summaryrefslogtreecommitdiffstats
path: root/contrib/sendmail/src/sfsasl.c
diff options
context:
space:
mode:
Diffstat (limited to 'contrib/sendmail/src/sfsasl.c')
-rw-r--r--contrib/sendmail/src/sfsasl.c41
1 files changed, 33 insertions, 8 deletions
diff --git a/contrib/sendmail/src/sfsasl.c b/contrib/sendmail/src/sfsasl.c
index ab8aca3..38eb7af 100644
--- a/contrib/sendmail/src/sfsasl.c
+++ b/contrib/sendmail/src/sfsasl.c
@@ -9,10 +9,16 @@
*/
#include <sm/gen.h>
-SM_RCSID("@(#)$Id: sfsasl.c,v 8.98 2004/03/03 19:20:31 ca Exp $")
+SM_RCSID("@(#)$Id: sfsasl.c,v 8.101 2004/12/15 22:45:55 ca Exp $")
#include <stdlib.h>
#include <sendmail.h>
#include <errno.h>
+
+/* allow to disable error handling code just in case... */
+#ifndef DEAL_WITH_ERROR_SSL
+# define DEAL_WITH_ERROR_SSL 1
+#endif /* ! DEAL_WITH_ERROR_SSL */
+
#if SASL
# include "sfsasl.h"
@@ -279,10 +285,29 @@ sasl_write(fp, buf, size)
# else /* SASL >= 20000 */
char *outbuf;
# endif /* SASL >= 20000 */
- unsigned int outlen;
+ unsigned int outlen, *maxencode;
size_t ret = 0, total = 0;
struct sasl_obj *so = (struct sasl_obj *) fp->f_cookie;
+ /*
+ ** Fetch the maximum input buffer size for sasl_encode().
+ ** This can be less than the size set in attemptauth()
+ ** due to a negotation with the other side, e.g.,
+ ** Cyrus IMAP lmtp program sets maxbuf=4096,
+ ** digestmd5 substracts 25 and hence we'll get 4071
+ ** instead of 8192 (MAXOUTLEN).
+ ** Hack (for now): simply reduce the size, callers are (must be)
+ ** able to deal with that and invoke sasl_write() again with
+ ** the rest of the data.
+ ** Note: it would be better to store this value in the context
+ ** after the negotiation.
+ */
+
+ result = sasl_getprop(so->conn, SASL_MAXOUTBUF,
+ (const void **) &maxencode);
+ if (result == SASL_OK && size > *maxencode && *maxencode > 0)
+ size = *maxencode;
+
result = sasl_encode(so->conn, buf,
(unsigned int) size, &outbuf, &outlen);
@@ -580,19 +605,19 @@ tls_read(fp, buf, size)
*/
break;
case SSL_ERROR_SSL:
-#if _FFR_DEAL_WITH_ERROR_SSL
+#if DEAL_WITH_ERROR_SSL
if (r == 0 && errno == 0) /* out of protocol EOF found */
break;
-#endif /* _FFR_DEAL_WITH_ERROR_SSL */
+#endif /* DEAL_WITH_ERROR_SSL */
err = "generic SSL error";
if (LogLevel > 9)
tlslogerr("read");
-#if _FFR_DEAL_WITH_ERROR_SSL
+#if DEAL_WITH_ERROR_SSL
/* avoid repeated calls? */
if (r == 0)
r = -1;
-#endif /* _FFR_DEAL_WITH_ERROR_SSL */
+#endif /* DEAL_WITH_ERROR_SSL */
break;
}
if (err != NULL)
@@ -685,11 +710,11 @@ tls_write(fp, buf, size)
if (LogLevel > 9)
tlslogerr("write");
-#if _FFR_DEAL_WITH_ERROR_SSL
+#if DEAL_WITH_ERROR_SSL
/* avoid repeated calls? */
if (r == 0)
r = -1;
-#endif /* _FFR_DEAL_WITH_ERROR_SSL */
+#endif /* DEAL_WITH_ERROR_SSL */
break;
}
if (err != NULL)
OpenPOWER on IntegriCloud