From: Stephan Bosch Date: Wed, 3 Sep 2025 16:08:47 +0000 (+0200) Subject: lib-sasl: sasl-common - Add definitions for SASL mechanism names and use them X-Git-Tag: 2.4.2~204 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=f34640d971727f1c4516be0db0399fb3619c4e32;p=thirdparty%2Fdovecot%2Fcore.git lib-sasl: sasl-common - Add definitions for SASL mechanism names and use them --- diff --git a/src/auth/auth-sasl-mech-oauth2.c b/src/auth/auth-sasl-mech-oauth2.c index e9b81055f8..c6a42d9fd5 100644 --- a/src/auth/auth-sasl-mech-oauth2.c +++ b/src/auth/auth-sasl-mech-oauth2.c @@ -173,8 +173,8 @@ void auth_sasl_oauth2_initialize(void) { const char *mech, *error; array_foreach_elem(&global_auth_settings->mechanisms, mech) { - if (strcasecmp(mech, mech_xoauth2.name) == 0 || - strcasecmp(mech, mech_oauthbearer.name) == 0) { + if (strcasecmp(mech, SASL_MECH_NAME_OAUTHBEARER) == 0 || + strcasecmp(mech, SASL_MECH_NAME_XOAUTH2) == 0) { if (db_oauth2_init(auth_event, FALSE, &db_oauth2, &error) < 0) i_fatal("Cannot initialize oauth2: %s", error); diff --git a/src/auth/auth-sasl.c b/src/auth/auth-sasl.c index cc0eb14f64..cb5999fb65 100644 --- a/src/auth/auth-sasl.c +++ b/src/auth/auth-sasl.c @@ -424,7 +424,7 @@ mech_register_init(const struct auth_settings *set) array_foreach_elem(&set->mechanisms, name) { name = t_str_ucase(name); - if (strcmp(name, "ANONYMOUS") == 0) { + if (strcmp(name, SASL_MECH_NAME_ANONYMOUS) == 0) { if (*set->anonymous_username == '\0') { i_fatal("ANONYMOUS listed in mechanisms, " "but anonymous_username not set"); diff --git a/src/auth/sasl-server-mech-anonymous.c b/src/auth/sasl-server-mech-anonymous.c index 60a1825d1e..95c776f34c 100644 --- a/src/auth/sasl-server-mech-anonymous.c +++ b/src/auth/sasl-server-mech-anonymous.c @@ -25,7 +25,7 @@ static const struct sasl_server_mech_funcs mech_anonymous_funcs = { }; const struct sasl_server_mech_def mech_anonymous = { - .name = "ANONYMOUS", + .name = SASL_MECH_NAME_ANONYMOUS, .flags = SASL_MECH_SEC_ANONYMOUS | SASL_MECH_SEC_ALLOW_NULS, .passdb_need = SASL_MECH_PASSDB_NEED_NOTHING, diff --git a/src/auth/sasl-server-mech-cram-md5.c b/src/auth/sasl-server-mech-cram-md5.c index ee71c273aa..f609b46293 100644 --- a/src/auth/sasl-server-mech-cram-md5.c +++ b/src/auth/sasl-server-mech-cram-md5.c @@ -180,7 +180,7 @@ static const struct sasl_server_mech_funcs mech_cram_md5_funcs = { }; const struct sasl_server_mech_def mech_cram_md5 = { - .name = "CRAM-MD5", + .name = SASL_MECH_NAME_CRAM_MD5, .flags = SASL_MECH_SEC_DICTIONARY | SASL_MECH_SEC_ACTIVE, .passdb_need = SASL_MECH_PASSDB_NEED_VERIFY_RESPONSE, diff --git a/src/auth/sasl-server-mech-digest-md5.c b/src/auth/sasl-server-mech-digest-md5.c index ef6b24ec7a..37ca46a3e9 100644 --- a/src/auth/sasl-server-mech-digest-md5.c +++ b/src/auth/sasl-server-mech-digest-md5.c @@ -611,7 +611,7 @@ static const struct sasl_server_mech_funcs mech_digest_md5_funcs = { }; const struct sasl_server_mech_def