byterazor/qpsmtpd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Resolve ticket #38806 (Inadequate validation of authentication data)

Browse Source 
Charlie Brady.

git-svn-id: https://svn.perl.org/qpsmtpd/branches/0.3x@633 958fd67b-6ff1-0310-b445-bb7760255be9
This commit is contained in:
John Peacock 2006-04-07 19:21:10 +00:00
parent 7c6cbdd000
commit ff4e92bb4e
1 changed files with 11 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/Qpsmtpd/Auth.pm
View File

@ -27,11 +27,21 @@ sub SASL {
( $passHash, $user, $passClear ) = split /\x0/,
decode_base64($prekey);
unless ($user && $passClear) {
$session->respond(504, "Invalid authentification string");
return DECLINED;
}
}
elsif ($mechanism eq "login") {
if ( $prekey ) {
($passHash, $user, $passClear) = split /\x0/, decode_base64($prekey);
( $passHash, $user, $passClear ) = split /\x0/,
decode_base64($prekey);
unless ($user && $passClear) {
$session->respond(504, "Invalid authentification string");
return DECLINED;
}
}
else {