[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Mailutils branch, master, updated. rel-2_1-35-g88c2fc7
From: |
Sergey Poznyakoff |
Subject: |
[SCM] GNU Mailutils branch, master, updated. rel-2_1-35-g88c2fc7 |
Date: |
Tue, 09 Feb 2010 22:49:15 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Mailutils".
http://git.savannah.gnu.org/cgit/mailutils.git/commit/?id=88c2fc773ed17a22beebaabafc9c8ce8ecfc939d
The branch, master has been updated
via 88c2fc773ed17a22beebaabafc9c8ce8ecfc939d (commit)
from 2235ee278c7b50002ba54e0f1e5ae5ef143f5629 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 88c2fc773ed17a22beebaabafc9c8ce8ecfc939d
Author: Sergey Poznyakoff <address@hidden>
Date: Wed Feb 10 00:32:00 2010 +0200
Fix memory override in smtp.c code. Fix ESMTP capability parsing.
* mailbox/base64.c (mu_base64_encode): Make sure output buffer
is null-terminated.
* imap4d/auth_gss.c (auth_gssapi): Assume buffer returned
by mu_base64_encode is null-terminated.
* libproto/mailer/smtp.c (cram_md5): Take challenge_len
as argument. All callers updated.
(smtp_auth): Fix eventual memory override. Assume buffer returned
by mu_base64_encode is nul-terminated.
(smtp_parse_ehlo_ack): Fix capability parsing: (a) do not depend
on the continuation marker ('-' or ' ') and (b) fix parsing of
the SIZE capablity.
Move call to mu_rtrim_cset out of the internal loop.
-----------------------------------------------------------------------
Summary of changes:
imap4d/auth_gss.c | 6 +++---
libproto/mailer/smtp.c | 45 ++++++++++++++++++++++-----------------------
mailbox/base64.c | 8 ++++----
3 files changed, 29 insertions(+), 30 deletions(-)
diff --git a/imap4d/auth_gss.c b/imap4d/auth_gss.c
index a231137..e85c258 100644
--- a/imap4d/auth_gss.c
+++ b/imap4d/auth_gss.c
@@ -192,7 +192,7 @@ auth_gssapi (struct imap4d_command *command,
if (outbuf.length)
{
mu_base64_encode (outbuf.value, outbuf.length, &tmp, &size);
- util_send ("+ %*.*s\r\n", size, size, tmp);
+ util_send ("+ %s\r\n", tmp);
free (tmp);
gss_release_buffer (&min_stat, &outbuf);
}
@@ -212,7 +212,7 @@ auth_gssapi (struct imap4d_command *command,
if (outbuf.length)
{
mu_base64_encode (outbuf.value, outbuf.length, &tmp, &size);
- util_send ("+ %*.*s\r\n", size, size, tmp);
+ util_send ("+ %s\r\n", tmp);
free (tmp);
gss_release_buffer (&min_stat, &outbuf);
imap4d_getline (&token_str, &token_size, &token_len);
@@ -232,7 +232,7 @@ auth_gssapi (struct imap4d_command *command,
}
mu_base64_encode (outbuf.value, outbuf.length, &tmp, &size);
- util_send ("+ %*.*s\r\n", size, size, tmp);
+ util_send ("+ %s\r\n", tmp);
free (tmp);
imap4d_getline (&token_str, &token_size, &token_len);
diff --git a/libproto/mailer/smtp.c b/libproto/mailer/smtp.c
index 07b9db3..32ccb66 100644
--- a/libproto/mailer/smtp.c
+++ b/libproto/mailer/smtp.c
@@ -630,13 +630,13 @@ smtp_starttls (smtp_t smtp)
}
static void
-cram_md5 (char *secret, unsigned char *challenge, unsigned char *digest)
+cram_md5 (char *secret, unsigned char *challenge, size_t challenge_len,
+ unsigned char *digest)
{
struct mu_md5_ctx context;
unsigned char ipad[64];
unsigned char opad[64];
int secret_len;
- int challenge_len;
int i;
if (secret == 0 || challenge == 0)
@@ -766,7 +766,7 @@ smtp_auth (smtp_t smtp)
mu_rtrim_cset (p, "\r\n");
mu_base64_decode ((unsigned char*) p, strlen (p), &chl, &chlen);
- cram_md5 ((char *) mu_secret_password (secret), chl, digest);
+ cram_md5 ((char *) mu_secret_password (secret), chl, chlen, digest);
mu_secret_password_unref (secret);
