1 diff -durN postfix-1.1.11.orig/src/lmtp/lmtp.h postfix-1.1.11/src/lmtp/lmtp.h
2 --- postfix-1.1.11.orig/src/lmtp/lmtp.h Tue May 22 20:37:14 2001
3 +++ postfix-1.1.11/src/lmtp/lmtp.h Mon Jan 13 12:27:52 2003
10 +#include <sasl/sasl.h>
11 +#include <sasl/saslutil.h>
15 diff -durN postfix-1.1.11.orig/src/lmtp/lmtp_sasl_glue.c postfix-1.1.11/src/lmtp/lmtp_sasl_glue.c
16 --- postfix-1.1.11.orig/src/lmtp/lmtp_sasl_glue.c Fri Jan 19 22:46:44 2001
17 +++ postfix-1.1.11/src/lmtp/lmtp_sasl_glue.c Mon Jan 13 12:31:32 2003
22 - case SASL_LOG_WARNING:
24 msg_warn("%s", message);
29 msg_info("%s", message);
32 for (cp = state->sasl_callbacks; cp->id != SASL_CB_LIST_END; cp++)
33 cp->context = (void *) state;
34 if (sasl_client_new("smtp", state->session->host,
36 state->sasl_callbacks, NULL_SECFLAGS,
37 (sasl_conn_t **) &state->sasl_conn) != SASL_OK)
38 msg_fatal("per-session SASL client initialization");
40 char *myname = "lmtp_sasl_authenticate";
42 unsigned enc_length_out;
44 + const char *clientout;
45 unsigned clientoutlen;
50 result = sasl_client_start((sasl_conn_t *) state->sasl_conn,
51 state->sasl_mechanism_list,
52 - NO_SASL_SECRET, NO_SASL_INTERACTION,
53 + NO_SASL_INTERACTION,
54 &clientout, &clientoutlen, &mechanism);
55 if (result != SASL_OK && result != SASL_CONTINUE) {
56 vstring_sprintf(why, "cannot SASL authenticate to server %s: %s",
58 STR(state->sasl_encoded), enc_length,
59 &enc_length_out) != SASL_OK)
60 msg_panic("%s: sasl_encode64 botch", myname);
62 lmtp_chat_cmd(state, "AUTH %s %s", mechanism, STR(state->sasl_encoded));
64 lmtp_chat_cmd(state, "AUTH %s", mechanism);
66 serverinlen = strlen(line);
67 VSTRING_SPACE(state->sasl_decoded, serverinlen);
68 if (sasl_decode64(line, serverinlen,
69 - STR(state->sasl_decoded), &enc_length) != SASL_OK) {
70 + STR(state->sasl_decoded), serverinlen, &enc_length) != SASL_OK) {
71 vstring_sprintf(why, "malformed SASL challenge from server %s",
72 state->session->namaddr);
75 STR(state->sasl_encoded), enc_length,
76 &enc_length_out) != SASL_OK)
77 msg_panic("%s: sasl_encode64 botch", myname);
80 vstring_strcat(state->sasl_encoded, "");
82 diff -durN postfix-1.1.11.orig/src/smtp/smtp.h postfix-1.1.11/src/smtp/smtp.h
83 --- postfix-1.1.11.orig/src/smtp/smtp.h Mon Jan 13 12:33:43 2003
84 +++ postfix-1.1.11/src/smtp/smtp.h Mon Jan 13 12:10:16 2003
90 -#include <saslutil.h>
91 +#include <sasl/sasl.h>
92 +#include <sasl/saslutil.h>
96 diff -durN postfix-1.1.11.orig/src/smtp/smtp_sasl_glue.c postfix-1.1.11/src/smtp/smtp_sasl_glue.c
97 --- postfix-1.1.11.orig/src/smtp/smtp_sasl_glue.c Mon Jul 2 21:12:54 2001
98 +++ postfix-1.1.11/src/smtp/smtp_sasl_glue.c Mon Jan 13 12:17:57 2003
103 - case SASL_LOG_WARNING:
104 + case SASL_LOG_WARN:
105 msg_warn("SASL authentication problem: %s", message);
107 - case SASL_LOG_INFO:
108 + case SASL_LOG_NOTE:
110 msg_info("SASL authentication info: %s", message);
113 memcpy((char *) state->sasl_callbacks, callbacks, sizeof(callbacks));
114 for (cp = state->sasl_callbacks; cp->id != SASL_CB_LIST_END; cp++)
115 cp->context = (void *) state;
116 - if (sasl_client_new("smtp", state->session->host,
117 + if (sasl_client_new("smtp", state->session->host, NULL, NULL,
118 state->sasl_callbacks, NULL_SECFLAGS,
119 (sasl_conn_t **) &state->sasl_conn) != SASL_OK)
121 msg_fatal("per-session SASL client initialization");
125 char *myname = "smtp_sasl_authenticate";
127 unsigned enc_length_out;
129 + const char *clientout;
130 unsigned clientoutlen;
131 unsigned serverinlen;
137 -#define NO_SASL_SECRET 0
138 -#define NO_SASL_INTERACTION 0
139 +#define NO_SASL_INTERACTION NULL
140 #define NO_SASL_LANGLIST ((const char *) 0)
141 #define NO_SASL_OUTLANG ((const char **) 0)
145 result = sasl_client_start((sasl_conn_t *) state->sasl_conn,
146 state->sasl_mechanism_list,
147 - NO_SASL_SECRET, NO_SASL_INTERACTION,
148 + NO_SASL_INTERACTION,
149 &clientout, &clientoutlen, &mechanism);
150 if (result != SASL_OK && result != SASL_CONTINUE) {
151 vstring_sprintf(why, "cannot SASL authenticate to server %s: %s",
153 STR(state->sasl_encoded), enc_length,
154 &enc_length_out) != SASL_OK)
