]>
Commit | Line | Data |
---|---|---|
1 | diff -durN mutt-1.4.orig/configure.in mutt-1.4/configure.in | |
2 | --- mutt-1.4.orig/configure.in Fri Jan 10 11:50:30 2003 | |
3 | +++ mutt-1.4/configure.in Fri Jan 10 11:50:41 2003 | |
4 | @@ -570,22 +570,24 @@ | |
5 | then | |
6 | if test "$with_sasl" != "yes" | |
7 | then | |
8 | - CPPFLAGS="$CPPFLAGS -I$with_sasl/include" | |
9 | + CPPFLAGS="$CPPFLAGS -I$with_sasl/include/sasl" | |
10 | LDFLAGS="$LDFLAGS -L$with_sasl/lib" | |
11 | + else | |
12 | + CPPFLAGS="$CPPFLAGS -I/usr/include/sasl" | |
13 | fi | |
14 | ||
15 | saved_LIBS="$LIBS" | |
16 | ||
17 | - AC_CHECK_LIB(sasl, sasl_client_init,, | |
18 | - AC_MSG_ERROR([could not find libsasl]),) | |
19 | + AC_CHECK_LIB(sasl2, sasl_client_init,, | |
20 | + AC_MSG_ERROR([could not find libsasl2]),) | |
21 | ||
22 | MUTT_LIB_OBJECTS="$MUTT_LIB_OBJECTS mutt_sasl.o" | |
23 | - MUTTLIBS="$MUTTLIBS -lsasl" | |
24 | + MUTTLIBS="$MUTTLIBS -lsasl2" | |
25 | LIBS="$saved_LIBS" | |
26 | AC_DEFINE(USE_SASL,1, | |
27 | [ Define if want to use the Cyrus SASL library for POP/IMAP authentication. ]) | |
28 | need_sasl=yes | |
29 | - need_md5=no | |
30 | + need_md5=yes | |
31 | fi | |
32 | ]) | |
33 | AM_CONDITIONAL(USE_SASL, test x$need_sasl = xyes) | |
34 | diff -durN mutt-1.4.orig/imap/auth_sasl.c mutt-1.4/imap/auth_sasl.c | |
35 | --- mutt-1.4.orig/imap/auth_sasl.c Sun Jan 13 22:16:34 2002 | |
36 | +++ mutt-1.4/imap/auth_sasl.c Fri Jan 10 11:51:38 2003 | |
37 | @@ -34,7 +34,7 @@ | |
38 | int rc, irc; | |
39 | char buf[LONG_STRING]; | |
40 | const char* mech; | |
41 | - char* pc = NULL; | |
42 | + const char* pc = NULL; | |
43 | unsigned int len, olen; | |
44 | unsigned char client_start; | |
45 | ||
46 | @@ -63,15 +63,13 @@ | |
47 | if (mutt_bit_isset (idata->capabilities, AUTH_ANON) && | |
48 | (!idata->conn->account.user[0] || | |
49 | !ascii_strncmp (idata->conn->account.user, "anonymous", 9))) | |
50 | - rc = sasl_client_start (saslconn, "AUTH=ANONYMOUS", NULL, NULL, &pc, &olen, | |
51 | - &mech); | |
52 | + rc = sasl_client_start (saslconn, "AUTH=ANONYMOUS", NULL, &pc, &olen, &mech); | |
53 | } | |
54 | ||
55 | if (rc != SASL_OK && rc != SASL_CONTINUE) | |
56 | do | |
57 | { | |
58 | - rc = sasl_client_start (saslconn, method, NULL, &interaction, | |
59 | - &pc, &olen, &mech); | |
60 | + rc = sasl_client_start (saslconn, method, &interaction, &pc, &olen, &mech); | |
61 | if (rc == SASL_INTERACT) | |
62 | mutt_sasl_interact (interaction); | |
63 | } | |
64 | @@ -109,7 +107,7 @@ | |
65 | if (irc == IMAP_CMD_RESPOND) | |
66 | { | |
67 | if (sasl_decode64 (idata->cmd.buf+2, strlen (idata->cmd.buf+2), buf, | |
68 | - &len) != SASL_OK) | |
69 | + LONG_STRING,&len) != SASL_OK) | |
70 | { | |
71 | dprint (1, (debugfile, "imap_auth_sasl: error base64-decoding server response.\n")); | |
72 | goto bail; | |
73 | @@ -137,10 +135,6 @@ | |
74 | dprint (1, (debugfile, "imap_auth_sasl: error base64-encoding client response.\n")); | |
75 | goto bail; | |
76 | } | |
77 | - | |
78 | - /* sasl_client_st(art|ep) allocate pc with malloc, expect me to | |
79 | - * free it */ | |
80 | - FREE (&pc); | |
