Auth.pm auth login with params

Leonardo Helman Fri, 21 Apr 2006 13:14:25 -0700

Hi

hope this message dont get two times, I think the first get lost
somewhere (perl.org says OK)



I've a question about AUTH LOGIN

If for example, you write:
AUTH LOGIN bXl0ZXN0dXNlcg==     (encode_base64(mytestuser))

shouldn't qpsmtpd reply with something like:
UGFzc3dvcmQ6                                 (encode_base64(Password:))

and wait for the password?


Is there a RFC saying that thing about the \x0 inside base64 delimiters
whith the first field being "passHash"?
are the \x0 separators in a RFC or somewhere?
Anyone know what mua is sending them that way?


Wouldn it be better if we do something like the code pasted next, based on 
branches/0.3x version

This allows to pass only the username, and let the password for another line
and I think it does'nt broke anything (only the passHash item, but it seems like
I never received that)

In Auth.pm:

    elsif ($mechanism eq "login") {

        if ( $prekey ) {
          ( $user, $passClear ) = split /\x0/,
            decode_base64($prekey);
        }

        unless( $user ) {
          $passClear="";
          $session->respond(334, e64("Username:"));
          $user = decode_base64(<STDIN>);
          #warn("Debug: User: '$user'");
          if ($user eq '*') {
            $session->respond(501, "Authentification canceled");
            return DECLINED;
          }
        }
        unless( $passClear ) {
          $session->respond(334, e64("Password:"));
          $passClear = <STDIN>;
          $passClear = decode_base64($passClear);
          #warn("Debug: Pass: '$pass'");
          if ($passClear eq '*') {
            $session->respond(501, "Authentification canceled");
            return DECLINED;
          }
        }

        unless ($user && $passClear) {
          $session->respond(504, "Invalid authentification string");
          return DECLINED;
        }
     }
     elsif ( $mechanism eq "cram-md5" ) {



Here is the diff

--- qpsmtpd.branch0.3x-20060420.ORIG/lib/Qpsmtpd/Auth.pm        Thu Apr 20 
16:56:46 2006
+++ qpsmtpd.branch0.3x-20060420/lib/Qpsmtpd/Auth.pm     Fri Apr 21 11:05:55 2006
@@ -35,16 +35,12 @@
     elsif ($mechanism eq "login") {
 
         if ( $prekey ) {
-          ( $passHash, $user, $passClear ) = split /\x0/,
+          ( $user, $passClear ) = split /\x0/,
            decode_base64($prekey);
-
-          unless ($user && $passClear) {
-            $session->respond(504, "Invalid authentification string");
-            return DECLINED;
-          }
         }
-        else {
-    
+       
+        unless( $user ) {
+          $passClear="";
           $session->respond(334, e64("Username:"));
           $user = decode_base64(<STDIN>);
           #warn("Debug: User: '$user'");
@@ -52,7 +48,8 @@
             $session->respond(501, "Authentification canceled");
             return DECLINED;
           }
-    
+        }
+        unless( $passClear ) {
           $session->respond(334, e64("Password:"));
           $passClear = <STDIN>;
           $passClear = decode_base64($passClear);
@@ -62,6 +59,11 @@
             return DECLINED;
           }
         }
+
+        unless ($user && $passClear) {
+          $session->respond(504, "Invalid authentification string");
+          return DECLINED;
+        }
     }
     elsif ( $mechanism eq "cram-md5" ) {
 

Saludos
--  
Leonardo Helman
Pert Consultores
Argentina

Auth.pm auth login with params

Reply via email to