Fix for AUTH PLAIN from Michael Holzt <kju@fqdn.org>

git-svn-id: https://svn.perl.org/qpsmtpd/trunk@280 958fd67b-6ff1-0310-b445-bb7760255be9
2004-07-29 14:40:32 +00:00 · 2004-07-29 14:40:32 +00:00 · a204827d0c
commit a204827d0c
parent 2ab4613567
1 changed files with 37 additions and 49 deletions
--- a/lib/Qpsmtpd/Auth.pm
+++ b/lib/Qpsmtpd/Auth.pm
@ -214,6 +214,14 @@ package Qpsmtpd::Auth;
 use Qpsmtpd::Constants;
 use MIME::Base64;

+sub e64
+{
+  my ($arg) = @_;
+  my $res = encode_base64($arg);
+  chomp($res);
+  return($res);
+}
+
 sub Qpsmtpd::SMTP::auth {
    my ( $self, $arg, @stuff ) = @_;

@ -235,59 +243,39 @@ sub SASL {
    $mechanism = lc($mechanism);

    if ( $mechanism eq "plain" ) {
-        if ($prekey) {
+        if (!$prekey) {
+          $session->respond( 334, "Please continue" );
+          $prekey= <>;
+        }
        ( $passHash, $user, $passClear ) = split /\x0/,
          decode_base64($prekey);
+
+    }
+    elsif ($mechanism eq "login") {
+
+        if ( $prekey ) {
+          ($passHash, $user, $passClear) = split /\x0/, decode_base64($prekey);
        }
        else {
    
-            $session->respond( 334, "Username:" );
-
-            # We read the username and password from STDIN
-            $user = <>;
-            chop($user);
-            chop($user);
-            if ( $user eq '*' ) {
-                $session->respond( 501, "Authentification canceled" );
+          $session->respond(334, e64("Username:"));
+          $user = decode_base64(<>);
+          #warn("Debug: User: '$user'");
+          if ($user eq '*') {
+            $session->respond(501, "Authentification canceled");
            return DECLINED;
          }
    
-            $session->respond( 334, "Password:" );
+          $session->respond(334, e64("Password:"));
          $passClear = <>;
-            chop($passClear);
-            chop($passClear);
-            if ( $passClear eq '*' ) {
-                $session->respond( 501, "Authentification canceled" );
+          $passClear = decode_base64($passClear);
+          #warn("Debug: Pass: '$pass'");
+          if ($passClear eq '*') {
+            $session->respond(501, "Authentification canceled");
            return DECLINED;
          }
        }
-
    }
-
-    #  elsif ($mechanism eq "login") {
-    #    if ( $prekey ) {
-    #      ($passHash, $user, $passClear) = split /\x0/, decode_base64($prekey);
-    #    }
-    #    else {
-    #
-    #      $session->respond(334, encode_base64("User Name:"));
-    #      $user = decode_base64(<>);
-    #      #warn("Debug: User: '$user'");
-    #      if ($user eq '*') {
-    #  	$session->respond(501, "Authentification canceled");
-    #  	return DECLINED;
-    #      }
-    #
-    #      $session->respond(334, encode_base64("Password:"));
-    #      $passClear = <>;
-    #      $passClear = decode_base64($passClear);
-    #      #warn("Debug: Pass: '$pass'");
-    #      if ($passClear eq '*') {
-    #  	$session->respond(501, "Authentification canceled");
-    #  	return DECLINED;
-    #      }
-    #    }
-    #  }
    elsif ( $mechanism eq "cram-md5" ) {

        # rand() is not cryptographic, but we only need to generate a globally