gsasl_property_set(sctx, GSASL_QOPS, "qop-auth");
#ifndef DISABLE_TLS
-if (tls_channelbinding_b64)
+if (tls_in.channelbinding)
{
/* Some auth mechanisms can ensure that both sides are talking withing the
same security context; for TLS, this means that even if a bad certificate
HDEBUG(D_auth) debug_printf("Auth %s: Enabling channel-binding\n",
ablock->name);
gsasl_property_set(sctx, GSASL_CB_TLS_UNIQUE,
- CCS tls_channelbinding_b64);
+ CCS tls_in.channelbinding);
}
else
HDEBUG(D_auth)
case GSASL_VALIDATE_SIMPLE:
/* GSASL_AUTHID, GSASL_AUTHZID, and GSASL_PASSWORD */
propval = US gsasl_property_fast(sctx, GSASL_AUTHID);
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ auth_vars[0] = expand_nstring[1] = propval ? string_copy(propval) : US"";
propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
- auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+ auth_vars[1] = expand_nstring[2] = propval ? string_copy(propval) : US"";
propval = US gsasl_property_fast(sctx, GSASL_PASSWORD);
- auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
+ auth_vars[2] = expand_nstring[3] = propval ? string_copy(propval) : US"";
expand_nmax = 3;
for (int i = 1; i <= 3; ++i)
expand_nlength[i] = Ustrlen(expand_nstring[i]);
propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
/* We always set $auth1, even if only to empty string. */
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ auth_vars[0] = expand_nstring[1] = propval ? string_copy(propval) : US"";
expand_nlength[1] = Ustrlen(expand_nstring[1]);
expand_nmax = 1;
/* We always set $auth1, even if only to empty string. */
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ auth_vars[0] = expand_nstring[1] = propval ? string_copy(propval) : US"";
expand_nlength[1] = Ustrlen(expand_nstring[1]);
expand_nmax = 1;
switched to match the ordering of GSASL_VALIDATE_SIMPLE. */
propval = US gsasl_property_fast(sctx, GSASL_GSSAPI_DISPLAY_NAME);
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ auth_vars[0] = expand_nstring[1] = propval ? string_copy(propval) : US"";
propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
- auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+ auth_vars[1] = expand_nstring[2] = propval ? string_copy(propval) : US"";
expand_nmax = 2;
for (int i = 1; i <= 2; ++i)
expand_nlength[i] = Ustrlen(expand_nstring[i]);
checked_server_condition = TRUE;
break;
+ case GSASL_SCRAM_ITER:
+ if (ob->server_scram_iter)
+ {
+ tmps = CS expand_string(ob->server_scram_iter);
+ gsasl_property_set(sctx, GSASL_SCRAM_ITER, tmps);
+ cbrc = GSASL_OK;
+ }
+ break;
+
+ case GSASL_SCRAM_SALT:
+ if (ob->server_scram_iter)
+ {
+ tmps = CS expand_string(ob->server_scram_salt);
+ gsasl_property_set(sctx, GSASL_SCRAM_SALT, tmps);
+ cbrc = GSASL_OK;
+ }
+ break;
+
case GSASL_PASSWORD:
/* DIGEST-MD5: GSASL_AUTHID, GSASL_AUTHZID and GSASL_REALM
CRAM-MD5: GSASL_AUTHID
point of SASL. */
propval = US gsasl_property_fast(sctx, GSASL_AUTHID);
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ auth_vars[0] = expand_nstring[1] = propval ? string_copy(propval) : US"";
propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
- auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+ auth_vars[1] = expand_nstring[2] = propval ? string_copy(propval) : US"";
propval = US gsasl_property_fast(sctx, GSASL_REALM);
- auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
+ auth_vars[2] = expand_nstring[3] = propval ? string_copy(propval) : US"";
expand_nmax = 3;
for (int i = 1; i <= 3; ++i)
expand_nlength[i] = Ustrlen(expand_nstring[i]);