X-Git-Url: http://git.marmaro.de/?p=mmh;a=blobdiff_plain;f=mts%2Fsmtp%2Fsmtp.c;fp=mts%2Fsmtp%2Fsmtp.c;h=ab70c24633009c1f652f5fed0313531a12cb8739;hp=05e292ff96ff5991c9213818ed803b8e18f9f766;hb=352fe458a57061db81240c19fa4b356c7448463b;hpb=d8916ff5d389de5ab225cd6f40aeda1b285d0f28

diff --git a/mts/smtp/smtp.c b/mts/smtp/smtp.c
index 05e292f..ab70c24 100644
--- a/mts/smtp/smtp.c
+++ b/mts/smtp/smtp.c
@@ -128,7 +128,8 @@ char *EHLOkeys[MAXEHLO + 1];
  */
 static int smtp_init (char *, char *, char *, int, int, int, int, int, int,
 		      char *, char *);
-static int sendmail_init (char *, char *, int, int, int, int, int);
+static int sendmail_init (char *, char *, int, int, int, int, int, int,
+                          char *, char *);
 
 static int rclient (char *, char *);
 static int sm_ierror (char *fmt, ...);
@@ -165,13 +166,13 @@ sm_init (char *client, char *server, char *port, int watch, int verbose,
 			  debug, onex, queued, sasl, saslmech, user);
     else
 	return sendmail_init (client, server, watch, verbose,
-			      debug, onex, queued);
+                              debug, onex, queued, sasl, saslmech, user);
 }
 
 static int
 smtp_init (char *client, char *server, char *port, int watch, int verbose,
-	   int debug, int onex, int queued, int sasl, char *saslmech,
-	   char *user)
+	   int debug, int onex, int queued,
+           int sasl, char *saslmech, char *user)
 {
 #ifdef CYRUS_SASL
     char *server_mechs;
@@ -299,8 +300,12 @@ send_options: ;
 
 int
 sendmail_init (char *client, char *server, int watch, int verbose,
-               int debug, int onex, int queued)
+               int debug, int onex, int queued,
+               int sasl, char *saslmech, char *user)
 {
+#ifdef CYRUS_SASL
+    char *server_mechs;
+#endif /* CYRUS_SASL */
     int i, result, vecp;
     int pdi[2], pdo[2];
     char *vec[15];
@@ -426,6 +431,35 @@ sendmail_init (char *client, char *server, int watch, int verbose,
 		}
 	    }
 
+#ifdef CYRUS_SASL
+    /*
+     * If the user asked for SASL, then check to see if the SMTP server
+     * supports it.  Otherwise, error out (because the SMTP server
+     * might have been spoofed; we don't want to just silently not
+     * do authentication
+     */
+
+    if (sasl) {
+	if (! (server_mechs = EHLOset("AUTH"))) {
+	    sm_end(NOTOK);
+	    return sm_ierror("SMTP server does not support SASL");
+	}
+
+	if (saslmech && stringdex(saslmech, server_mechs) == -1) {
+	    sm_end(NOTOK);
+	    return sm_ierror("Requested SASL mech \"%s\" is not in the "
+			     "list of supported mechanisms:\n%s",
+			     saslmech, server_mechs);
+	}
+
+	if (sm_auth_sasl(user, saslmech ? saslmech : server_mechs,
+			 server) != RP_OK) {
+	    sm_end(NOTOK);
+	    return NOTOK;
+	}
+    }
+#endif /* CYRUS_SASL */
+
 #ifndef ZMAILER
 	    if (onex)
 		smtalk (SM_HELO, "ONEX");
@@ -454,7 +488,7 @@ rclient (char *server, char *service)
 int
 sm_winit (int mode, char *from)
 {
-    char *smtpcom;
+    char *smtpcom = NULL;
 
     switch (mode) {
 	case S_MAIL:
@@ -472,6 +506,10 @@ sm_winit (int mode, char *from)
 	case S_SAML:
 	    smtpcom = "SAML";
 	    break;
+
+        default:
+            /* Hopefully, we do not get here. */
+            break;
     }
 
     switch (smtalk (SM_MAIL, "%s FROM:<%s>", smtpcom, from)) {
@@ -1173,7 +1211,7 @@ smhear (void)
     int i, code, cont, bc, rc, more;
     unsigned char *bp;
     char *rp;
-    char **ehlo, buffer[BUFSIZ];
+    char **ehlo = NULL, buffer[BUFSIZ];
 
     if (doingEHLO) {
 	static int at_least_once = 0;