155 msg_panic("%s: sasl_encode64 botch", myname);
157 smtp_chat_cmd(state, "AUTH %s %s", mechanism, STR(state->sasl_encoded));
159 smtp_chat_cmd(state, "AUTH %s", mechanism);
161 serverinlen = strlen(line);
162 VSTRING_SPACE(state->sasl_decoded, serverinlen);
163 if (sasl_decode64(line, serverinlen,
164 - STR(state->sasl_decoded), &enc_length) != SASL_OK) {
165 + STR(state->sasl_decoded), serverinlen, &enc_length) != SASL_OK) {
166 vstring_sprintf(why, "malformed SASL challenge from server %s",
167 state->session->namaddr);
169 diff -durN postfix-1.1.11.orig/src/smtpd/smtpd.h postfix-1.1.11/src/smtpd/smtpd.h
170 --- postfix-1.1.11.orig/src/smtpd/smtpd.h Mon Jan 13 12:33:43 2003
171 +++ postfix-1.1.11/src/smtpd/smtpd.h Mon Jan 13 12:26:29 2003
177 -#include <saslutil.h>
178 +#include <sasl/sasl.h>
179 +#include <sasl/saslutil.h>
187 - char *sasl_mechanism_list;
188 + const char *sasl_mechanism_list;
192 diff -durN postfix-1.1.11.orig/src/smtpd/smtpd_sasl_glue.c postfix-1.1.11/src/smtpd/smtpd_sasl_glue.c
193 --- postfix-1.1.11.orig/src/smtpd/smtpd_sasl_glue.c Mon Nov 26 01:14:01 2001
194 +++ postfix-1.1.11/src/smtpd/smtpd_sasl_glue.c Mon Jan 13 12:27:15 2003
195 @@ -117,10 +117,10 @@
199 - case SASL_LOG_WARNING:
200 + case SASL_LOG_WARN:
201 msg_warn("SASL authentication problem: %s", message);
203 - case SASL_LOG_INFO:
204 + case SASL_LOG_NOTE:
206 msg_info("SASL authentication info: %s", message);
209 #define NO_SESSION_CALLBACKS ((sasl_callback_t *) 0)
211 if (sasl_server_new("smtp", var_myhostname, var_smtpd_sasl_realm,
213 NO_SESSION_CALLBACKS, NO_SECURITY_LAYERS,
214 &state->sasl_conn) != SASL_OK)
215 msg_fatal("SASL per-connection server initialization");
218 void smtpd_sasl_disconnect(SMTPD_STATE *state)
220 - if (state->sasl_mechanism_list) {
221 - free(state->sasl_mechanism_list);
222 - state->sasl_mechanism_list = 0;
224 if (state->sasl_conn) {
225 sasl_dispose(&state->sasl_conn);
226 state->sasl_conn = 0;
229 unsigned enc_length_out;
231 - char *serverout = 0;
232 + const char *serverout = 0;
233 unsigned serveroutlen;
235 - const char *errstr = 0;
237 #define IFELSE(e1,e2,e3) ((e1) ? (e2) : (e3))
240 VSTRING_SPACE(state->sasl_decoded, reply_len);
241 dec_buffer = STR(state->sasl_decoded);
242 if (sasl_decode64(init_response, reply_len,
243 - dec_buffer, &dec_length) != SASL_OK)
244 + dec_buffer, reply_len, &dec_length) != SASL_OK)
245 return ("501 Authentication failed: malformed initial response");
247 msg_info("%s: decoded initial response %s", myname, dec_buffer);
251 result = sasl_server_start(state->sasl_conn, sasl_method, dec_buffer,
252 - dec_length, &serverout, &serveroutlen, &errstr);
253 + dec_length, &serverout, &serveroutlen);
256 * Repeat until done or until the client gives up.
258 if (sasl_encode64(serverout, serveroutlen, STR(state->sasl_encoded),
259 enc_length, &enc_length_out) != SASL_OK)
260 msg_panic("%s: sasl_encode64 botch", myname);
263 smtpd_chat_reply(state, "334 %s", STR(state->sasl_encoded));
265 @@ -343,22 +338,16 @@
266 reply_len = VSTRING_LEN(state->buffer);
267 VSTRING_SPACE(state->sasl_decoded, reply_len);
268 if (sasl_decode64(vstring_str(state->buffer), reply_len,
269 - STR(state->sasl_decoded), &dec_length) != SASL_OK)
270 + STR(state->sasl_decoded), reply_len, &dec_length) != SASL_OK)
271 return ("501 Error: malformed authentication response");
273 msg_info("%s: decoded response: %.*s",
274 myname, (int) dec_length, STR(state->sasl_decoded));
275 result = sasl_server_step(state->sasl_conn, STR(state->sasl_decoded),
276 - dec_length, &serverout, &serveroutlen, &errstr);
277 + dec_length, &serverout, &serveroutlen);
281 - * Cleanup. What an awful interface.
287 * The authentication protocol was completed.
289 if (result != SASL_OK)
291 * authentication method that was used. XXX Do not free(serverout).
293 result = sasl_getprop(state->sasl_conn, SASL_USERNAME,
294 - (void **) &serverout);
295 + (const void **) &serverout);
296 if (result != SASL_OK || serverout == 0)
297 msg_panic("%s: sasl_getprop SASL_USERNAME botch", myname);
298 state->sasl_username = mystrdup(serverout);