git://git.exim.org
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
tidying
[exim.git]
/
src
/
src
/
auths
/
cram_md5.c
diff --git
a/src/src/auths/cram_md5.c
b/src/src/auths/cram_md5.c
index 60128b83ec4f882be6d59b8650458897fbd458ed..5817be7c93667239d18f28112687e0a57e78d25a 100644
(file)
--- a/
src/src/auths/cram_md5.c
+++ b/
src/src/auths/cram_md5.c
@@
-2,10
+2,10
@@
* Exim - an Internet mail transport agent *
*************************************************/
* Exim - an Internet mail transport agent *
*************************************************/
+/* Copyright (c) The Exim Maintainers 2020 - 2023 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
/* Copyright (c) University of Cambridge 1995 - 2018 */
-/* Copyright (c) The Exim Maintainers 2020 */
/* See the file NOTICE for conditions of use and distribution. */
/* See the file NOTICE for conditions of use and distribution. */
-/* SPDX-License-Identifier: GPL-2.0-o
nly
*/
+/* SPDX-License-Identifier: GPL-2.0-o
r-later
*/
/* The stand-alone version just tests the algorithm. We have to drag
/* The stand-alone version just tests the algorithm. We have to drag
@@
-13,15
+13,17
@@
in the MD5 computation functions, without their own stand-alone main
program. */
#ifdef STAND_ALONE
program. */
#ifdef STAND_ALONE
-#define CRAM_STAND_ALONE
-#include "md5.c"
+#
define CRAM_STAND_ALONE
+#
include "md5.c"
/* This is the normal, non-stand-alone case */
#else
/* This is the normal, non-stand-alone case */
#else
-#include "../exim.h"
-#include "cram_md5.h"
+# include "../exim.h"
+
+# ifdef AUTH_CRAM_MD5
+# include "cram_md5.h"
/* Options specific to the cram_md5 authentication mechanism. */
/* Options specific to the cram_md5 authentication mechanism. */
@@
-49,7
+51,7
@@
auth_cram_md5_options_block auth_cram_md5_option_defaults = {
};
};
-#ifdef MACRO_PREDEF
+#
ifdef MACRO_PREDEF
/* Dummy values */
void auth_cram_md5_init(auth_instance *ablock) {}
/* Dummy values */
void auth_cram_md5_init(auth_instance *ablock) {}
@@
-57,7
+59,7
@@
int auth_cram_md5_server(auth_instance *ablock, uschar *data) {return 0;}
int auth_cram_md5_client(auth_instance *ablock, void *sx, int timeout,
uschar *buffer, int buffsize) {return 0;}
int auth_cram_md5_client(auth_instance *ablock, void *sx, int timeout,
uschar *buffer, int buffsize) {return 0;}
-#
else
/*!MACRO_PREDEF*/
+#
else
/*!MACRO_PREDEF*/
/*************************************************
/*************************************************
@@
-81,8
+83,9
@@
if (ob->client_secret != NULL)
}
}
}
}
-#endif /*!MACRO_PREDEF*/
-#endif /* STAND_ALONE */
+# endif /*!MACRO_PREDEF*/
+# endif /*AUTH_CRAM_MD5*/
+#endif /*!STAND_ALONE*/
@@
-154,7
+157,8
@@
md5_end(&base, md5secret, 16, digestptr);
}
}
-#ifndef STAND_ALONE
+# ifndef STAND_ALONE
+# ifdef AUTH_CRAM_MD5
/*************************************************
* Server entry point *
/*************************************************
* Server entry point *
@@
-163,13
+167,13
@@
md5_end(&base, md5secret, 16, digestptr);
/* For interface, see auths/README */
int
/* For interface, see auths/README */
int
-auth_cram_md5_server(auth_instance *
ablock, uschar *
data)
+auth_cram_md5_server(auth_instance *
ablock, uschar *
data)
{
{
