#endif
#ifdef CYRUS_SASL
-#include <sasl.h>
+#include <sasl/sasl.h>
+#include <sasl/saslutil.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
/*
* these codes must all be different!
*/
-#define SM_OPEN 90 /* Changed from 30 in case of nameserver flakiness */
+#define SM_OPEN 300 /* Changed to 5 minutes to comply with a SHOULD in RFC 1123 */
#define SM_HELO 20
#define SM_RSET 15
-#define SM_MAIL 40
-#define SM_RCPT 120
-#define SM_DATA 20
-#define SM_TEXT 150
-#define SM_DOT 180
+#define SM_MAIL 301 /* changed to 5 minutes and a second (for uniqueness), see above */
+#define SM_RCPT 302 /* see above */
+#define SM_DATA 120 /* see above */
+#define SM_TEXT 180 /* see above */
+#define SM_DOT 600 /* see above */
#define SM_QUIT 30
#define SM_CLOS 10
#define SM_AUTH 45
return NOTOK;
}
-#ifdef CYRUS_SASL
-#include <sasl.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <netdb.h>
-#include <errno.h>
-#endif /* CYRUS_SASL */
-
int
sm_winit (int mode, char *from)
{
free (cp);
{
-#ifdef HAVE_ST_BLKSIZE
+#ifdef HAVE_STRUCT_STAT_ST_BLKSIZE
struct stat st;
if (fstat (fileno (sm_wfp), &st) == NOTOK || (cc = st.st_blksize) < BUFSIZ)
static int
sm_auth_sasl(char *user, char *mechlist, char *host)
{
- int result, status, outlen;
- unsigned int buflen;
+ int result, status;
+ unsigned int buflen, outlen;
char *buf, outbuf[BUFSIZ];
const char *chosen_mech;
sasl_security_properties_t secprops;
- sasl_external_properties_t extprops;
sasl_ssf_t *ssf;
int *outbufmax;
return NOTOK;
}
- result = sasl_client_new("smtp", host, NULL, SASL_SECURITY_LAYER, &conn);
+ result = sasl_client_new("smtp", host, NULL, NULL, NULL, 0, &conn);
if (result != SASL_OK) {
sm_ierror("SASL client initialization failed: %s",
memset(&secprops, 0, sizeof(secprops));
secprops.maxbufsize = BUFSIZ;
secprops.max_ssf = 0; /* XXX change this when we do encryption */
- memset(&extprops, 0, sizeof(extprops));
result = sasl_setprop(conn, SASL_SEC_PROPS, &secprops);
return NOTOK;
}
- result = sasl_setprop(conn, SASL_SSF_EXTERNAL, &extprops);
-
- if (result != SASL_OK) {
- sm_ierror("SASL external property initialization failed: %s",
- sasl_errstring(result, NULL, NULL));
- return NOTOK;
- }
-
/*
* Start the actual protocol. Feed the mech list into the library
* and get out a possible initial challenge
*/
- result = sasl_client_start(conn, mechlist, NULL, NULL, &buf, &buflen,
- &chosen_mech);
+ result = sasl_client_start(conn, mechlist, NULL, (const char **) &buf,
+ &buflen, (const char **) &chosen_mech);
if (result != SASL_OK && result != SASL_CONTINUE) {
sm_ierror("SASL client start failed: %s",
if (buflen) {
status = sasl_encode64(buf, buflen, outbuf, sizeof(outbuf), NULL);
- free(buf);
if (status != SASL_OK) {
sm_ierror("SASL base64 encode failed: %s",
sasl_errstring(status, NULL, NULL));
outlen = 0;
} else {
result = sasl_decode64(sm_reply.text, sm_reply.length,
- outbuf, &outlen);
+ outbuf, sizeof(outbuf), &outlen);
if (result != SASL_OK) {
smtalk(SM_AUTH, "*");
}
}
- result = sasl_client_step(conn, outbuf, outlen, NULL, &buf, &buflen);
+ result = sasl_client_step(conn, outbuf, outlen, NULL,
+ (const char **) &buf, &buflen);
if (result != SASL_OK && result != SASL_CONTINUE) {
smtalk(SM_AUTH, "*");
}
status = sasl_encode64(buf, buflen, outbuf, sizeof(outbuf), NULL);
- free(buf);
if (status != SASL_OK) {
smtalk(SM_AUTH, "*");
return RP_BHST;
/*
- * Depending on the mechanism, we need to do a FINAL call to
- * sasl_client_step(). Do that now.
- */
-
- result = sasl_client_step(conn, NULL, 0, NULL, &buf, &buflen);
-
- if (result != SASL_OK) {
- sm_ierror("SASL final client negotiation failed: %s",
- sasl_errstring(result, NULL, NULL));
- return NOTOK;
- }
-
- /*
* We _should_ have completed the authentication successfully.
* Get a few properties from the authentication exchange.
*/
- result = sasl_getprop(conn, SASL_MAXOUTBUF, (void **) &outbufmax);
+ result = sasl_getprop(conn, SASL_MAXOUTBUF, (const void **) &outbufmax);
if (result != SASL_OK) {
sm_ierror("Cannot retrieve SASL negotiated output buffer size: %s",
maxoutbuf = *outbufmax;
- result = sasl_getprop(conn, SASL_SSF, (void **) &ssf);
+ result = sasl_getprop(conn, SASL_SSF, (const void **) &ssf);
sasl_ssf = *ssf;
}
(*psecret)->len = len;
- strcpy((*psecret)->data, pass);
+ strcpy((char *) (*psecret)->data, pass);
/* free(pass); */
return SASL_OK;