X-Git-Url: https://code.citadel.org/?a=blobdiff_plain;f=citadel%2Fmodules%2Fsmtp%2Fserv_smtp.c;h=a93bb438e384231052681d5ac4346aba074e8feb;hb=b26e3e79fcb15dc1b46f4c7710a6bafdc6472950;hp=58457b180cdc8ff50cab65801207ee31c4044dca;hpb=0635359a1b34a42926f5ab9566cb91d5071c438c;p=citadel.git diff --git a/citadel/modules/smtp/serv_smtp.c b/citadel/modules/smtp/serv_smtp.c index 58457b180..a93bb438e 100644 --- a/citadel/modules/smtp/serv_smtp.c +++ b/citadel/modules/smtp/serv_smtp.c @@ -394,13 +394,17 @@ void smtp_help(long offset, long Flags) { void smtp_get_user(long offset) { char buf[SIZ]; - char username[SIZ]; citsmtp *sSMTP = SMTP; - CtdlDecodeBase64(username, ChrPtr(sSMTP->Cmd) + offset, SIZ); + StrBufDecodeBase64(sSMTP->Cmd); + /* syslog(LOG_DEBUG, "Trying <%s>\n", username); */ - if (CtdlLoginExistingUser(NULL, username) == login_ok) { - CtdlEncodeBase64(buf, "Password:", 9, 0); + if (CtdlLoginExistingUser(NULL, ChrPtr(sSMTP->Cmd)) == login_ok) { + size_t len = CtdlEncodeBase64(buf, "Password:", 9, 0); + + if (buf[len - 1] == '\n') { + buf[len - 1] = '\0'; + } cprintf("334 %s\r\n", buf); sSMTP->command_state = smtp_password; } @@ -418,12 +422,11 @@ void smtp_get_pass(long offset, long Flags) { citsmtp *sSMTP = SMTP; char password[SIZ]; - long len; - memset(password, 0, sizeof(password)); - len = CtdlDecodeBase64(password, ChrPtr(sSMTP->Cmd), SIZ); + memset(password, 0, sizeof(password)); + StrBufDecodeBase64(sSMTP->Cmd); /* syslog(LOG_DEBUG, "Trying <%s>\n", password); */ - if (CtdlTryPassword(password, len) == pass_ok) { + if (CtdlTryPassword(SKEY(sSMTP->Cmd)) == pass_ok) { smtp_auth_greeting(offset, Flags); } else { @@ -439,19 +442,44 @@ void smtp_get_pass(long offset, long Flags) void smtp_try_plain(long offset, long Flags) { citsmtp *sSMTP = SMTP; - char decoded_authstring[1024]; - char ident[256]; - char user[256]; - char pass[256]; + const char*decoded_authstring; + char ident[256] = ""; + char user[256] = ""; + char pass[256] = ""; int result; - long len; - CtdlDecodeBase64(decoded_authstring, ChrPtr(sSMTP->Cmd), StrLength(sSMTP->Cmd)); - safestrncpy(ident, decoded_authstring, sizeof ident); - safestrncpy(user, &decoded_authstring[strlen(ident) + 1], sizeof user); - len = safestrncpy(pass, &decoded_authstring[strlen(ident) + strlen(user) + 2], sizeof pass); - if (len == -1) - len = sizeof(pass) - 1; + long decoded_len; + long len = 0; + long plen = 0; + + memset(pass, 0, sizeof(pass)); + decoded_len = StrBufDecodeBase64(sSMTP->Cmd); + + if (decoded_len > 0) + { + decoded_authstring = ChrPtr(sSMTP->Cmd); + + len = safestrncpy(ident, decoded_authstring, sizeof ident); + + decoded_len -= len - 1; + decoded_authstring += len + 1; + + if (decoded_len > 0) + { + len = safestrncpy(user, decoded_authstring, sizeof user); + + decoded_authstring += len + 1; + decoded_len -= len - 1; + } + + if (decoded_len > 0) + { + plen = safestrncpy(pass, decoded_authstring, sizeof pass); + + if (plen < 0) + plen = sizeof(pass) - 1; + } + } sSMTP->command_state = smtp_command; @@ -463,7 +491,7 @@ void smtp_try_plain(long offset, long Flags) } if (result == login_ok) { - if (CtdlTryPassword(pass, len) == pass_ok) { + if (CtdlTryPassword(pass, plen) == pass_ok) { smtp_webcit_preferences_hack(); smtp_auth_greeting(offset, Flags); return; @@ -495,7 +523,10 @@ void smtp_auth(long offset, long Flags) smtp_get_user(6); } else { - CtdlEncodeBase64(username_prompt, "Username:", 9, 0); + size_t len = CtdlEncodeBase64(username_prompt, "Username:", 9, 0); + if (username_prompt[len - 1] == '\n') { + username_prompt[len - 1] = '\0'; + } cprintf("334 %s\r\n", username_prompt); sSMTP->command_state = smtp_user; } @@ -975,6 +1006,7 @@ void smtp_starttls(long offset, long flags) */ void smtp_command_loop(void) { + static const ConstStr AuthPlainStr = {HKEY("AUTH PLAIN")}; struct CitContext *CCC = CC; citsmtp *sSMTP = SMTP; const char *pch, *pchs; @@ -995,7 +1027,10 @@ void smtp_command_loop(void) syslog(LOG_DEBUG, "SMTP server: %s\n", ChrPtr(sSMTP->Cmd)); if (sSMTP->command_state == smtp_user) { - smtp_get_user(0); + if (!strncmp(ChrPtr(sSMTP->Cmd), AuthPlainStr.Key, AuthPlainStr.len)) + smtp_try_plain(0, 0); + else + smtp_get_user(0); return; }