1 diff -durN mutt-1.4.orig/configure.in mutt-1.4/configure.in
2 --- mutt-1.4.orig/configure.in Fri Jan 10 11:50:30 2003
3 +++ mutt-1.4/configure.in Fri Jan 10 11:50:41 2003
6 if test "$with_sasl" != "yes"
8 - CPPFLAGS="$CPPFLAGS -I$with_sasl/include"
9 + CPPFLAGS="$CPPFLAGS -I$with_sasl/include/sasl"
10 LDFLAGS="$LDFLAGS -L$with_sasl/lib"
12 + CPPFLAGS="$CPPFLAGS -I/usr/include/sasl"
17 - AC_CHECK_LIB(sasl, sasl_client_init,,
18 - AC_MSG_ERROR([could not find libsasl]),)
19 + AC_CHECK_LIB(sasl2, sasl_client_init,,
20 + AC_MSG_ERROR([could not find libsasl2]),)
22 MUTT_LIB_OBJECTS="$MUTT_LIB_OBJECTS mutt_sasl.o"
23 - MUTTLIBS="$MUTTLIBS -lsasl"
24 + MUTTLIBS="$MUTTLIBS -lsasl2"
27 [ Define if want to use the Cyrus SASL library for POP/IMAP authentication. ])
33 AM_CONDITIONAL(USE_SASL, test x$need_sasl = xyes)
34 diff -durN mutt-1.4.orig/imap/auth_sasl.c mutt-1.4/imap/auth_sasl.c
35 --- mutt-1.4.orig/imap/auth_sasl.c Sun Jan 13 22:16:34 2002
36 +++ mutt-1.4/imap/auth_sasl.c Fri Jan 10 11:51:38 2003
39 char buf[LONG_STRING];
42 + const char* pc = NULL;
43 unsigned int len, olen;
44 unsigned char client_start;
47 if (mutt_bit_isset (idata->capabilities, AUTH_ANON) &&
48 (!idata->conn->account.user[0] ||
49 !ascii_strncmp (idata->conn->account.user, "anonymous", 9)))
50 - rc = sasl_client_start (saslconn, "AUTH=ANONYMOUS", NULL, NULL, &pc, &olen,
52 + rc = sasl_client_start (saslconn, "AUTH=ANONYMOUS", NULL, &pc, &olen, &mech);
55 if (rc != SASL_OK && rc != SASL_CONTINUE)
58 - rc = sasl_client_start (saslconn, method, NULL, &interaction,
60 + rc = sasl_client_start (saslconn, method, &interaction, &pc, &olen, &mech);
61 if (rc == SASL_INTERACT)
62 mutt_sasl_interact (interaction);
65 if (irc == IMAP_CMD_RESPOND)
67 if (sasl_decode64 (idata->cmd.buf+2, strlen (idata->cmd.buf+2), buf,
69 + LONG_STRING,&len) != SASL_OK)
71 dprint (1, (debugfile, "imap_auth_sasl: error base64-decoding server response.\n"));
74 dprint (1, (debugfile, "imap_auth_sasl: error base64-encoding client response.\n"));
78 - /* sasl_client_st(art|ep) allocate pc with malloc, expect me to
83 if (olen || rc == SASL_CONTINUE)
84 diff -durN mutt-1.4.orig/mutt_sasl.c mutt-1.4/mutt_sasl.c
85 --- mutt-1.4.orig/mutt_sasl.c Tue Feb 26 11:38:27 2002
86 +++ mutt-1.4/mutt_sasl.c Fri Jan 10 11:50:41 2003
88 * probably stop exporting mutt_sasl_get_callbacks(). */
89 int mutt_sasl_client_new (CONNECTION* conn, sasl_conn_t** saslconn)
91 - sasl_security_properties_t secprops;
92 - sasl_external_properties_t extprops;
95 + struct sockaddr_in local, remote;
96 + char buf[LONG_STRING];
97 + char localip[LONG_STRING], remoteip[LONG_STRING];
99 + sasl_security_properties_t secprops;
101 if (mutt_sasl_start () != SASL_OK)
104 dprint (1, (debugfile, "mutt_sasl_client_new: account type unset\n"));
108 - rc = sasl_client_new (service, conn->account.host,
109 - mutt_sasl_get_callbacks (&conn->account), SASL_SECURITY_LAYER, saslconn);
111 + size = sizeof (local);
112 + if (getsockname (conn->fd, (struct sockaddr*) &local, &size))
114 + inet_ntop(local.sin_family, &local.sin_addr,buf,LONG_STRING);
115 + sprintf(localip,"%s;%i",buf,local.sin_port);
117 + size = sizeof(remote);
118 + if (getpeername(conn->fd, (struct sockaddr*) &remote, &size))
120 + inet_ntop(remote.sin_family, &remote.sin_addr,buf,LONG_STRING);
