Package: mutt
Version: 1.5.11+cvs20060403-1
Severity: normal
Tags: patch
Hi!
When using NTLM(SASL) for authenticating against M$
Exchange Server (its IMAP), mutt fails to auth ("SASL
authentication failed.") and then hangs when "closing
connection to" the server.
Debuglog says:
> imap_auth_sasl: IMAP caps=IMAP4 IMAP4rev1 IDLE LOGIN-REFERRALS
> MAILBOX-REFERRALS NAMESPACE LITERAL+ UIDPLUS CHILDREN AUTH=NTLM
> > a0003 AUTHENTICATE NTLM^M
> < +
> imap_auth_sasl: error base64-decoding server response.
> SASL authentication failed.
...
> > a0004 LOGOUT^M
> < a0003 NO Logon failure: unknown user name or bad password.
You can see that mutt misinterpretes "+\r\n" reply from
server, but server still expects client to send smth.
before beginning challenge. See e.g.:
http://www.irbs.net/internet/cyrus-sasl/0409/0076.html
http://www.irbs.net/internet/cyrus-sasl/0409/0075.html
Both mutt/testing and mutt/unstable are prone to the
bug.
Similar problem is described in:
http://groups.yahoo.com/group/mutt-dev/message/24295
but there reporter claims that mutt hanged _during_
authentication. In my case mutt hangs when exiting
(closing connection).
I've made a patch, built mutt with it and tested
against M$ Exchange -- it works OK.
P.S.
Technically, it's illegal to decode at offset +2 of
buffer without checking how much data is there. There
can be 0, or 1 byte...
// I mean sasl_decode64 (idata->buf+2, ...)
--
WBR,
xrgtn
-- System Information:
Debian Release: testing/unstable
APT prefers testing
APT policy: (990, 'testing'), (500, 'oldstable'), (500, 'unstable'), (500,
'stable'), (1, 'experimental')
Architecture: i386 (i586)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.4.32-grsec
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Versions of packages mutt depends on:
ii libc6 2.3.6-3 GNU C Library: Shared libraries an
ii libdb4.4 4.4.20-3 Berkeley v4.4 Database Libraries [
ii libgnutls12 1.2.9-2 the GNU TLS library - runtime libr
ii libidn11 0.5.18-2 GNU libidn library, implementation
ii libncursesw5 5.5-1 Shared libraries for terminal hand
ii libsasl2 2.1.19-1.9 Authentication abstraction library
ii postfix [mail-transport-agent 2.2.9-1 A high-performance mail transport
Versions of packages mutt recommends:
ii locales 2.3.6-3 GNU C Library: National Language (
ii mime-support 3.36-1 MIME files 'mime.types' & 'mailcap
-- no debconf information
Index: imap/auth_sasl.c
===================================================================
RCS file: /var/lib/cvs/deb/mutt/imap/auth_sasl.c,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 auth_sasl.c
--- imap/auth_sasl.c 11 Apr 2006 15:04:25 -0000 1.1.1.1
+++ imap/auth_sasl.c 12 Apr 2006 20:10:43 -0000
@@ -130,7 +130,21 @@ imap_auth_res_t imap_auth_sasl (IMAP_DAT
if (irc == IMAP_CMD_RESPOND)
{
- if (sasl_decode64 (idata->buf+2, strlen (idata->buf+2), buf,
LONG_STRING-1, &len) != SASL_OK)
+ size_t ilen = strlen(idata->buf);
+ dprint (3, (debugfile, "imap_auth_sasl: decoding idata->buf[%i]=%s\n",
+ ilen, idata->buf));
+ if (ilen == 1 && idata->buf[0] == '+')
+ {
+ /* decode lone "+" on a line as "+" followed by empty base64 value */
+ buf[0] = '\0';
+ len = 0;
+ }
+ else if (ilen < 2)
+ {
+ dprint (1, (debugfile, "imap_auth_sasl: too short server response.\n"));
+ goto bail;
+ }
+ else if (sasl_decode64 (idata->buf+2, ilen-2, buf, LONG_STRING-1, &len)
!= SASL_OK)
{
dprint (1, (debugfile, "imap_auth_sasl: error base64-decoding server
response.\n"));
goto bail;
