Fix POP3 SASL authentication mechanism DIGEST-MD5. (closes #3862)

sasl_client_step() returns SASL_OK after the fourth step: server auth
confirmation.  However, the protocol requires the client send one more
blank line to the server, to which the server then replies with "+OK".
See https://tools.ietf.org/html/rfc5034#section-6.

The code currently only sends a final response if sasl_client_step
returns data to send.  Change it to always send a final client message
after the SASL_OK.

diff --git a/pop_auth.c b/pop_auth.c
index 8d8650e10c22a108989f050b212075b664464739..9eb080c8100933e7b78589ccf1ac1e9c0900d716 100644 (file)
--- a/pop_auth.c
+++ b/pop_auth.c
@@ -121,7 +121,7 @@ static pop_auth_res_t pop_auth_sasl (POP_DATA *pop_data, const char *method)
       client_start = 0;
     }
 
-    if (rc != SASL_CONTINUE && (olen == 0 || rc != SASL_OK))
+    if (rc != SASL_CONTINUE && rc != SASL_OK)
       break;
 
     /* send out response, or line break if none needed */