121 + sprintf(remoteip,"%s;%i",buf,local.sin_port);
123 + rc = sasl_client_new (service, conn->account.host, localip, remoteip,
124 + mutt_sasl_get_callbacks (&conn->account), 0, saslconn);
132 - /*** set sasl IP properties, necessary for use with krb4 ***/
133 - /* Do we need to fail if this fails? I would assume having these unset
134 - * would just disable KRB4. Who wrote this code? I'm not sure how this
135 - * interacts with the NSS code either, since that mucks with the fd. */
137 - struct sockaddr_in local, remote;
140 - size = sizeof (local);
141 - if (getsockname (conn->fd, (struct sockaddr*) &local, &size))
144 - size = sizeof(remote);
145 - if (getpeername(conn->fd, (struct sockaddr*) &remote, &size))
148 -#ifdef SASL_IP_LOCAL
149 - if (sasl_setprop(*saslconn, SASL_IP_LOCAL, &local) != SASL_OK)
151 - dprint (1, (debugfile,
152 - "mutt_sasl_client_new: Error setting local IP address\n"));
157 -#ifdef SASL_IP_REMOTE
158 - if (sasl_setprop(*saslconn, SASL_IP_REMOTE, &remote) != SASL_OK)
160 - dprint (1, (debugfile,
161 - "mutt_sasl_client_new: Error setting remote IP address\n"));
167 /* set security properties. We use NOPLAINTEXT globally, since we can
168 * just fall back to LOGIN in the IMAP case anyway. If that doesn't
170 #if defined(USE_SSL) && !defined(USE_NSS)
171 if (conn->account.flags & M_ACCT_SSL)
173 - memset (&extprops, 0, sizeof (extprops));
174 - extprops.ssf = conn->ssf;
175 - dprint (2, (debugfile, "External SSF: %d\n", extprops.ssf));
176 - if (sasl_setprop (*saslconn, SASL_SSF_EXTERNAL, &extprops) != SASL_OK)
177 + sasl_ssf_t ssf=conn->ssf;
178 + dprint (2, (debugfile, "External SSF: %d\n", ssf));
179 + if (sasl_setprop (*saslconn, SASL_SSF_EXTERNAL, &ssf) != SASL_OK)
181 dprint (1, (debugfile, "mutt_sasl_client_new: Error setting external properties\n"));
185 sasldata->saslconn = saslconn;
186 /* get ssf so we know whether we have to (en|de)code read/write */
187 - sasl_getprop (saslconn, SASL_SSF, (void**) &sasldata->ssf);
188 + sasl_getprop (saslconn, SASL_SSF, (const void**) &sasldata->ssf);
189 dprint (3, (debugfile, "SASL protection strength: %u\n", *sasldata->ssf));
190 /* Add SASL SSF to transport SSF */
191 conn->ssf += *sasldata->ssf;
192 diff -durN mutt-1.4.orig/pop_auth.c mutt-1.4/pop_auth.c
193 --- mutt-1.4.orig/pop_auth.c Thu Aug 30 10:11:06 2001
194 +++ mutt-1.4/pop_auth.c Fri Jan 10 11:51:26 2003
196 char buf[LONG_STRING];
197 char inbuf[LONG_STRING];
200 + const char* pc = NULL;
201 unsigned int len, olen;
202 unsigned char client_start;
208 - rc = sasl_client_start (saslconn, method, NULL,
209 - &interaction, &pc, &olen, &mech);
210 + rc = sasl_client_start (saslconn, method, &interaction, &pc, &olen, &mech);
211 if (rc != SASL_INTERACT)
213 mutt_sasl_interact (interaction);
215 if (mutt_strncmp (inbuf, "+ ", 2))
218 - if (sasl_decode64 (inbuf, strlen (inbuf), buf, &len) != SASL_OK)
219 + if (sasl_decode64 (inbuf, strlen (inbuf), buf, LONG_STRING, &len) != SASL_OK)
221 dprint (1, (debugfile, "pop_auth_sasl: error base64-decoding server response.\n"));
224 dprint (1, (debugfile, "pop_auth_sasl: error base64-encoding client response.\n"));
228 - /* sasl_client_st(art|ep) allocate pc with malloc, expect me to
230 - safe_free ((void *) &pc);