free (chl);
@@ -776,7 +776,6 @@ smtp_auth (smtp_t smtp)
mu_asnprintf (&buf, &buflen, "%s %s", user, ascii_digest);
buflen = strlen (buf);
mu_base64_encode ((unsigned char*) buf, buflen, &b64buf, &b64buflen);
- b64buf[b64buflen] = '\0';
free (buf);
status = smtp_writeline (smtp, "%s\r\n", b64buf);
@@ -818,7 +817,6 @@ smtp_auth (smtp_t smtp)
buf[c] = '\0';
}
mu_base64_encode ((unsigned char*) buf, buflen, &b64buf, &b64buflen);
- b64buf[b64buflen] = '\0';
free (buf);
status = smtp_writeline (smtp, "AUTH PLAIN %s\r\n", b64buf);
@@ -1398,42 +1396,43 @@ smtp_parse_ehlo_ack (smtp_t smtp)
status = smtp_readline (smtp);
if ((smtp->ptr - smtp->buffer) > 4 && smtp->buffer[3] == '-')
multi = 1;
- if (status == 0)
+ if (status == 0 && memcmp (smtp->buffer, "250", 3) == 0)
{
+ char *capa_str = smtp->buffer + 4;
+
smtp->ptr = smtp->buffer;
- if (!mu_c_strncasecmp (smtp->buffer, "250-STARTTLS", 12))
+ if (!mu_c_strncasecmp (capa_str, "STARTTLS", 8))
smtp->capa |= CAPA_STARTTLS;
- else if (!mu_c_strncasecmp (smtp->buffer, "250-SIZE", 8))
+ else if (!mu_c_strncasecmp (capa_str, "SIZE", 4))
{
+ char *p;
+ size_t n;
+
smtp->capa |= CAPA_SIZE;
- if (smtp->buffer[8] == '=')
- {
- char *p;
- size_t n = strtoul (smtp->buffer + 9, &p, 10);
-
- if (*p != '\n')
- MU_DEBUG1 (smtp->mailer->debug, MU_DEBUG_ERROR,
- "suspicious size declaration: %s",
- smtp->buffer);
- else
- smtp->max_size = n;
- }
+
+ n = strtoul (capa_str + 5, &p, 10);
+ if (*p != '\n')
+ MU_DEBUG1 (smtp->mailer->debug, MU_DEBUG_ERROR,
+ "suspicious size capability: %s",
+ smtp->buffer);
+ else
+ smtp->max_size = n;
}
- else if (!mu_c_strncasecmp (smtp->buffer, "250-AUTH", 8))
+ else if (!mu_c_strncasecmp (capa_str, "AUTH", 4))
{
char *name, *s;
smtp->capa |= CAPA_AUTH;
- for (name = strtok_r (smtp->buffer + 8, " ", &s); name;
+ for (name = strtok_r (capa_str + 5, " ", &s); name;
name = strtok_r (NULL, " ", &s))
{
struct auth_mech_record *mechs = auth_mech_list;
+ mu_rtrim_cset (name, "\r\n");
for (; mechs->name; mechs++)
{
- mu_rtrim_cset (name, "\r\n");
if (!mu_c_strcasecmp (mechs->name, name))
{
smtp->auth_mechs |= mechs->id;
diff --git a/mailbox/base64.c b/mailbox/base64.c
index 4c67a48..65e8f5c 100644
--- a/mailbox/base64.c
+++ b/mailbox/base64.c
@@ -26,11 +26,11 @@
int
mu_base64_encode (const unsigned char *input, size_t input_len,
- unsigned char **output, size_t * output_len)
+ unsigned char **output, size_t *output_len)
{
static char b64tab[] =
"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
- size_t olen = 4 * (input_len + 2) / 3;
+ size_t olen = 4 * (input_len + 2) / 3 + 1;
unsigned char *out = malloc (olen);
if (!out)
@@ -42,7 +42,6 @@ mu_base64_encode (const unsigned char *input, size_t
input_len,
*out++ = b64tab[((input[0] << 4) & 0x30) | (input[1] >> 4)];
*out++ = b64tab[((input[1] << 2) & 0x3c) | (input[2] >> 6)];
*out++ = b64tab[input[2] & 0x3f];
- olen -= 4;
input_len -= 3;
input += 3;
}
@@ -58,12 +57,13 @@ mu_base64_encode (const unsigned char *input, size_t
input_len,
*out++ = '=';
}
*output_len = out - *output;
+ *out = 0;
return 0;
}
int
mu_base64_decode (const unsigned char *input, size_t input_len,
- unsigned char **output, size_t * output_len)
+ unsigned char **output, size_t *output_len)
{
static int b64val[128] = {
-1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1,
hooks/post-receive
--
GNU Mailutils
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Mailutils branch, master, updated. rel-2_1-35-g88c2fc7,
Sergey Poznyakoff <=