X-Git-Url: http://git.marmaro.de/?a=blobdiff_plain;f=mts%2Fsmtp%2Fsmtp.c;h=13e8eff9dc352d59ff9a10f57074189f95a40d80;hb=757fa32156f812a166631942816e46e2138ebae3;hp=6de440f7f3338b24f0ad359c8898205d94750c99;hpb=dee387b53ab0d42922f857b60d6f980c9e79d16f;p=mmh

diff --git a/mts/smtp/smtp.c b/mts/smtp/smtp.c
index 6de440f..13e8eff 100644
--- a/mts/smtp/smtp.c
+++ b/mts/smtp/smtp.c
@@ -2,6 +2,10 @@
  * smtp.c -- nmh SMTP interface
  *
  * $Id$
+ *
+ * This code is Copyright (c) 2002, by the authors of nmh.  See the
+ * COPYRIGHT file in the root directory of the nmh distribution for
+ * complete copyright information.
  */
 
 #include <h/mh.h>
@@ -14,7 +18,8 @@
 #endif
 
 #ifdef CYRUS_SASL
-#include <sasl.h>
+#include <sasl/sasl.h>
+#include <sasl/saslutil.h>
 #include <sys/socket.h>
 #include <netinet/in.h>
 #include <arpa/inet.h>
@@ -55,14 +60,14 @@
 /*
  * these codes must all be different!
  */
-#define	SM_OPEN	 90      /* Changed from 30 in case of nameserver flakiness */
+#define	SM_OPEN	 300      /* Changed to 5 minutes to comply with a SHOULD in RFC 1123 */
 #define	SM_HELO	 20
 #define	SM_RSET	 15
-#define	SM_MAIL	 40
-#define	SM_RCPT	120
-#define	SM_DATA	 20
-#define	SM_TEXT	150
-#define	SM_DOT	180
+#define	SM_MAIL	 301      /* changed to 5 minutes and a second (for uniqueness), see above */
+#define	SM_RCPT	 302      /* see above */
+#define	SM_DATA	 120      /* see above */
+#define	SM_TEXT	180	/* see above */
+#define	SM_DOT	600	/* see above */
 #define	SM_QUIT	 30
 #define	SM_CLOS	 10
 #define	SM_AUTH  45
@@ -497,15 +502,6 @@ rclient (char *server, char *protocol, char *service)
     return NOTOK;
 }
 
-#ifdef CYRUS_SASL
-#include <sasl.h>
-#include <sys/socket.h>
-#include <netinet/in.h>
-#include <arpa/inet.h>
-#include <netdb.h>
-#include <errno.h>
-#endif /* CYRUS_SASL */
-
 int
 sm_winit (int mode, char *from)
 {
@@ -963,7 +959,7 @@ bad_data:
     free (cp);
 
     {
-#ifdef HAVE_ST_BLKSIZE
+#ifdef HAVE_STRUCT_STAT_ST_BLKSIZE
 	struct stat st;
 
 	if (fstat (fileno (sm_wfp), &st) == NOTOK || (cc = st.st_blksize) < BUFSIZ)
@@ -1104,12 +1100,11 @@ no_dice:
 static int
 sm_auth_sasl(char *user, char *mechlist, char *host)
 {
-    int result, status, outlen;
-    unsigned int buflen;
+    int result, status;
+    unsigned int buflen, outlen;
     char *buf, outbuf[BUFSIZ];
     const char *chosen_mech;
     sasl_security_properties_t secprops;
-    sasl_external_properties_t extprops;
     sasl_ssf_t *ssf;
     int *outbufmax;
 
@@ -1162,7 +1157,7 @@ sm_auth_sasl(char *user, char *mechlist, char *host)
 	return NOTOK;
     }
 
-    result = sasl_client_new("smtp", host, NULL, SASL_SECURITY_LAYER, &conn);
+    result = sasl_client_new("smtp", host, NULL, NULL, NULL, 0, &conn);
 
     if (result != SASL_OK) {
 	sm_ierror("SASL client initialization failed: %s",
@@ -1177,7 +1172,6 @@ sm_auth_sasl(char *user, char *mechlist, char *host)
     memset(&secprops, 0, sizeof(secprops));
     secprops.maxbufsize = BUFSIZ;
     secprops.max_ssf = 0;	/* XXX change this when we do encryption */
-    memset(&extprops, 0, sizeof(extprops));
 
     result = sasl_setprop(conn, SASL_SEC_PROPS, &secprops);
 
@@ -1187,21 +1181,13 @@ sm_auth_sasl(char *user, char *mechlist, char *host)
 	return NOTOK;
     }
 
-    result = sasl_setprop(conn, SASL_SSF_EXTERNAL, &extprops);
-
-    if (result != SASL_OK) {
-	sm_ierror("SASL external property initialization failed: %s",
-		  sasl_errstring(result, NULL, NULL));
-	return NOTOK;
-    }
-
     /*
      * Start the actual protocol.  Feed the mech list into the library
      * and get out a possible initial challenge
      */
 
