The SCRAM-SHA-1 stuff wasn't completely working as I thought earlier, the code to print additional responses didn't wait for the required empty client response.
/Simon >From 5129044bd776b2af42ff66265aee397d1f4477b4 Mon Sep 17 00:00:00 2001 From: Simon Josefsson <[email protected]> Date: Thu, 24 Sep 2009 14:59:34 +0200 Subject: [PATCH] Make IMAP server wait for empty final client response. * imap4d/auth_gsasl.c: Fix. --- imap4d/auth_gsasl.c | 15 ++++++++++++--- 1 files changed, 12 insertions(+), 3 deletions(-) diff --git a/imap4d/auth_gsasl.c b/imap4d/auth_gsasl.c index f170f81..3ea71ed 100644 --- a/imap4d/auth_gsasl.c +++ b/imap4d/auth_gsasl.c @@ -109,10 +109,19 @@ auth_gsasl (struct imap4d_command *command, char *auth_type, char **username) return RESP_NO; } - /* Some SASL mechanisms output data when GSASL_OK is returned */ + /* Some SASL mechanisms output additional data when GSASL_OK is + returned, and clients must respond with an empty response. */ if (output[0]) - util_send ("+ %s\r\n", output); - + { + util_send ("+ %s\r\n", output); + imap4d_getline (&input_str, &input_size, &input_len); + if (input_len != 0) + { + mu_diag_output (MU_DIAG_NOTICE, _("Non-empty client response")); + return RESP_NO; + } + } + free (output); if (*username == NULL) -- 1.6.3.3 _______________________________________________ Bug-mailutils mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-mailutils
