X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/0756eb3cb50d73a77b486e47528f7cb1bffdb299..1d28cc061677bd07d9bed48dd84bd5c590247043:/src/src/auths/auth-spa.h

diff --git a/src/src/auths/auth-spa.h b/src/src/auths/auth-spa.h
index 52394e570..db93891ab 100644
--- a/src/src/auths/auth-spa.h
+++ b/src/src/auths/auth-spa.h
@@ -1,5 +1,3 @@
-/* $Cambridge: exim/src/src/auths/auth-spa.h,v 1.1 2004/10/07 13:10:00 ph10 Exp $ */
-
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
@@ -11,6 +9,10 @@
  * All the code used here was torn by Marc Prud'hommeaux out of the
  * Samba project (by Andrew Tridgell, Jeremy Allison, and others).
  */
+/* SPDX-License-Identifier: GPL-2.0-or-later */
+
+/* December 2004: The spa_base64_to_bits() function has no length checking in
+it. I have added a check. PH */
 
 /* It seems that some systems have existing but different definitions of some
 of the following types. I received a complaint about "int16" causing
@@ -29,55 +31,55 @@ typedef unsigned char  uint8x;
 
 typedef struct
 {
-       uint16x	       len;
-       uint16x	       maxlen;
-       uint32x	       offset;
+       uint16x         len;
+       uint16x         maxlen;
+       uint32x         offset;
 } SPAStrHeader;
 
 typedef struct
 {
-       char	       ident[8];
-       uint32x	       msgType;
+       char         ident[8];
+       uint32x         msgType;
        SPAStrHeader    uDomain;
-       uint32x	       flags;
-       uint8x	       challengeData[8];
-       uint8x	       reserved[8];
+       uint32x         flags;
+       uint8x         challengeData[8];
+       uint8x         reserved[8];
        SPAStrHeader    emptyString;
-       uint8x	       buffer[1024];
-       uint32x	       bufIndex;
+       uint8x         buffer[1024];
+       uint32x         bufIndex;
 } SPAAuthChallenge;
 
 
 typedef struct
 {
-       char	       ident[8];
-       uint32x	       msgType;
-       uint32x	       flags;
+       char         ident[8];
+       uint32x         msgType;
+       uint32x         flags;
        SPAStrHeader    user;
        SPAStrHeader    domain;
-       uint8x	       buffer[1024];
-       uint32x	       bufIndex;
+       uint8x         buffer[1024];
+       uint32x         bufIndex;
 } SPAAuthRequest;
 
 typedef struct
 {
-       char	       ident[8];
-       uint32x	       msgType;
+       char         ident[8];
+       uint32x         msgType;
        SPAStrHeader    lmResponse;
        SPAStrHeader    ntResponse;
        SPAStrHeader    uDomain;
        SPAStrHeader    uUser;
        SPAStrHeader    uWks;
        SPAStrHeader    sessionKey;
-       uint32x	       flags;
-       uint8x	       buffer[1024];
-       uint32x	       bufIndex;
+       uint32x         flags;
+       uint8x         buffer[1024];
+       uint32x         bufIndex;
 } SPAAuthResponse;
 
 #define spa_request_length(ptr) (((ptr)->buffer - (uint8x*)(ptr)) + (ptr)->bufIndex)
 
 void spa_bits_to_base64 (unsigned char *, const unsigned char *, int);
-int spa_base64_to_bits(char *, const char *);
+int spa_base64_to_bits(char *, int, const char *);
 void spa_build_auth_response (SPAAuthChallenge *challenge,
        SPAAuthResponse *response, char *user, char *password);
 void spa_build_auth_request (SPAAuthRequest *request, char *user,