This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GNU gsasl".
http://git.savannah.gnu.org/cgit/gsasl.git/commit/?id=01f511bbbacefe73229c7eef45d4f7059826fde2 The branch, master has been updated via 01f511bbbacefe73229c7eef45d4f7059826fde2 (commit) from 02126f02857777a9f128ce8bfcf8a296e671f8e5 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 01f511bbbacefe73229c7eef45d4f7059826fde2 Author: Simon Josefsson <[email protected]> Date: Wed Mar 28 11:46:09 2012 +0200 gsasl: Let server decide when authentication is complete. ----------------------------------------------------------------------- Summary of changes: NEWS | 5 +++++ src/gsasl.c | 33 ++++++++++++++------------------- src/imap.c | 40 +++++++++++++++++++--------------------- src/smtp.c | 42 +++++++++++++++++++++++------------------- 4 files changed, 61 insertions(+), 59 deletions(-) diff --git a/NEWS b/NEWS index 9dd4cb3..9e91d9c 100644 --- a/NEWS +++ b/NEWS @@ -8,6 +8,11 @@ SASL. That include the manual, the command line tool, and self tests. * Version 1.7.2 (unreleased) [alpha] +** gsasl: The client lets the server decide when authentication is complete. +Before the client quit from the authentication loop when the local +mechanism was finished, but some mechanisms (OPENID20) have optional +additional round-trips. + * Version 1.7.1 (released 2012-02-09) [alpha] ** gsasl: Don't crash after getpass() on Mac OS X. diff --git a/src/gsasl.c b/src/gsasl.c index 1b943e7..5efdd7b 100644 --- a/src/gsasl.c +++ b/src/gsasl.c @@ -229,6 +229,8 @@ step_send (const char *data) return 1; } +/* Return 1 on token, 2 on protocol success, 3 on protocol fail, 0 on + errors. */ static int step_recv (char **data) { @@ -244,17 +246,6 @@ step_recv (char **data) } static int -auth_finish (void) -{ - if (args_info.imap_flag) - return imap_auth_finish (); - if (args_info.smtp_flag) - return smtp_auth_finish (); - - return 1; -} - -static int logout (void) { if (args_info.imap_flag) @@ -670,6 +661,8 @@ main (int argc, char *argv[]) do { + int res2; + res = gsasl_step64 (xctx, in, &out); if (res != GSASL_NEEDS_MORE && res != GSASL_OK) break; @@ -677,9 +670,6 @@ main (int argc, char *argv[]) if (!step_send (out)) return 1; - if (res != GSASL_NEEDS_MORE) - break; - no_client_first: if (!args_info.quiet_given && !args_info.imap_flag && !args_info.smtp_flag) @@ -692,18 +682,23 @@ main (int argc, char *argv[]) "from server (press RET if none):\n")); } - if (!step_recv (&in)) + /* Return 1 on token, 2 on protocol success, 3 on protocol fail, 0 on + errors. */ + res2 = step_recv (&in); + if (!res2) return 1; + if (res2 == 3) + error (EXIT_FAILURE, 0, _("server error")); + if (res2 == 2) + break; } - while (res == GSASL_NEEDS_MORE); + while (args_info.imap_flag || args_info.smtp_flag + || res == GSASL_NEEDS_MORE); if (res != GSASL_OK) error (EXIT_FAILURE, 0, _("mechanism error: %s"), gsasl_strerror (res)); - if (!auth_finish ()) - return 1; - if (!args_info.quiet_given) { if (args_info.server_flag) diff --git a/src/imap.c b/src/imap.c index 6c1c0c4..d297c08 100644 --- a/src/imap.c +++ b/src/imap.c @@ -145,6 +145,8 @@ imap_step_send (const char *data) return 1; } +/* Return 1 on token, 2 on protocol success, 3 on protocol fail, 0 on + errors. */ int imap_step_recv (char **data) { @@ -157,7 +159,23 @@ imap_step_recv (char **data) if (!args_info.server_flag) { - if (p[0] != '+' || p[1] != ' ') + /* skip untagged responses which can be returned by the server after + authentication (e.g. dovecot returns new '* CAPABILITY' information + before the final '. OK'). */ + while (*p == '*') + { + if (!readln (data)) + return 0; + p = *data; + } + + if (strlen (p) >= 4 && strncmp (p, ". OK", 4) == 0) + return 2; + + if (strlen (p) >= 2 && strncmp (p, ". ", 2) == 0) + return 3; + + if (strlen (p) >= 2 && strncmp (p, "+ ", 2) != 0) { fprintf (stderr, _("error: server did not return a token\n")); return 0; @@ -175,26 +193,6 @@ imap_step_recv (char **data) } int -imap_auth_finish (void) -{ - char *in; - - for (;;) - { - if (!readln (&in)) - return 0; - - /* skip untagged responses which can be returned by the server after - authentication (e.g. dovecot returns new '* CAPABILITY' information - before the final '. OK'). */ - if (in[0] != '*') - break; - } - - return 1; -} - -int imap_logout (void) { char *in; diff --git a/src/smtp.c b/src/smtp.c index 649b2c7..4244f1f 100644 --- a/src/smtp.c +++ b/src/smtp.c @@ -152,6 +152,8 @@ smtp_step_send (const char *data) return 1; } +/* Return 1 on token, 2 on protocol success, 3 on protocol fail, 0 on + errors. */ int smtp_step_recv (char **data) { @@ -162,32 +164,34 @@ smtp_step_recv (char **data) p = *data; - if (p[0] != '3' || p[1] != '3' || p[2] != '4' || p[3] != ' ') + if (strlen (p) <= 3) + return 0; + + if (strncmp (p, "334 ", 4) == 0) { - fprintf (stderr, _("error: Server did not return expected SASL " - "data (it must begin with '334 '):\n%s\n"), p); - return 0; - } + memmove (&p[0], &p[4], strlen (p) - 3); - memmove (&p[0], &p[4], strlen (p) - 3); + if (p[strlen (p) - 1] == '\n') + p[strlen (p) - 1] = '\0'; + if (p[strlen (p) - 1] == '\r') + p[strlen (p) - 1] = '\0'; - if (p[strlen (p) - 1] == '\n') - p[strlen (p) - 1] = '\0'; - if (p[strlen (p) - 1] == '\r') - p[strlen (p) - 1] = '\0'; + return 1; + } - return 1; -} + if (strncmp (p, "235 ", 4) == 0) + { + /* Never a token here, we don't support additional server + information on success. */ + return 2; + } -int -smtp_auth_finish (void) -{ - char *in; + if (strncmp (p, "535 ", 4) == 0) + return 3; - if (!readln (&in)) - return 0; + fprintf (stderr, _("error: could not parse server data:\n%s\n"), p); - return 1; + return 0; } int hooks/post-receive -- GNU gsasl _______________________________________________ Gsasl-commit mailing list [email protected] https://lists.gnu.org/mailman/listinfo/gsasl-commit
