aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS3
-rw-r--r--gssapi.c2
2 files changed, 4 insertions, 1 deletions
diff --git a/NEWS b/NEWS
index 85fa1f29..a9ef33b6 100644
--- a/NEWS
+++ b/NEWS
@@ -124,6 +124,9 @@ fetchmail-6.4.0 (not yet released):
or that #define OPENSSL_NO_SSL3 inside #include <openssl/ssl.h>
Related to Debian Bug#775255. Fixes Debian Bug #804604.
* Version report lists -SSLv3 on SSL-enabled no-ssl3 builds.
+* Fetchmail no longer adds a NUL byte to the username in GSSAPI authentication.
+ This was reported to break Kerberos-based authentication with Microsoft
+ Exchange 2013 by Greg Hudson.
# KNOWN BUGS AND WORKAROUNDS
(This section floats upwards through the NEWS file so it stays with the
diff --git a/gssapi.c b/gssapi.c
index c2c7d94f..31247e3b 100644
--- a/gssapi.c
+++ b/gssapi.c
@@ -269,7 +269,7 @@ cancelfail:
memcpy(buf1, &buf_size, 4);
buf1[0] = GSSAUTH_P_NONE;
strlcpy(buf1+4, username, sizeof(buf1) - 4); /* server decides if princ is user */
- request_buf.length = 4 + strlen(username) + 1;
+ request_buf.length = 4 + strlen(username);
request_buf.value = buf1;
maj_stat = gss_wrap(&min_stat, context, 0, GSS_C_QOP_DEFAULT, &request_buf,
&cflags, &send_token);
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-22 18:12:22 +0000