* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2023 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
-/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
/* This code was originally contributed by Matthew Byng-Maddick */
within a shortlived child */
int
-auth_cyrus_sasl_server(auth_instance *ablock, uschar *data)
+auth_cyrus_sasl_server(auth_instance * ablock, uschar * data)
{
-auth_cyrus_sasl_options_block *ob =
+auth_cyrus_sasl_options_block * ob =
(auth_cyrus_sasl_options_block *)(ablock->options_block);
-uschar *output, *out2, *input, *clear, *hname;
-uschar *debug = NULL; /* Stops compiler complaining */
+uschar * output, * out2, * input, * clear, * hname;
+uschar * debug = NULL; /* Stops compiler complaining */
sasl_callback_t cbs[] = {{SASL_CB_LIST_END, NULL, NULL}};
-sasl_conn_t *conn;
+sasl_conn_t * conn;
char * realm_expanded = NULL;
-int rc, firsttime = 1, clen, *negotiated_ssf_ptr = NULL, negotiated_ssf;
+int rc, firsttime = 1, clen, * negotiated_ssf_ptr = NULL, negotiated_ssf;
unsigned int inlen, outlen;
input = data;
if (inlen)
{
- if ((clen = b64decode(input, &clear)) < 0)
+ if ((clen = b64decode(input, &clear, input)) < 0)
return BAD64;
input = clear;
inlen = clen;
}
inlen = Ustrlen(input);
- HDEBUG(D_auth) debug = string_copy(input);
+ HDEBUG(D_auth) debug = string_copy_taint(input, GET_TAINTED);
if (inlen)
{
- if ((clen = b64decode(input, &clear)) < 0)
+ if ((clen = b64decode(input, &clear, GET_TAINTED)) < 0)
{
sasl_dispose(&conn);
sasl_done();
HDEBUG(D_auth)
debug_printf("Cyrus SASL library will not tell us the username: %s\n",
sasl_errstring(rc, NULL, NULL));
- log_write(0, LOG_REJECT, "%s authenticator (%s):\n "
+ log_write(0, LOG_REJECT, "%s authenticator (%s): "
"Cyrus SASL username fetch problem: %s", ablock->name, ob->server_mech,
sasl_errstring(rc, NULL, NULL));
sasl_dispose(&conn);
/* these are considered permanent failure codes */
HDEBUG(D_auth)
debug_printf("Cyrus SASL permanent failure %d (%s)\n", rc, sasl_errstring(rc, NULL, NULL));
- log_write(0, LOG_REJECT, "%s authenticator (%s):\n "
+ log_write(0, LOG_REJECT, "%s authenticator (%s): "
"Cyrus SASL permanent failure: %s", ablock->name, ob->server_mech,
sasl_errstring(rc, NULL, NULL));
sasl_dispose(&conn);
HDEBUG(D_auth)
debug_printf("Cyrus SASL library will not tell us the SSF: %s\n",
sasl_errstring(rc, NULL, NULL));
- log_write(0, LOG_REJECT, "%s authenticator (%s):\n "
+ log_write(0, LOG_REJECT, "%s authenticator (%s): "
"Cyrus SASL SSF value not available: %s", ablock->name, ob->server_mech,
sasl_errstring(rc, NULL, NULL));
sasl_dispose(&conn);
{
HDEBUG(D_auth)
debug_printf("Exim does not implement SASL wrapping (needed for SSF %d).\n", negotiated_ssf);
- log_write(0, LOG_REJECT, "%s authenticator (%s):\n "
+ log_write(0, LOG_REJECT, "%s authenticator (%s): "
"Cyrus SASL SSF %d not supported by Exim", ablock->name, ob->server_mech, negotiated_ssf);
sasl_dispose(&conn);
sasl_done();