {
/* Prevent sending credentials to a server that has login disabled;
i.e., due to the lack of TLS */
client_log_err(&client->common, "proxy: "
"Server does not support required PLAIN SASL mechanism");
"Server has disabled authentication (TLS required?)");
return -1;
}
......@@ -283,10 +285,10 @@ static int proxy_input_capability
if ( ret == 2 && managesieve_arg_get_string(&args[1], &sasl_mechs) ) {
const char *const *mechs = t_strsplit(sasl_mechs, " ");
if ( str_array_icase_find(mechs, "PLAIN") )
client->proxy_sasl_plain = TRUE;
else
client->proxy_sasl_plain = FALSE;
if ( *mechs != NULL ) {
/* At least one SASL mechanism is supported */
client->proxy_sasl = TRUE;
}
} else {
client_log_err(&client->common, "proxy: "
......@@ -404,6 +406,8 @@ int managesieve_proxy_parse_line(struct client *client, const char *line)
return -1;
}
msieve_client->proxy_sasl = FALSE;
msieve_client->proxy_xclient = FALSE;
msieve_client->proxy_state = MSIEVE_PROXY_STATE_TLS_READY;
return 1;
}
......@@ -538,6 +542,9 @@ void managesieve_proxy_reset(struct client *client)
struct managesieve_client *msieve_client =
(struct managesieve_client *) client;
msieve_client->proxy_starttls = FALSE;
msieve_client->proxy_sasl = FALSE;
msieve_client->proxy_xclient = FALSE;
msieve_client->proxy_state = MSIEVE_PROXY_STATE_NONE;
}
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Consent

On this website, we use the web analytics service Matomo to analyze and review the use of our website. Through the collected statistics, we can improve our offerings and make them more appealing for you. Here, you can decide whether to allow us to process your data and set corresponding cookies for these purposes, in addition to technically necessary cookies. Further information on data protection—especially regarding "cookies" and "Matomo"—can be found in our privacy policy. You can withdraw your consent at any time.