From: Stephan Bosch <stephan.bosch@open-xchange.com>
Date: Mon, 30 Nov 2020 18:12:11 +0000 (+0100)
Subject: lib-imap-client: Add support for channel binding
X-Git-Tag: 2.4.0~9
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=e1ca56ea6c972e7b6d4953cc051f543a984e8768;p=thirdparty%2Fdovecot%2Fcore.git

lib-imap-client: Add support for channel binding
---

diff --git a/src/lib-imap-client/imapc-connection.c b/src/lib-imap-client/imapc-connection.c
index 06f2007619..7fb295fa1b 100644
--- a/src/lib-imap-client/imapc-connection.c
+++ b/src/lib-imap-client/imapc-connection.c
@@ -1005,6 +1005,17 @@ imapc_connection_get_sasl_mech(struct imapc_connection *conn,
 	return -1;
 }
 
+static int
+imapc_connection_channel_bind_callback(const char *type, void *context,
+				       const buffer_t **data_r,
+				       const char **error_r)
+{
+	struct imapc_connection *conn = context;
+
+	return ssl_iostream_get_channel_binding(conn->ssl_iostream,
+						type, data_r, error_r);
+}
+
 static void imapc_connection_authenticate(struct imapc_connection *conn)
 {
 	const struct imapc_settings *set = conn->client->set;
@@ -1067,6 +1078,12 @@ static void imapc_connection_authenticate(struct imapc_connection *conn)
 	if (sasl_mech == NULL)
 		sasl_mech = &dsasl_client_mech_plain;
 	conn->sasl_client = dsasl_client_new(sasl_mech, &sasl_set);
+	if (conn->ssl_iostream != NULL) {
+		dsasl_client_enable_channel_binding(
+			conn->sasl_client,
+			ssl_iostream_get_protocol_version(conn->ssl_iostream),
+			imapc_connection_channel_bind_callback, conn);
+	}
 
 	cmd = imapc_connection_cmd(conn, imapc_connection_authenticate_cb, conn);
 	cmd->authenticate = TRUE;