X-Git-Url: https://diplodocus.org/git/nmh/blobdiff_plain/55f65ae2d3baf60396d3359db952460939de03ca..02750a618d5bf4b271ef6dade1250d6d178e43ff:/mts/smtp/smtp.c diff --git a/mts/smtp/smtp.c b/mts/smtp/smtp.c index 3e8f3246..e4522f4a 100644 --- a/mts/smtp/smtp.c +++ b/mts/smtp/smtp.c @@ -142,13 +142,12 @@ static int tls_active = 0; static char *sm_noreply = "No reply text given"; static char *sm_moreply = "; "; - -struct smtp sm_reply; /* global... */ +static struct smtp sm_reply; #define MAXEHLO 20 static int doingEHLO; -char *EHLOkeys[MAXEHLO + 1]; +static char *EHLOkeys[MAXEHLO + 1]; /* * static prototypes @@ -481,8 +480,6 @@ sendmail_init (char *client, char *server, int watch, int verbose, vec[vecp++] = "-ov"; vec[vecp++] = NULL; - setgid (getegid ()); - setuid (geteuid ()); execvp (sendmail, vec); fprintf (stderr, "unable to exec "); perror (sendmail); @@ -818,7 +815,7 @@ sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost) sasl_security_properties_t secprops; sasl_ssf_t *ssf; int *outbufmax; - char *pass = NULL; + struct nmh_creds creds = { 0, 0, 0 }; /* * Initialize the callback contexts @@ -854,12 +851,15 @@ sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost) strncpy(host, inhost, sizeof(host) - 1); } - callbacks[SM_SASL_N_CB_USER].context = user; - callbacks[SM_SASL_N_CB_AUTHNAME].context = user; + nmh_get_credentials (host, user, 0, &creds); + /* It's OK to copy the creds pointers here. The callbacks that + use them will only be called before this function returns. */ + callbacks[SM_SASL_N_CB_USER].context = creds.user; + callbacks[SM_SASL_N_CB_AUTHNAME].context = creds.user; sasl_pw_context[0] = host; - sasl_pw_context[1] = user; - sasl_pw_context[2] = pass; + sasl_pw_context[1] = creds.user; + sasl_pw_context[2] = creds.password; callbacks[SM_SASL_N_CB_PASS].context = sasl_pw_context; @@ -960,7 +960,6 @@ sm_auth_sasl(char *user, int saslssf, char *mechlist, char *inhost) } else { result = sasl_decode64(sm_reply.text, sm_reply.length, outbuf, sizeof(outbuf), &outlen); - if (result != SASL_OK) { smtalk(SM_AUTH, "*"); sm_ierror("SASL base64 decode failed: %s",