aboutsummaryrefslogtreecommitdiffstats
path: root/imap.c
diff options
context:
space:
mode:
authorMatthias Andree <matthias.andree@gmx.de>2021-08-26 23:53:14 +0200
committerMatthias Andree <matthias.andree@gmx.de>2021-08-26 23:53:14 +0200
commita2fcf70bd64955d40f72b57a446b0714d9bfb1d6 (patch)
tree241d9e31a2e90c712d5070ed24c627e16844515d /imap.c
parent8001d09a9b418e83771813750532b0a29a89847f (diff)
downloadfetchmail-a2fcf70bd64955d40f72b57a446b0714d9bfb1d6.tar.gz
fetchmail-a2fcf70bd64955d40f72b57a446b0714d9bfb1d6.tar.bz2
fetchmail-a2fcf70bd64955d40f72b57a446b0714d9bfb1d6.zip
IMAP: two more AUTHENTICATE EXTERNAL fixes
Diffstat (limited to 'imap.c')
-rw-r--r--imap.c11
1 files changed, 10 insertions, 1 deletions
diff --git a/imap.c b/imap.c
index f0d9ac95..82f435f4 100644
--- a/imap.c
+++ b/imap.c
@@ -393,8 +393,15 @@ static int capa_probe(int sock, struct query *ctl)
static int do_auth_external (int sock, const char *command, const char *name)
/* do authentication "external" (authentication provided by client cert) */
{
+ /* FIXME: not compliant with RFC 4422 (SASL) without RFC 4959 (SASL-IR)-
+ * does not support the usual server challenge/response
+ */
char buf[256];
+ if (!strstr(capabilities, "SASL-IR")) {
+ report(stderr, GT_("server did not advertise SASL-IR extension but fetchmail's implementation requires it for AUTHENTICATE EXTERNAL\n"));
+ return PS_AUTHFAIL;
+ }
if (name && name[0])
{
size_t len = strlen(name);
@@ -404,7 +411,9 @@ static int do_auth_external (int sock, const char *command, const char *name)
return PS_AUTHFAIL; /* buffer too small. */
}
else
- buf[0]=0;
+ {
+ strcpy(buf, "=");
+ }
return gen_transact(sock, "%s EXTERNAL %s",command,buf);
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 19:44:32 +0000