shithub: riscv

Download patch

ref: 152159a8297a7595b4455c03361851d354288177
parent: 9b848903e64bc5af8b7d9671f299ba5b8d9ffbf9
author: cinap_lenrek <cinap_lenrek@felloff.net>
date: Wed Mar 22 21:31:35 EDT 2017 

upas/smtp: fix cram-md5 auth, simplify doauth(), check varargs for dBprint()

- smtpcram() was replying with the challenge instead of the response... m(
- simplify doauth, use error string for auth_getuserpasswd() error logging
- enable #pragma varargck for dBprint()


--- a/sys/src/cmd/upas/smtp/smtp.c
+++ b/sys/src/cmd/upas/smtp/smtp.c
@@ -14,6 +14,7 @@
 String*	bangtoat(char*);
 String*	convertheader(String*);
 int	dBprint(char*, ...);
+#pragma varargck argpos dBprint 1
 int	dBputc(int);
 char*	data(String*, Biobuf*, Mx*);
 char*	domainify(char*, char*);
@@ -474,7 +475,9 @@
 	l = dec64((uchar*)ch, sizeof ch, p, strlen(p));
 	ch[l] = 0;
 	n = auth_respond(ch, l, usr, sizeof usr, rbuf, sizeof rbuf, auth_getkey,
-		user?"proto=cram role=client server=%q user=%q":"proto=cram role=client server=%q",
+		user!=nil?
+		"proto=cram role=client server=%q user=%q":
+		"proto=cram role=client server=%q",
 		ds->host, user);
 	if(n == -1)
 		return "cannot find SMTP password";
@@ -485,7 +488,7 @@
 	l = snprint(ubuf, sizeof ubuf, "%s %.*s", usr, n, rbuf);
 	snprint(ebuf, sizeof ebuf, "%.*[", l, ubuf);
 
-	dBprint("%s\r\n", ch);
+	dBprint("%s\r\n", ebuf);
 	if(getreply() != 2)
 		return Retry;
 	return nil;
@@ -494,26 +497,23 @@
 static char *
 doauth(char *methods)
 {
-	static char buf[1024];
-	char *s, *se, *err;
+	char buf[1024], *err;
 	UserPasswd *p;
 	DS ds;
+	int n;
 
 	dialstringparse(farend, &ds);
 	if(strstr(methods, "CRAM-MD5"))
 		return smtpcram(&ds);
-
-	se = buf+sizeof(buf);
-	s = seprint(buf, se, "proto=pass service=smtp server=%q", ds.host);
-	if(user)
-		seprint(s, se, " user=%q", user);
-
-	p = auth_getuserpasswd(nil, "%s", buf);
+	p = auth_getuserpasswd(nil,
+		user!=nil?
+		"proto=pass service=smtp server=%q user=%q":
+		"proto=pass service=smtp server=%q",
+		ds.host, user);
 	if (p == nil) {
-		syslog(0, "smtp.fail", "failed to get userpasswd for %s", buf);
+		syslog(0, "smtp.fail", "failed to get userpasswd: %r");
 		return Giveup;
 	}
-
 	err = Retry;
 	if (strstr(methods, "LOGIN")){
 		dBprint("AUTH LOGIN\r\n");
@@ -520,11 +520,11 @@
 		if (getreply() != 3)
 			goto out;
 
-		dBprint("%.*[\r\n", strlen(p->user), p->user);
+		dBprint("%.*[\r\n", (int)strlen(p->user), p->user);
 		if (getreply() != 3)
 			goto out;
 
-		dBprint("%.*[\r\n", strlen(p->passwd), p->passwd);
+		dBprint("%.*[\r\n", (int)strlen(p->passwd), p->passwd);
 		if (getreply() != 2)
 			goto out;
 
@@ -531,8 +531,9 @@
 		err = nil;
 	}
 	else if (strstr(methods, "PLAIN")){
-		s = seprint(buf, se, "%c%s%c%s", 0, p->user, 0, p->passwd);
-		dBprint("AUTH PLAIN %.*[\r\n", s-buf, buf);
+		n = snprint(buf, sizeof(buf), "%c%s%c%s", 0, p->user, 0, p->passwd);
+		dBprint("AUTH PLAIN %.*[\r\n", n, buf);
+		memset(buf, 0, sizeof(buf));
 		if (getreply() != 2)
 			goto out;
 		err = nil;