@ -2273,6 +2273,7 @@ imap_open_store_authenticate2( imap_store_t *ctx )
# ifdef HAVE_LIBSASL # ifdef HAVE_LIBSASL
const char * saslavail ; const char * saslavail ;
char saslmechs [ 1024 ] , * saslend = saslmechs ; char saslmechs [ 1024 ] , * saslend = saslmechs ;
int want_external = 0 ;
# endif # endif
// Ensure that there are no leftovers from previous runs. This is needed in case
// Ensure that there are no leftovers from previous runs. This is needed in case
@ -2308,6 +2309,9 @@ imap_open_store_authenticate2( imap_store_t *ctx )
* saslend + + = ' ' ; * saslend + + = ' ' ;
memcpy ( saslend , cmech - > string , len + 1 ) ; memcpy ( saslend , cmech - > string , len + 1 ) ;
saslend + = len ; saslend + = len ;
if ( ! strcasecmp ( cmech - > string , " EXTERNAL " ) )
want_external = 1 ;
# endif # endif
} }
} }
@ -2343,6 +2347,18 @@ imap_open_store_authenticate2( imap_store_t *ctx )
goto bail ; goto bail ;
} }
// The built-in EXTERNAL mechanism wants the authentication id to be set
// even before instantiation; consequently it won't prompt for it, either.
// While this clearly makes sense on the server side, it arguably does not
// on the client side. Ah, well ...
if ( want_external & & ensure_user ( srvc ) ) {
rc = sasl_setprop ( ctx - > sasl , SASL_AUTH_EXTERNAL , srvc - > user ) ;
if ( rc ! = SASL_OK ) {
error ( " Error setting SASL authentication id: %s \n " , sasl_errdetail ( ctx - > sasl ) ) ;
goto bail ;
}
}
rc = sasl_client_start ( ctx - > sasl , saslmechs + 1 , & interact , CAP ( SASLIR ) ? & out : NULL , & out_len , & gotmech ) ; rc = sasl_client_start ( ctx - > sasl , saslmechs + 1 , & interact , CAP ( SASLIR ) ? & out : NULL , & out_len , & gotmech ) ;
if ( rc = = SASL_NOMECH ) if ( rc = = SASL_NOMECH )
goto notsasl ; goto notsasl ;
Anton Khirnov
4 years ago
committed by
Oswald Buddenhagen