-    result = sasl_client_start(conn, mechlist, NULL, NULL, &buf, &buflen,
-			       &chosen_mech);
+    result = sasl_client_start(conn, mechlist, NULL, (const char **) &buf,
+			       &buflen, (const char **) &chosen_mech);
 
     if (result != SASL_OK && result != SASL_CONTINUE) {
 	sm_ierror("SASL client start failed: %s",
@@ -1216,7 +1202,6 @@ sm_auth_sasl(char *user, char *mechlist, char *host)
 
     if (buflen) {
 	status = sasl_encode64(buf, buflen, outbuf, sizeof(outbuf), NULL);
-	free(buf);
 	if (status != SASL_OK) {
 	    sm_ierror("SASL base64 encode failed: %s",
 		      sasl_errstring(status, NULL, NULL));
@@ -1259,7 +1244,7 @@ sm_auth_sasl(char *user, char *mechlist, char *host)
 	    outlen = 0;
 	} else {
 	    result = sasl_decode64(sm_reply.text, sm_reply.length,
-				   outbuf, &outlen);
+				   outbuf, sizeof(outbuf), &outlen);
 	
 	    if (result != SASL_OK) {
 		smtalk(SM_AUTH, "*");
@@ -1269,7 +1254,8 @@ sm_auth_sasl(char *user, char *mechlist, char *host)
 	    }
 	}
 
-	result = sasl_client_step(conn, outbuf, outlen, NULL, &buf, &buflen);
+	result = sasl_client_step(conn, outbuf, outlen, NULL,
+				  (const char **) &buf, &buflen);
 
 	if (result != SASL_OK && result != SASL_CONTINUE) {
 	    smtalk(SM_AUTH, "*");
@@ -1279,7 +1265,6 @@ sm_auth_sasl(char *user, char *mechlist, char *host)
 	}
 
 	status = sasl_encode64(buf, buflen, outbuf, sizeof(outbuf), NULL);
-	free(buf);
 
 	if (status != SASL_OK) {
 	    smtalk(SM_AUTH, "*");
@@ -1299,24 +1284,11 @@ sm_auth_sasl(char *user, char *mechlist, char *host)
 	return RP_BHST;
 
     /*
-     * Depending on the mechanism, we need to do a FINAL call to
-     * sasl_client_step().  Do that now.
-     */
-
-    result = sasl_client_step(conn, NULL, 0, NULL, &buf, &buflen);
-
-    if (result != SASL_OK) {
-	sm_ierror("SASL final client negotiation failed: %s",
-		  sasl_errstring(result, NULL, NULL));
-	return NOTOK;
-    }
-
-    /*
      * We _should_ have completed the authentication successfully.
      * Get a few properties from the authentication exchange.
      */
 
-    result = sasl_getprop(conn, SASL_MAXOUTBUF, (void **) &outbufmax);
+    result = sasl_getprop(conn, SASL_MAXOUTBUF, (const void **) &outbufmax);
 
     if (result != SASL_OK) {
 	sm_ierror("Cannot retrieve SASL negotiated output buffer size: %s",
@@ -1326,7 +1298,7 @@ sm_auth_sasl(char *user, char *mechlist, char *host)
 
     maxoutbuf = *outbufmax;
 
-    result = sasl_getprop(conn, SASL_SSF, (void **) &ssf);
+    result = sasl_getprop(conn, SASL_SSF, (const void **) &ssf);
 
     sasl_ssf = *ssf;
 
@@ -1386,7 +1358,7 @@ sm_get_pass(sasl_conn_t *conn, void *context, int id,
     }
 
     (*psecret)->len = len;
-    strcpy((*psecret)->data, pass);
+    strcpy((char *) (*psecret)->data, pass);
 /*    free(pass); */
 
     return SASL_OK;
@@ -1598,7 +1570,8 @@ static int
 smhear (void)
 {
     int i, code, cont, bc, rc, more;
-    char *bp, *rp;
+    unsigned char *bp;
+    char *rp;
     char **ehlo, buffer[BUFSIZ];
 
     if (doingEHLO) {
@@ -1715,15 +1688,17 @@ sm_rrecord (char *buffer, int *len)
 
     fgets (buffer, BUFSIZ, sm_rfp);
     *len = strlen (buffer);
-    if (ferror (sm_rfp) || feof (sm_rfp))
+    /* *len should be >0 except on EOF, but check for safety's sake */
+    if (ferror (sm_rfp) || feof (sm_rfp) || (*len == 0))
 	return sm_rerror ();
     if (buffer[*len - 1] != '\n')
 	while (getc (sm_rfp) != '\n' && !ferror (sm_rfp) && !feof (sm_rfp))
 	    continue;
     else
-	if (buffer[*len - 2] == '\r')
+	if ((*len > 1) && (buffer[*len - 2] == '\r'))
 	    *len -= 1;
-    buffer[*len - 1] = 0;
+    *len -= 1;
+    buffer[*len] = 0;
 
     return OK;
 }