Hello Paride.
Paride Legovini wrote in <a8755ae8-a3b9-fba5-c24a-fbebec0f6c35@ninthfloo\
r.org>:
|Steffen Nurpmeso wrote on 20/06/2019:
|> the patch was reversed; here is the right one.
|
|Just to be sure, is your last "ivan.diff" patch all that's needed to fix
|this bug? I would like to have it fixed in buster, but given that we're
|so deep in the freeze I'll have to ship only a minimal fix for this
|specific bug; an import of a new minor version changing other stuff
|won't be accepted. This will mean patching 14.9.11.
Oh-oh, 14.9.11 is a year old! :) I do not understand that
security policy of Debian, for such a small program with a single
developer. So many bugs fixed! I would even update to [master]
or [stable/stable] and use the grappa mode! Sigh. :)
|The patch doesn't apply cleanly onobs-imap-gssapi.h from v14.9.11 (I did
|fix the paths, of course), but making the same changes manually to
|produce a new patch looks easy. Is it fine if I go this way, or should
|v14.9.11 be patches differently? Of course if you happen to have a patch
|that already applies on v14.9.11 please let me have it!
I had to backport it myself; i have not compiled it, but should
do. Please report any problems Paride, they are real and actual
bugs! I will spin a VM this evening, i have a FreeBSD with
GSSAPI, if i hit any compile error i will send you an update, ok?
With the patch as attached i say, ciao Paride,
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
diff --git a/obs-imap-gssapi.h b/obs-imap-gssapi.h
index 5d314917..70eeca7f 100644
--- a/obs-imap-gssapi.h
+++ b/obs-imap-gssapi.h
@@ -162,10 +162,7 @@ _imap_gssapi(struct mailbox *mp, struct ccred *ccred)
ok = STOP;
f = a_F_NONE;
- { size_t i = strlen(mp->mb_imap_account) +1;
- server = n_autorec_alloc(i);
- memcpy(server, mp->mb_imap_account, i);
- }
+ server = savestr(mp->mb_imap_account);
if (!strncmp(server, "imap://", 7))
server += 7;
else if (!strncmp(server, "imaps://", 8))
@@ -174,9 +171,11 @@ _imap_gssapi(struct mailbox *mp, struct ccred *ccred)
server = &cp[1];
for (cp = server; *cp; cp++)
*cp = lowerconv(*cp);
+
send_tok.value = n_autorec_alloc(
- (send_tok.length = strlen(server) -1 + 5) +1);
- snprintf(send_tok.value, send_tok.length, "imap@%s", server);
+ (send_tok.length = strlen(server) + 5) +1);
+ memcpy(send_tok.value, "imap@", 5);
+ memcpy(&((char*)send_tok.value)[5], server, send_tok.length - 4);
maj_stat = gss_import_name(&min_stat, &send_tok, GSS_C_NT_HOSTBASED_SERVICE,
&target_name);
f |= a_F_TARGET_NAME;
@@ -300,14 +299,13 @@ jebase64:
/* First octet: bit-mask with protection mechanisms (1 = no protection
* mechanism).
* Second to fourth octet: maximum message size in network byte order.
- * Fifth and following octets: user name string.
- */
- o[0] = 1;
- o[1] = 0;
- o[2] = o[3] = (char)0377;
- snprintf(&o[4], sizeof o - 4, "%s", ccred->cc_user.s);
- send_tok.value = o;
- send_tok.length = strlen(&o[4]) -1 + 4;
+ * Fifth and following octets: user name string */
+ in.s = n_autorec_alloc((send_tok.length = 4 + ccred->cc_user.l) +1);
+ memcpy(&in.s[4], ccred->cc_user.s, ccred->cc_user.l +1);
+ in.s[0] = 1;
+ in.s[1] = 0;
+ in.s[2] = in.s[3] = (char)0xFF;
+ send_tok.value = in.s;
maj_stat = gss_wrap(&min_stat, gss_context, 0, GSS_C_QOP_DEFAULT, &send_tok,
&conf_state, &recv_tok);
f |= a_F_RECV_TOK;
