cyrus-sasl/cyrus-sasl-2.1.17-saslauthd1.patch
cvsdist 94949f362e auto-import changelog data from cyrus-sasl-2.1.18-2.src.rpm
Tue Mar 16 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.18-2
- turn on building of libsasl v1 again
Fri Mar 12 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.18-1
- update to 2.1.18
- saslauthd's ldap code is no longer marked experimental, so we build it
Mon Mar 08 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.17-4
- rebuild
Tue Mar 02 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com>
- rebuilt
Tue Feb 03 2004 Nalin Dahyabhai <nalin@redhat.com> 2.1.17-2
- include default /etc/sysconfig/saslauthd configuration file for the init
    script (#114868)
Thu Jan 29 2004 Nalin Dahyabhai <nalin@redhat.com>
- drop saslauthd_version patch for libsasl2
Thu Jan 29 2004 Nalin Dahyabhai <nalin@redhat.com>
- add a saslauthd_version option to libsasl's saslauthd client and teach it
    to do the right thing
- enable the saslauthd client code in libsasl version 1 (it's still going
    away!)
- add saslauthd1-checkpass/saslauthd2-checkpass for testing the above
    change
2004-09-09 04:06:43 +00:00

97 lines
2.6 KiB
Diff

"Speak" the saslauthd version 1 protocol if "saslauthd_version" is "1". I
don't think we'll be using this, but here for the sake of completeness.
--- cyrus-sasl-2.1.17/lib/checkpw.c 2003-09-09 11:38:13.000000000 -0400
+++ cyrus-sasl-2.1.17/lib/checkpw.c 2004-01-20 16:57:52.000000000 -0500
@@ -454,7 +454,7 @@
sasl_getopt_t *getopt;
void *context;
char pwpath[sizeof(srvaddr.sun_path)];
- const char *p = NULL;
+ const char *p = NULL, *q = NULL;
char *freeme = NULL;
#ifdef USE_DOORS
door_arg_t arg;
@@ -463,6 +463,7 @@
/* check to see if the user configured a rundir */
if (_sasl_getcallback(conn, SASL_CB_GETOPT, &getopt, &context) == SASL_OK) {
getopt(context, NULL, "saslauthd_path", &p, NULL);
+ getopt(context, NULL, "saslauthd_version", &q, NULL);
}
if (p) {
strncpy(pwpath, p, sizeof(pwpath));
@@ -514,18 +515,22 @@
memcpy(query_end, &u_len, sizeof(unsigned short));
query_end += sizeof(unsigned short);
while (*userid) *query_end++ = *userid++;
+ userid -= ntohs(u_len);
memcpy(query_end, &p_len, sizeof(unsigned short));
query_end += sizeof(unsigned short);
while (*passwd) *query_end++ = *passwd++;
+ passwd -= ntohs(p_len);
memcpy(query_end, &s_len, sizeof(unsigned short));
query_end += sizeof(unsigned short);
while (*service) *query_end++ = *service++;
+ service -= ntohs(s_len);
memcpy(query_end, &r_len, sizeof(unsigned short));
query_end += sizeof(unsigned short);
if (user_realm) while (*user_realm) *query_end++ = *user_realm++;
+ user_realm -= ntohs(r_len);
}
#ifdef USE_DOORS
@@ -578,6 +583,50 @@
}
}
+ if (q && (*q == '1')) {
+ struct iovec iov[8];
+ unsigned int u_length, p_length;
+ char buffer[1024];
+
+ u_length = strlen(userid ? userid : "") + 1;
+ p_length = strlen(passwd ? passwd : "") + 1;
+ if (u_length + p_length >= sizeof(query)) {
+ close(s);
+ sasl_seterror(conn, 0, "out of memory");
+ goto fail;
+ }
+
+ memset(buffer, '\0', sizeof(buffer));
+ if (userid != NULL)
+ memcpy(buffer, userid, u_length);
+ if (passwd != NULL)
+ memcpy(buffer + u_length, passwd, p_length);
+
+ iov[0].iov_len = u_length + p_length;
+ iov[0].iov_base = buffer;
+
+ if (retry_writev(s, iov, 1) == -1) {
+ close(s);
+ sasl_seterror(conn, 0, "write failed");
+ goto fail;
+ }
+
+ if (retry_read(s, buffer, 2) != 2) {
+ close(s);
+ sasl_seterror(conn, 0, "read failed");
+ goto fail;
+ }
+
+ close(s);
+
+ if (strncmp(buffer, "OK", 2) == 0) {
+ return SASL_OK;
+ }
+
+ sasl_seterror(conn, SASL_NOLOG, "authentication failed");
+ return SASL_BADAUTH;
+ }
+
{
struct iovec iov[8];