Deuxfleurs/aerogramme
15
0
Fork 1
Code Issues 33 Pull requests 1 Projects 11 Releases 5 Wiki Activity

Debug the Dovecot Auth Protocol #95

Merged
quentin merged 3 commits from bug/dovecot-auth-resp into main 2024-02-13 16:13:53 +00:00
Conversation 0 Commits 3 Files changed 3 +2 -1
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit 9377ca3ef4 - Show all commits

3
src/auth.rs
View file

@ -202,11 +202,12 @@ enum State {
const SERVER_MAJOR: u64 = 1; const SERVER_MAJOR: u64 = 1;
const SERVER_MINOR: u64 = 2; const SERVER_MINOR: u64 = 2;
const EMPTY_AUTHZ: &[u8] = &[];
impl State { impl State {
async fn try_auth_plain<'a>(&self, data: &'a [u8], login: &ArcLoginProvider) -> AuthRes { async fn try_auth_plain<'a>(&self, data: &'a [u8], login: &ArcLoginProvider) -> AuthRes {
// Check that we can extract user's login+pass // Check that we can extract user's login+pass
let (ubin, pbin) = match auth_plain(&data) { let (ubin, pbin) = match auth_plain(&data) {
Ok(([], ([], user, pass))) => (user, pass), Ok(([], (authz, user, pass))) if authz == user || authz == EMPTY_AUTHZ => (user, pass),
Ok(_) => { Ok(_) => {
tracing::error!("Impersonating user is not supported"); tracing::error!("Impersonating user is not supported");
return AuthRes::Failed(None, None); return AuthRes::Failed(None, None);