Correctly handle the case where a given AUTH mechanism is requested by a

[stupid] MUA, but isn't implemented with existing auth plugins. Based on patch from Brian Szymanski. git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@660 958fd67b-6ff1-0310-b445-bb7760255be9
2006-09-22 15:31:28 +00:00 · 2006-09-22 15:31:28 +00:00 · d218bfea82
commit d218bfea82
parent 3837fabc9f
3 changed files with 17 additions and 6 deletions
--- a/2
+++ b/2
@ -1,4 +1,6 @@
 0.33
+  Do the right thing for unimplemented AUTH mechanisms (Brian Szymanski)
+
  relay_only plugin for smart relay host. (John Peacock)

  Experimental IPv6 support (forkserver only). (Mike Williams)
--- a/lib/Qpsmtpd/Auth.pm
+++ b/lib/Qpsmtpd/Auth.pm
@ -17,7 +17,6 @@ sub SASL {
    # $DB::single = 1;
    my ( $session, $mechanism, $prekey ) = @_;
    my ( $user, $passClear, $passHash, $ticket, $loginas );
-    $mechanism = lc($mechanism);

    if ( $mechanism eq "plain" ) {
        if (!$prekey) {
@ -76,7 +75,8 @@ sub SASL {
        ( $user, $passHash ) = split( ' ', decode_base64($line) );
    }
    else {
-        $session->respond( 500, "Unrecognized authentification mechanism" );
+        #this error is now caught in SMTP.pm's sub auth
+        $session->respond( 500, "Internal server error" );
        return DECLINED;
    }

--- a/lib/Qpsmtpd/SMTP.pm
+++ b/lib/Qpsmtpd/SMTP.pm
@ -1,6 +1,7 @@
 package Qpsmtpd::SMTP;
 use Qpsmtpd;
@ISA = qw(Qpsmtpd);
+my %auth_mechanisms = ();

 package Qpsmtpd::SMTP;
 use strict;
@ -206,7 +207,6 @@ sub ehlo {
                        : ();  

    # Check for possible AUTH mechanisms
-    my %auth_mechanisms;
 HOOK: foreach my $hook ( keys %{$self->{hooks}} ) {
        if ( $hook =~ m/^auth-?(.+)?$/ ) {
            if ( defined $1 ) {
@ -239,9 +239,11 @@ HOOK: foreach my $hook ( keys %{$self->{hooks}} ) {
 sub auth {
    my ($self, $line) = @_;
    my ($rc, $sub)    = $self->run_hooks('auth_parse');
-    my ($ok, $arg, @stuff) = Qpsmtpd::Command->parse('auth', $line, $sub);
-    return $self->respond(501, $arg || "Syntax error in command") 
+    my ($ok, $mechanism, @stuff) = Qpsmtpd::Command->parse('auth', $line, $sub);
+    return $self->respond(501, $mechanism || "Syntax error in command") 
      unless ($ok == OK);
+
+    $mechanism = lc($mechanism);
    

    #they AUTH'd once already
@ -254,7 +256,14 @@ sub auth {
      if ( ($self->config('tls_before_auth'))[0] 
      	and $self->transaction->notes('tls_enabled') );

-    return $self->{_auth} = Qpsmtpd::Auth::SASL( $self, $arg, @stuff );
+    # if we don't have a plugin implementing this auth mechanism, 504
+    if( exists $auth_mechanisms{$mechanism} ) {
+      return $self->{_auth} = Qpsmtpd::Auth::SASL( $self, $mechanism, @stuff );
+    } else {
+      $self->respond( 504, "Unimplemented authentification mechanism: $mechanism" );
+      return DENY;
+    } 
+
 }

 sub mail {