81 | } | |
82 | ||
83 | if (olen || rc == SASL_CONTINUE) | |
84 | diff -durN mutt-1.4.orig/mutt_sasl.c mutt-1.4/mutt_sasl.c | |
85 | --- mutt-1.4.orig/mutt_sasl.c Tue Feb 26 11:38:27 2002 | |
86 | +++ mutt-1.4/mutt_sasl.c Fri Jan 10 11:50:41 2003 | |
87 | @@ -92,10 +92,13 @@ | |
88 | * probably stop exporting mutt_sasl_get_callbacks(). */ | |
89 | int mutt_sasl_client_new (CONNECTION* conn, sasl_conn_t** saslconn) | |
90 | { | |
91 | - sasl_security_properties_t secprops; | |
92 | - sasl_external_properties_t extprops; | |
93 | const char* service; | |
94 | int rc; | |
95 | + struct sockaddr_in local, remote; | |
96 | + char buf[LONG_STRING]; | |
97 | + char localip[LONG_STRING], remoteip[LONG_STRING]; | |
98 | + socklen_t size; | |
99 | + sasl_security_properties_t secprops; | |
100 | ||
101 | if (mutt_sasl_start () != SASL_OK) | |
102 | return -1; | |
103 | @@ -112,9 +115,21 @@ | |
104 | dprint (1, (debugfile, "mutt_sasl_client_new: account type unset\n")); | |
105 | return -1; | |
106 | } | |
107 | - | |
108 | - rc = sasl_client_new (service, conn->account.host, | |
109 | - mutt_sasl_get_callbacks (&conn->account), SASL_SECURITY_LAYER, saslconn); | |
110 | + | |
111 | + size = sizeof (local); | |
112 | + if (getsockname (conn->fd, (struct sockaddr*) &local, &size)) | |
113 | + return -1; | |
114 | + inet_ntop(local.sin_family, &local.sin_addr,buf,LONG_STRING); | |
115 | + sprintf(localip,"%s;%i",buf,local.sin_port); | |
116 | + | |
117 | + size = sizeof(remote); | |
118 | + if (getpeername(conn->fd, (struct sockaddr*) &remote, &size)) | |
119 | + return -1; | |
120 | + inet_ntop(remote.sin_family, &remote.sin_addr,buf,LONG_STRING); | |
121 | + sprintf(remoteip,"%s;%i",buf,local.sin_port); | |
122 | + | |
123 | + rc = sasl_client_new (service, conn->account.host, localip, remoteip, | |
124 | + mutt_sasl_get_callbacks (&conn->account), 0, saslconn); | |
125 | ||
126 | if (rc != SASL_OK) | |
127 | { | |
128 | @@ -123,40 +138,6 @@ | |
129 | return -1; | |
130 | } | |
131 | ||
132 | - /*** set sasl IP properties, necessary for use with krb4 ***/ | |
133 | - /* Do we need to fail if this fails? I would assume having these unset | |
134 | - * would just disable KRB4. Who wrote this code? I'm not sure how this | |
135 | - * interacts with the NSS code either, since that mucks with the fd. */ | |
136 | - { | |
137 | - struct sockaddr_in local, remote; | |
138 | - socklen_t size; | |
139 | - | |
140 | - size = sizeof (local); | |
141 | - if (getsockname (conn->fd, (struct sockaddr*) &local, &size)) | |
142 | - return -1; | |
143 | - | |
144 | - size = sizeof(remote); | |
145 | - if (getpeername(conn->fd, (struct sockaddr*) &remote, &size)) | |
146 | - return -1; | |
147 | - | |
148 | -#ifdef SASL_IP_LOCAL | |
149 | - if (sasl_setprop(*saslconn, SASL_IP_LOCAL, &local) != SASL_OK) | |
150 | - { | |
151 | - dprint (1, (debugfile, | |
152 | - "mutt_sasl_client_new: Error setting local IP address\n")); | |
153 | - return -1; | |
154 | - } | |
155 | -#endif | |
156 | - | |
157 | -#ifdef SASL_IP_REMOTE | |
158 | - if (sasl_setprop(*saslconn, SASL_IP_REMOTE, &remote) != SASL_OK) | |
