Fix for AUTH PLAIN from Michael Holzt <kju@fqdn.org>

git-svn-id: https://svn.perl.org/qpsmtpd/trunk@280 958fd67b-6ff1-0310-b445-bb7760255be9
This commit is contained in:
Matt Sergeant 2004-07-29 14:40:32 +00:00
parent 2ab4613567
commit a204827d0c

View File

@ -214,6 +214,14 @@ package Qpsmtpd::Auth;
use Qpsmtpd::Constants;
use MIME::Base64;
sub e64
{
my ($arg) = @_;
my $res = encode_base64($arg);
chomp($res);
return($res);
}
sub Qpsmtpd::SMTP::auth {
my ( $self, $arg, @stuff ) = @_;
@ -235,59 +243,39 @@ sub SASL {
$mechanism = lc($mechanism);
if ( $mechanism eq "plain" ) {
if ($prekey) {
if (!$prekey) {
$session->respond( 334, "Please continue" );
$prekey= <>;
}
( $passHash, $user, $passClear ) = split /\x0/,
decode_base64($prekey);
}
elsif ($mechanism eq "login") {
if ( $prekey ) {
($passHash, $user, $passClear) = split /\x0/, decode_base64($prekey);
}
else {
$session->respond( 334, "Username:" );
# We read the username and password from STDIN
$user = <>;
chop($user);
chop($user);
$session->respond(334, e64("Username:"));
$user = decode_base64(<>);
#warn("Debug: User: '$user'");
if ($user eq '*') {
$session->respond(501, "Authentification canceled");
return DECLINED;
}
$session->respond( 334, "Password:" );
$session->respond(334, e64("Password:"));
$passClear = <>;
chop($passClear);
chop($passClear);
$passClear = decode_base64($passClear);
#warn("Debug: Pass: '$pass'");
if ($passClear eq '*') {
$session->respond(501, "Authentification canceled");
return DECLINED;
}
}
}
# elsif ($mechanism eq "login") {
# if ( $prekey ) {
# ($passHash, $user, $passClear) = split /\x0/, decode_base64($prekey);
# }
# else {
#
# $session->respond(334, encode_base64("User Name:"));
# $user = decode_base64(<>);
# #warn("Debug: User: '$user'");
# if ($user eq '*') {
# $session->respond(501, "Authentification canceled");
# return DECLINED;
# }
#
# $session->respond(334, encode_base64("Password:"));
# $passClear = <>;
# $passClear = decode_base64($passClear);
# #warn("Debug: Pass: '$pass'");
# if ($passClear eq '*') {
# $session->respond(501, "Authentification canceled");
# return DECLINED;
# }
# }
# }
elsif ( $mechanism eq "cram-md5" ) {
# rand() is not cryptographic, but we only need to generate a globally