Author: jpeacock
Date: Fri Sep 22 08:31:28 2006
New Revision: 660
Modified:
branches/0.3x/Changes
branches/0.3x/lib/Qpsmtpd/Auth.pm
branches/0.3x/lib/Qpsmtpd/SMTP.pm
Log:
Correctly handle the case where a given AUTH mechanism is requested by a
[stupid] MUA, but isn't implemented with existing auth plugins. Based on
patch from Brian Szymanski.
Modified: branches/0.3x/Changes
==============================================================================
--- branches/0.3x/Changes (original)
+++ branches/0.3x/Changes Fri Sep 22 08:31:28 2006
@@ -1,4 +1,6 @@
0.33
+ Do the right thing for unimplemented AUTH mechanisms (Brian Szymanski)
+
relay_only plugin for smart relay host. (John Peacock)
Experimental IPv6 support (forkserver only). (Mike Williams)
Modified: branches/0.3x/lib/Qpsmtpd/Auth.pm
==============================================================================
--- branches/0.3x/lib/Qpsmtpd/Auth.pm (original)
+++ branches/0.3x/lib/Qpsmtpd/Auth.pm Fri Sep 22 08:31:28 2006
@@ -17,7 +17,6 @@
# $DB::single = 1;
my ( $session, $mechanism, $prekey ) = @_;
my ( $user, $passClear, $passHash, $ticket, $loginas );
- $mechanism = lc($mechanism);
if ( $mechanism eq "plain" ) {
if (!$prekey) {
@@ -76,7 +75,8 @@
( $user, $passHash ) = split( ' ', decode_base64($line) );
}
else {
- $session->respond( 500, "Unrecognized authentification mechanism" );
+ #this error is now caught in SMTP.pm's sub auth
+ $session->respond( 500, "Internal server error" );
return DECLINED;
}
Modified: branches/0.3x/lib/Qpsmtpd/SMTP.pm
==============================================================================
--- branches/0.3x/lib/Qpsmtpd/SMTP.pm (original)
+++ branches/0.3x/lib/Qpsmtpd/SMTP.pm Fri Sep 22 08:31:28 2006
@@ -1,6 +1,7 @@
package Qpsmtpd::SMTP;
use Qpsmtpd;
@ISA = qw(Qpsmtpd);
+my %auth_mechanisms = ();
package Qpsmtpd::SMTP;
use strict;
@@ -206,7 +207,6 @@
: ();
# Check for possible AUTH mechanisms
- my %auth_mechanisms;
HOOK: foreach my $hook ( keys %{$self->{hooks}} ) {
if ( $hook =~ m/^auth-?(.+)?$/ ) {
if ( defined $1 ) {
@@ -239,9 +239,11 @@
sub auth {
my ($self, $line) = @_;
my ($rc, $sub) = $self->run_hooks('auth_parse');
- my ($ok, $arg, @stuff) = Qpsmtpd::Command->parse('auth', $line, $sub);
- return $self->respond(501, $arg || "Syntax error in command")
+ my ($ok, $mechanism, @stuff) = Qpsmtpd::Command->parse('auth', $line,
$sub);
+ return $self->respond(501, $mechanism || "Syntax error in command")
unless ($ok == OK);
+
+ $mechanism = lc($mechanism);
#they AUTH'd once already
@@ -254,7 +256,14 @@
if ( ($self->config('tls_before_auth'))[0]
and $self->transaction->notes('tls_enabled') );
- return $self->{_auth} = Qpsmtpd::Auth::SASL( $self, $arg, @stuff );
+ # if we don't have a plugin implementing this auth mechanism, 504
+ if( exists $auth_mechanisms{$mechanism} ) {
+ return $self->{_auth} = Qpsmtpd::Auth::SASL( $self, $mechanism, @stuff );
+ } else {
+ $self->respond( 504, "Unimplemented authentification mechanism:
$mechanism" );
+ return DENY;
+ }
+
}
sub mail {
