Correctly handle the case where a given AUTH mechanism is requested by a
[stupid] MUA, but isn't implemented with existing auth plugins. Based on patch from Brian Szymanski. git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@660 958fd67b-6ff1-0310-b445-bb7760255be9
This commit is contained in:
parent
3837fabc9f
commit
d218bfea82
2
Changes
2
Changes
@ -1,4 +1,6 @@
|
||||
0.33
|
||||
Do the right thing for unimplemented AUTH mechanisms (Brian Szymanski)
|
||||
|
||||
relay_only plugin for smart relay host. (John Peacock)
|
||||
|
||||
Experimental IPv6 support (forkserver only). (Mike Williams)
|
||||
|
@ -17,7 +17,6 @@ sub SASL {
|
||||
# $DB::single = 1;
|
||||
my ( $session, $mechanism, $prekey ) = @_;
|
||||
my ( $user, $passClear, $passHash, $ticket, $loginas );
|
||||
$mechanism = lc($mechanism);
|
||||
|
||||
if ( $mechanism eq "plain" ) {
|
||||
if (!$prekey) {
|
||||
@ -76,7 +75,8 @@ sub SASL {
|
||||
( $user, $passHash ) = split( ' ', decode_base64($line) );
|
||||
}
|
||||
else {
|
||||
$session->respond( 500, "Unrecognized authentification mechanism" );
|
||||
#this error is now caught in SMTP.pm's sub auth
|
||||
$session->respond( 500, "Internal server error" );
|
||||
return DECLINED;
|
||||
}
|
||||
|
||||
|
@ -1,6 +1,7 @@
|
||||
package Qpsmtpd::SMTP;
|
||||
use Qpsmtpd;
|
||||
@ISA = qw(Qpsmtpd);
|
||||
my %auth_mechanisms = ();
|
||||
|
||||
package Qpsmtpd::SMTP;
|
||||
use strict;
|
||||
@ -206,7 +207,6 @@ sub ehlo {
|
||||
: ();
|
||||
|
||||
# Check for possible AUTH mechanisms
|
||||
my %auth_mechanisms;
|
||||
HOOK: foreach my $hook ( keys %{$self->{hooks}} ) {
|
||||
if ( $hook =~ m/^auth-?(.+)?$/ ) {
|
||||
if ( defined $1 ) {
|
||||
@ -239,10 +239,12 @@ HOOK: foreach my $hook ( keys %{$self->{hooks}} ) {
|
||||
sub auth {
|
||||
my ($self, $line) = @_;
|
||||
my ($rc, $sub) = $self->run_hooks('auth_parse');
|
||||
my ($ok, $arg, @stuff) = Qpsmtpd::Command->parse('auth', $line, $sub);
|
||||
return $self->respond(501, $arg || "Syntax error in command")
|
||||
my ($ok, $mechanism, @stuff) = Qpsmtpd::Command->parse('auth', $line, $sub);
|
||||
return $self->respond(501, $mechanism || "Syntax error in command")
|
||||
unless ($ok == OK);
|
||||
|
||||
$mechanism = lc($mechanism);
|
||||
|
||||
|
||||
#they AUTH'd once already
|
||||
return $self->respond( 503, "but you already said AUTH ..." )
|
||||
@ -254,7 +256,14 @@ sub auth {
|
||||
if ( ($self->config('tls_before_auth'))[0]
|
||||
and $self->transaction->notes('tls_enabled') );
|
||||
|
||||
return $self->{_auth} = Qpsmtpd::Auth::SASL( $self, $arg, @stuff );
|
||||
# if we don't have a plugin implementing this auth mechanism, 504
|
||||
if( exists $auth_mechanisms{$mechanism} ) {
|
||||
return $self->{_auth} = Qpsmtpd::Auth::SASL( $self, $mechanism, @stuff );
|
||||
} else {
|
||||
$self->respond( 504, "Unimplemented authentification mechanism: $mechanism" );
|
||||
return DENY;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
sub mail {
|
||||
|
Loading…
Reference in New Issue
Block a user