From: Phil Pennock Date: Fri, 25 May 2012 09:01:39 +0000 (-0400) Subject: Cyrus SASL auth: SSF retrieval was incorrect. X-Git-Tag: exim-4_80_RC6~12 X-Git-Url: https://git.exim.org/exim.git/commitdiff_plain/16880d1a95a51a8b57692b216512e8cbb7cc917d Cyrus SASL auth: SSF retrieval was incorrect. Exim thought protection layer was required, which is not implemented. Patch from Wolfgang Breyha. Fixes bug 1254 --- diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index b7a6a00e4..e7b807e3c 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -154,6 +154,10 @@ PP/36 Define _GNU_SOURCE in exim.h; it's needed for some releases of conflicts. Defined before os.h is pulled in, so if a given platform needs to override this, it can. +PP/37 Unbreak Cyrus SASL auth: SSF retrieval was incorrect, Exim thought + protection layer was required, which is not implemented. + Bugzilla 1254, patch from Wolfgang Breyha. + Exim version 4.77 ----------------- diff --git a/src/src/auths/cyrus_sasl.c b/src/src/auths/cyrus_sasl.c index 8c66b8f76..9b80f8d83 100644 --- a/src/src/auths/cyrus_sasl.c +++ b/src/src/auths/cyrus_sasl.c @@ -205,7 +205,7 @@ uschar *debug = NULL; /* Stops compiler complaining */ sasl_callback_t cbs[]={{SASL_CB_LIST_END, NULL, NULL}}; sasl_conn_t *conn; char *realm_expanded; -int rc, firsttime=1, clen, negotiated_ssf; +int rc, firsttime=1, clen, *negotiated_ssf_ptr=NULL, negotiated_ssf; unsigned int inlen, outlen; input=data; @@ -258,7 +258,7 @@ if( rc != SASL_OK ) if (tls_cipher) { - rc = sasl_setprop(conn, SASL_SSF_EXTERNAL, &tls_bits); + rc = sasl_setprop(conn, SASL_SSF_EXTERNAL, (sasl_ssf_t *) &tls_bits); if (rc != SASL_OK) { HDEBUG(D_auth) debug_printf("Cyrus SASL EXTERNAL SSF set %d failed: %s\n", @@ -392,7 +392,7 @@ while(rc==SASL_CONTINUE) debug_printf("Cyrus SASL %s authentication succeeded for %s\n", ob->server_mech, auth_vars[0]); - rc = sasl_getprop(conn, SASL_SSF, (const void **)(&negotiated_ssf)); + rc = sasl_getprop(conn, SASL_SSF, (const void **)(&negotiated_ssf_ptr)); if (rc != SASL_OK) { HDEBUG(D_auth) @@ -405,6 +405,7 @@ while(rc==SASL_CONTINUE) sasl_done(); return FAIL; } + negotiated_ssf = *negotiated_ssf_ptr; HDEBUG(D_auth) debug_printf("Cyrus SASL %s negotiated SSF: %d\n", ob->server_mech, negotiated_ssf); if (negotiated_ssf > 0)