#include "support.h"
#include "config.h"
#include "user_ops.h"
-#include "policy.h"
#include "database.h"
#include "msgbase.h"
#include "internet_addressing.h"
imap_free_msgids();
imap_free_transmitted_message();
- if (IMAP->cached_rfc822_data != NULL) {
- free(IMAP->cached_rfc822_data);
- IMAP->cached_rfc822_data = NULL;
+ if (IMAP->cached_rfc822 != NULL) {
+ FreeStrBuf(&IMAP->cached_rfc822);
IMAP->cached_rfc822_msgnum = (-1);
IMAP->cached_rfc822_withbody = 0;
}
CC->session_specific_data = malloc(sizeof(citimap));
memset(IMAP, 0, sizeof(citimap));
IMAP->authstate = imap_as_normal;
- IMAP->cached_rfc822_data = NULL;
IMAP->cached_rfc822_msgnum = (-1);
IMAP->cached_rfc822_withbody = 0;
}
case 4:
if (CtdlLoginExistingUser(NULL, Params[2].Key) == login_ok) {
- if (CtdlTryPassword(Params[3].Key) == pass_ok) {
+ if (CtdlTryPassword(Params[3].Key, Params[3].len) == pass_ok) {
cprintf("%s OK [", Params[0].Key);
imap_output_capability_string();
cprintf("] Hello, %s\r\n", CC->user.fullname);
return;
}
+ else
+ {
+ cprintf("%s NO AUTHENTICATE %s failed\r\n",
+ Params[0].Key, Params[3].Key);
+ }
}
cprintf("%s BAD Login incorrect\r\n", Params[0].Key);
char user[256];
char pass[256];
int result;
+ long len;
memset(pass, 0, sizeof(pass));
StrBufDecodeBase64(IMAP->Cmd.CmdBuf);
decoded_authstring = ChrPtr(IMAP->Cmd.CmdBuf);
safestrncpy(ident, decoded_authstring, sizeof ident);
safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user);
- safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass);
+ len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass);
+ if (len < 0)
+ len = sizeof(pass) - 1;
IMAP->authstate = imap_as_normal;
}
if (result == login_ok) {
- if (CtdlTryPassword(pass) == pass_ok) {
+ if (CtdlTryPassword(pass, len) == pass_ok) {
cprintf("%s OK authentication succeeded\r\n", IMAP->authseq);
return;
}
{
citimap *Imap = IMAP;
const char *pass = NULL;
+ long len = 0;
switch (state) {
default:
case imap_as_expecting_password:
StrBufDecodeBase64(Imap->Cmd.CmdBuf);
pass = ChrPtr(Imap->Cmd.CmdBuf);
+ len = StrLength(Imap->Cmd.CmdBuf);
break;
case imap_as_expecting_multilinepassword:
pass = ChrPtr(Imap->Cmd.CmdBuf);
+ len = StrLength(Imap->Cmd.CmdBuf);
break;
}
- if (CtdlTryPassword(pass) == pass_ok) {
+ if (len > USERNAME_SIZE)
+ StrBufCutAt(Imap->Cmd.CmdBuf, USERNAME_SIZE, NULL);
+
+ if (CtdlTryPassword(pass, len) == pass_ok) {
cprintf("%s OK authentication succeeded\r\n", IMAP->authseq);
} else {
cprintf("%s NO authentication failed\r\n", IMAP->authseq);
CtdlLogPrintf(CTDL_INFO, "IMAP: <plain_auth>\n");
}
else if ((Imap->authstate == imap_as_expecting_multilineusername) ||
- bmstrcasestr(ChrPtr(Imap->Cmd.CmdBuf), " LOGIN ")) {
+ cbmstrcasestr(ChrPtr(Imap->Cmd.CmdBuf), " LOGIN ")) {
CtdlLogPrintf(CTDL_INFO, "IMAP: LOGIN...\n");
}
else {