diff options
| author | Martin Matuska <mm@FreeBSD.org> | 2007-08-27 09:38:27 +0000 |
|---|---|---|
| committer | Martin Matuska <mm@FreeBSD.org> | 2007-08-27 09:38:27 +0000 |
| commit | 87364062341fdf5f9eae0c712839347ff6b7a86c (patch) | |
| tree | 0f6175a2e4dcc520477c66fc57544aa7379dcb94 /net-im/jabberd/files | |
| parent | 99d701a5a82d4ba3342174295fb728bcd9e6931c (diff) | |
| download | ports-87364062341fdf5f9eae0c712839347ff6b7a86c.tar.gz ports-87364062341fdf5f9eae0c712839347ff6b7a86c.zip | |
- Add bugfix for SASL (SVN changesets 356 + 357)
- Bump PORTREVISION
Tested by: miwi
Notes
Notes:
svn path=/head/; revision=198366
Diffstat (limited to 'net-im/jabberd/files')
| -rw-r--r-- | net-im/jabberd/files/patch-sasl | 78 |
1 files changed, 78 insertions, 0 deletions
diff --git a/net-im/jabberd/files/patch-sasl b/net-im/jabberd/files/patch-sasl new file mode 100644 index 000000000000..f89776fccc0b --- /dev/null +++ b/net-im/jabberd/files/patch-sasl @@ -0,0 +1,78 @@ +Index: sx/sasl_cyrus.c +=================================================================== +--- sx/sasl_cyrus.c (revision 349) ++++ sx/sasl_cyrus.c (working copy) +@@ -745,7 +745,7 @@ + /** process handshake packets from the client */ + static void _sx_sasl_client_process(sx_t s, sx_plugin_t p, char *mech, char *in, int inlen) { + _sx_sasl_data_t sd = (_sx_sasl_data_t) s->plugin_data[p->index]; +- char *buf, *out; ++ char *buf = NULL, *out = NULL; + int buflen, outlen, ret; + + /* decode the response */ +@@ -760,8 +760,15 @@ + /* process the data */ + if(mech != NULL) + ret = sasl_server_start(sd->sasl, mech, buf, buflen, (const char **) &out, &outlen); +- else ++ else { ++ if(!sd->sasl) { ++ _sx_debug(ZONE, "response send before auth request enabling mechanism (decoded: %.*s)", buflen, buf); ++ _sx_nad_write(s, _sx_sasl_failure(s, _sasl_err_MECH_TOO_WEAK), 0); ++ if(buf != NULL) free(buf); ++ return; ++ } + ret = sasl_server_step(sd->sasl, buf, buflen, (const char **) &out, &outlen); ++ } + + if(buf != NULL) free(buf); + +Index: sx/sasl_gsasl.c +=================================================================== +--- sx/sasl_gsasl.c (revision 351) ++++ sx/sasl_gsasl.c (working copy) +@@ -349,16 +349,14 @@ + else { + /* decode and process */ + _sx_sasl_decode(in, inlen, &buf, &buflen); +- _sx_debug(ZONE, "response from client (decoded: %.*s)", buflen, buf); +- ret = gsasl_step(sd, buf, buflen, &out, (size_t *) &outlen); +- if(ret != GSASL_OK && ret != GSASL_NEEDS_MORE) { +- _sx_debug(ZONE, "gsasl_step failed, no sasl for this conn; (%d): %s", ret, gsasl_strerror(ret)); +- _sx_nad_write(s, _sx_sasl_failure(s, _sasl_err_MALFORMED_REQUEST), 0); +- if(out != NULL) free(out); ++ if(!sd) { ++ _sx_debug(ZONE, "response send before auth request enabling mechanism (decoded: %.*s)", buflen, buf); ++ _sx_nad_write(s, _sx_sasl_failure(s, _sasl_err_MECH_TOO_WEAK), 0); + if(buf != NULL) free(buf); + return; + } +- ++ _sx_debug(ZONE, "response from client (decoded: %.*s)", buflen, buf); ++ ret = gsasl_step(sd, buf, buflen, &out, (size_t *) &outlen); + } + + if(buf != NULL) free(buf); +Index: sx/sasl_scod.c +=================================================================== +--- sx/sasl_scod.c (revision 349) ++++ sx/sasl_scod.c (working copy) +@@ -258,10 +258,15 @@ + } + + else { +- _sx_debug(ZONE, "response from client"); +- + /* decode and process */ + _sx_sasl_decode(in, inlen, &buf, &buflen); ++ if(!sd) { ++ _sx_debug(ZONE, "response send before auth request enabling mechanism (decoded: %.*s)", buflen, buf); ++ _sx_nad_write(s, _sx_sasl_failure(s, _sasl_err_MECH_TOO_WEAK), 0); ++ if(buf != NULL) free(buf); ++ return; ++ } ++ _sx_debug(ZONE, "response from client (decoded: %.*s)", buflen, buf); + ret = scod_server_step(sd, buf, buflen, &out, &outlen); + } + |