-auth_cram_md5_options_block *ob =
+auth_cram_md5_options_block *
ob =
(auth_cram_md5_options_block *)(ablock->options_block);
(auth_cram_md5_options_block *)(ablock->options_block);
-uschar *challenge = string_sprintf("<%d.%ld@%s>", getpid(),
+uschar *
challenge = string_sprintf("<%d.%ld@%s>", getpid(),
(long int) time(NULL), primary_hostname);
(long int) time(NULL), primary_hostname);
-uschar *
clear, *
secret;
+uschar *
clear, *
secret;
uschar digest[16];
int i, rc, len;
uschar digest[16];
int i, rc, len;
@@
-186,7
+190,7
@@
if (*data) return UNEXPECTED;
/* Send the challenge, read the return */
if ((rc = auth_get_data(&data, challenge, Ustrlen(challenge))) != OK) return rc;
/* Send the challenge, read the return */
if ((rc = auth_get_data(&data, challenge, Ustrlen(challenge))) != OK) return rc;
-if ((len = b64decode(data, &clear)) < 0) return BAD64;
+if ((len = b64decode(data, &clear
, GET_TAINTED
)) < 0) return BAD64;
/* The return consists of a user name, space-separated from the CRAM-MD5
digest, expressed in hex. Extract the user name and put it in $auth1 and $1.
/* The return consists of a user name, space-separated from the CRAM-MD5
digest, expressed in hex. Extract the user name and put it in $auth1 and $1.
@@
-194,7
+198,7
@@
The former is now the preferred variable; the latter is the original one. Then
check that the remaining length is 32. */
auth_vars[0] = expand_nstring[1] = clear;
check that the remaining length is 32. */
auth_vars[0] = expand_nstring[1] = clear;
-
while (*clear && !isspace(*clear)) clear++
;
+
Uskip_nonwhite(&clear)
;
if (!isspace(*clear)) return FAIL;
*clear++ = 0;
if (!isspace(*clear)) return FAIL;
*clear++ = 0;
@@
-298,7
+302,7
@@
if (smtp_write_command(sx, SCMD_FLUSH, "AUTH %s\r\n", ablock->public_name) < 0)
if (!smtp_read_response(sx, buffer, buffsize, '3', timeout))
return FAIL;
if (!smtp_read_response(sx, buffer, buffsize, '3', timeout))
return FAIL;
-if (b64decode(buffer + 4, &challenge) < 0)
+if (b64decode(buffer + 4, &challenge
, buffer + 4
) < 0)
{
string_format(buffer, buffsize, "bad base 64 string in challenge: %s",
big_buffer + 4);
{
string_format(buffer, buffsize, "bad base 64 string in challenge: %s",
big_buffer + 4);
@@
-329,7
+333,8
@@
if (smtp_write_command(sx, SCMD_FLUSH, "%s\r\n", b64encode(CUS big_buffer,
return smtp_read_response(sx, US buffer, buffsize, '2', timeout)
? OK : FAIL;
}
return smtp_read_response(sx, US buffer, buffsize, '2', timeout)
? OK : FAIL;
}
-#endif /* STAND_ALONE */
+# endif /*AUTH_CRAM_MD5*/
+# endif /*!STAND_ALONE*/
/*************************************************
/*************************************************
@@
-338,7
+343,7
@@
return smtp_read_response(sx, US buffer, buffsize, '2', timeout)
**************************************************
*************************************************/
**************************************************
*************************************************/
-#ifdef STAND_ALONE
+#
ifdef STAND_ALONE
int main(int argc, char **argv)
{
int main(int argc, char **argv)
{
@@
-355,7
+360,7
@@
printf("\n");
return 0;
}
return 0;
}
-#
endif
+#
endif /*STAND_ALONE*/
#endif /*!MACRO_PREDEF*/
/* End of cram_md5.c */
#endif /*!MACRO_PREDEF*/
/* End of cram_md5.c */