159 | - { | |
160 | - dprint (1, (debugfile, | |
161 | - "mutt_sasl_client_new: Error setting remote IP address\n")); | |
162 | - return -1; | |
163 | - } | |
164 | -#endif | |
165 | - } | |
166 | ||
167 | /* set security properties. We use NOPLAINTEXT globally, since we can | |
168 | * just fall back to LOGIN in the IMAP case anyway. If that doesn't | |
169 | @@ -181,10 +162,9 @@ | |
170 | #if defined(USE_SSL) && !defined(USE_NSS) | |
171 | if (conn->account.flags & M_ACCT_SSL) | |
172 | { | |
173 | - memset (&extprops, 0, sizeof (extprops)); | |
174 | - extprops.ssf = conn->ssf; | |
175 | - dprint (2, (debugfile, "External SSF: %d\n", extprops.ssf)); | |
176 | - if (sasl_setprop (*saslconn, SASL_SSF_EXTERNAL, &extprops) != SASL_OK) | |
177 | + sasl_ssf_t ssf=conn->ssf; | |
178 | + dprint (2, (debugfile, "External SSF: %d\n", ssf)); | |
179 | + if (sasl_setprop (*saslconn, SASL_SSF_EXTERNAL, &ssf) != SASL_OK) | |
180 | { | |
181 | dprint (1, (debugfile, "mutt_sasl_client_new: Error setting external properties\n")); | |
182 | return -1; | |
183 | @@ -274,7 +254,7 @@ | |
184 | ||
185 | sasldata->saslconn = saslconn; | |
186 | /* get ssf so we know whether we have to (en|de)code read/write */ | |
187 | - sasl_getprop (saslconn, SASL_SSF, (void**) &sasldata->ssf); | |
188 | + sasl_getprop (saslconn, SASL_SSF, (const void**) &sasldata->ssf); | |
189 | dprint (3, (debugfile, "SASL protection strength: %u\n", *sasldata->ssf)); | |
190 | /* Add SASL SSF to transport SSF */ | |
191 | conn->ssf += *sasldata->ssf; | |
192 | diff -durN mutt-1.4.orig/pop_auth.c mutt-1.4/pop_auth.c | |
193 | --- mutt-1.4.orig/pop_auth.c Thu Aug 30 10:11:06 2001 | |
194 | +++ mutt-1.4/pop_auth.c Fri Jan 10 11:51:26 2003 | |
195 | @@ -41,7 +41,7 @@ | |
196 | char buf[LONG_STRING]; | |
197 | char inbuf[LONG_STRING]; | |
198 | const char* mech; | |
199 | - char* pc = NULL; | |
200 | + const char* pc = NULL; | |
201 | unsigned int len, olen; | |
202 | unsigned char client_start; | |
203 | ||
204 | @@ -56,8 +56,7 @@ | |
205 | ||
206 | FOREVER | |
207 | { | |
208 | - rc = sasl_client_start (saslconn, method, NULL, | |
209 | - &interaction, &pc, &olen, &mech); | |
210 | + rc = sasl_client_start (saslconn, method, &interaction, &pc, &olen, &mech); | |
211 | if (rc != SASL_INTERACT) | |
212 | break; | |
213 | mutt_sasl_interact (interaction); | |
214 | @@ -96,7 +95,7 @@ | |
215 | if (mutt_strncmp (inbuf, "+ ", 2)) | |
216 | goto bail; | |
217 | ||
218 | - if (sasl_decode64 (inbuf, strlen (inbuf), buf, &len) != SASL_OK) | |
219 | + if (sasl_decode64 (inbuf, strlen (inbuf), buf, LONG_STRING, &len) != SASL_OK) | |
220 | { | |
221 | dprint (1, (debugfile, "pop_auth_sasl: error base64-decoding server response.\n")); | |
222 | goto bail; | |
223 | @@ -124,10 +123,6 @@ | |
224 | dprint (1, (debugfile, "pop_auth_sasl: error base64-encoding client response.\n")); | |
225 | goto bail; | |
226 | } | |
227 | - | |
228 | - /* sasl_client_st(art|ep) allocate pc with malloc, expect me to | |
229 | - * free it */ | |
230 | - safe_free ((void *) &pc); | |
231 | } | |
232 | } | |
233 |