fix SASL, take 2

USER (the authorization identity) specifies whom to act for.
AUTHNAME (the authentication identity) specifies who is acting (and
thus whose PASS is being used).
USER is derived from AUTHNAME if omitted, but apparently the
GSS-API module automatically adds the REALM, which is not helpful.

it appears to be common to set both USER and AUTHNAME to the same value,
so let's just do it as well.

REFMAIL: 20150407194807.GA1714@leeloo.kyriasis.com
This commit is contained in:
Oswald Buddenhagen 2015-04-09 10:05:45 +02:00
parent 0840026a4b
commit 8dc776c528

View File

@ -1780,6 +1780,7 @@ ensure_password( imap_server_conf_t *srvc )
#ifdef HAVE_LIBSASL
static sasl_callback_t sasl_callbacks[] = {
{ SASL_CB_USER, NULL, NULL },
{ SASL_CB_AUTHNAME, NULL, NULL },
{ SASL_CB_PASS, NULL, NULL },
{ SASL_CB_LIST_END, NULL, NULL }
@ -1794,6 +1795,7 @@ process_sasl_interact( sasl_interact_t *interact, imap_server_conf_t *srvc )
switch (interact->id) {
case SASL_CB_LIST_END:
return 0;
case SASL_CB_USER:
case SASL_CB_AUTHNAME:
val = ensure_user( srvc );
break;