Set SASL_IP_{LOCAL,REMOTE} properties - needed for krb4 support;

from yak@MIT.EDU.

diff --git a/imap/auth_sasl.c b/imap/auth_sasl.c
index d1c5c904dcb71f1d083777587b91489cc063f2f5..d1bc0d2000585302eab484077f6d0e2b64c70501 100644 (file)
--- a/imap/auth_sasl.c
+++ b/imap/auth_sasl.c
@@ -23,6 +23,9 @@
 #include "imap_private.h"
 #include "auth.h"
 
+#include <netinet/in.h>
+#include <netdb.h>
+
 #include <sasl.h>
 #include <saslutil.h>
 
@@ -53,6 +56,30 @@ imap_auth_res_t imap_auth_sasl (IMAP_DATA* idata)
     return IMAP_AUTH_FAILURE;
   }
 
+  /*** set sasl IP properties, necessary for use with krb4 ***/
+  {
+    struct sockaddr_in local, remote;
+    int r, size;
+
+    size = sizeof(local);
+    r = getsockname(idata->conn->fd, &local, &size);
+    if (r!=0) return IMAP_AUTH_FAILURE;
+
+    size = sizeof(remote);
+    r = getpeername(idata->conn->fd, &remote, &size);
+    if (r!=0) return IMAP_AUTH_FAILURE;
+
+#ifdef SASL_IP_LOCAL
+    r = sasl_setprop(saslconn, SASL_IP_LOCAL, &local);
+    if (r!=0) return IMAP_AUTH_FAILURE;
+#endif
+
+#ifdef SASL_IP_REMOTE
+    r = sasl_setprop(saslconn, SASL_IP_REMOTE, &remote);
+    if (r!=0) return IMAP_AUTH_FAILURE;
+#endif
+  }
+
   /* hack for SASL ANONYMOUS support:
    * 1. Fetch username. If it's "" or "anonymous" then
    * 2. attempt sasl_client_start with only "AUTH=ANONYMOUS" capability