mech_digest_md5 = { - .name = "DIGEST-MD5", + .name = SASL_MECH_NAME_DIGEST_MD5, .flags = SASL_MECH_SEC_DICTIONARY | SASL_MECH_SEC_ACTIVE | SASL_MECH_SEC_MUTUAL_AUTH, diff --git a/src/auth/sasl-server-mech-external.c b/src/auth/sasl-server-mech-external.c index 2a7ac27154..3454855230 100644 --- a/src/auth/sasl-server-mech-external.c +++ b/src/auth/sasl-server-mech-external.c @@ -34,7 +34,7 @@ static const struct sasl_server_mech_funcs mech_external_funcs = { }; const struct sasl_server_mech_def mech_external = { - .name = "EXTERNAL", + .name = SASL_MECH_NAME_EXTERNAL, .flags = 0, .passdb_need = SASL_MECH_PASSDB_NEED_VERIFY_PLAIN, diff --git a/src/auth/sasl-server-mech-gssapi.c b/src/auth/sasl-server-mech-gssapi.c index d15cf08456..07091fe4fc 100644 --- a/src/auth/sasl-server-mech-gssapi.c +++ b/src/auth/sasl-server-mech-gssapi.c @@ -680,7 +680,7 @@ static const struct sasl_server_mech_funcs mech_gssapi_funcs = { }; const struct sasl_server_mech_def mech_gssapi = { - .name = "GSSAPI", + .name = SASL_MECH_NAME_GSSAPI, .flags = SASL_MECH_SEC_ALLOW_NULS, .passdb_need = SASL_MECH_PASSDB_NEED_NOTHING, @@ -692,7 +692,7 @@ const struct sasl_server_mech_def mech_gssapi = { internally. Nothing else needs to be done here. Note, however, that this does not support SPNEGO when the only available credential is NTLM. */ const struct sasl_server_mech_def mech_gssapi_spnego = { - .name = "GSS-SPNEGO", + .name = SASL_MECH_NAME_GSS_SPNEGO, .flags = SASL_MECH_SEC_ALLOW_NULS, .passdb_need = SASL_MECH_PASSDB_NEED_NOTHING, diff --git a/src/auth/sasl-server-mech-login.c b/src/auth/sasl-server-mech-login.c index 58fb246c0f..873be0e383 100644 --- a/src/auth/sasl-server-mech-login.c +++ b/src/auth/sasl-server-mech-login.c @@ -57,7 +57,7 @@ static const struct sasl_server_mech_funcs mech_login_funcs = { }; const struct sasl_server_mech_def mech_login = { - .name = "LOGIN", + .name = SASL_MECH_NAME_LOGIN, .flags = SASL_MECH_SEC_PLAINTEXT, .passdb_need = SASL_MECH_PASSDB_NEED_VERIFY_PLAIN, diff --git a/src/auth/sasl-server-mech-oauth2.c b/src/auth/sasl-server-mech-oauth2.c index 711a0fdf94..c8b6b3b7de 100644 --- a/src/auth/sasl-server-mech-oauth2.c +++ b/src/auth/sasl-server-mech-oauth2.c @@ -320,7 +320,7 @@ static const struct sasl_server_mech_funcs mech_oauthbearer_funcs = { }; const struct sasl_server_mech_def mech_oauthbearer = { - .name = "OAUTHBEARER", + .name = SASL_MECH_NAME_OAUTHBEARER, /* while this does not transfer plaintext password, the token is still considered as password */ @@ -337,7 +337,7 @@ static const struct sasl_server_mech_funcs mech_xoauth2_funcs = { }; const struct sasl_server_mech_def mech_xoauth2 = { - .name = "XOAUTH2", + .name = SASL_MECH_NAME_XOAUTH2, .flags = SASL_MECH_SEC_PLAINTEXT, .passdb_need = 0, diff --git a/src/auth/sasl-server-mech-otp.c b/src/auth/sasl-server-mech-otp.c index 182ac21295..c726d6f5f3 100644 --- a/src/auth/sasl-server-mech-otp.c +++ b/src/auth/sasl-server-mech-otp.c @@ -319,7 +319,7 @@ static const struct sasl_server_mech_funcs mech_otp_funcs = { }; const struct sasl_server_mech_def mech_otp = { - .name = "OTP", + .name = SASL_MECH_NAME_OTP, .flags = SASL_MECH_SEC_DICTIONARY | SASL_MECH_SEC_ACTIVE | SASL_MECH_SEC_ALLOW_NULS, diff --git a/src/auth/sasl-server-mech-plain.c b/src/auth/sasl-server-mech-plain.c index ecee61e251..2959ab8d49 100644 --- a/src/auth/sasl-server-mech-plain.c +++ b/src/auth/sasl-server-mech-plain.c @@ -68,7 +68,7 @@ static const struct sasl_server_mech_funcs mech_plain_funcs = { }; const struct sasl_server_mech_def mech_plain = { - .name = "PLAIN", + .name = SASL_MECH_NAME_PLAIN, .flags = SASL_MECH_SEC_PLAINTEXT | SASL_MECH_SEC_ALLOW_NULS, .passdb_need = SASL_MECH_PASSDB_NEED_VERIFY_PLAIN, diff --git a/src/auth/sasl-server-mech-scram.c b/src/auth/sasl-server-mech-scram.c index a94fc0702d..6a54483804 100644 --- a/src/auth/sasl-server-mech-scram.c +++ b/src/auth/sasl-server-mech-scram.c @@ -239,7 +239,7 @@ static const struct sasl_server_mech_funcs mech_scram_sha1_funcs = { }; const struct sasl_server_mech_def mech_scram_sha1 = { - .name = "SCRAM-SHA-1", + .name = SASL_MECH_NAME_SCRAM_SHA_1, .flags = SASL_MECH_SEC_MUTUAL_AUTH, .passdb_need = SASL_MECH_PASSDB_NEED_LOOKUP_CREDENTIALS, @@ -248,7 +248,7 @@ const struct sasl_server_mech_def mech_scram_sha1 = { }; const struct sasl_server_mech_def mech_scram_sha1_plus = { - .name = "SCRAM-SHA-1-PLUS", + .name = SASL_MECH_NAME_SCRAM_SHA_1_PLUS, .flags = SASL_MECH_SEC_MUTUAL_AUTH | SASL_MECH_SEC_CHANNEL_BINDING, .passdb_need = SASL_MECH_PASSDB_NEED_LOOKUP_CREDENTIALS, @@ -264,7 +264,7 @@ static const struct sasl_server_mech_funcs mech_scram_sha256_funcs = { }; const struct sasl_server_mech_def mech_scram_sha256 = { - .name = "SCRAM-SHA-256", + .name = SASL_MECH_NAME_SCRAM_SHA_256, .flags = SASL_MECH_SEC_MUTUAL_AUTH, .passdb_need = SASL_MECH_PASSDB_NEED_LOOKUP_CREDENTIALS, @@ -273,7 +273,7 @@ const struct sasl_server_mech_def mech_scram_sha256 = { }; const struct sasl_server_mech_def mech_scram_sha256_plus = { - .name = "SCRAM-SHA-256-PLUS", + .name = SASL_MECH_NAME_SCRAM_SHA_256_PLUS, .flags = SASL_MECH_SEC_MUTUAL_AUTH | SASL_MECH_SEC_CHANNEL_BINDING, .passdb_need = SASL_MECH_PASSDB_NEED_LOOKUP_CREDENTIALS, diff --git a/src/auth/sasl-server-mech-winbind.c b/src/auth/sasl-server-mech-winbind.c index 509cb88736..5d84cfcbec 100644 --- a/src/auth/sasl-server-mech-winbind.c +++ b/src/auth/sasl-server-mech-winbind.c @@ -346,7 +346,7 @@ static const struct sasl_server_mech_funcs mech_winbind_ntlm_funcs = { }; const struct sasl_server_mech_def mech_winbind_ntlm = { - .name = "NTLM", + .name = SASL_MECH_NAME_NTLM, .flags = SASL_MECH_SEC_DICTIONARY | SASL_MECH_SEC_ACTIVE | SASL_MECH_SEC_ALLOW_NULS, @@ -362,7 +362,7 @@ static const struct sasl_server_mech_funcs mech_winbind_spnego_funcs = { }; const struct sasl_server_mech_def mech_winbind_spnego = { - .name = "GSS-SPNEGO", + .name = SASL_MECH_NAME_GSS_SPNEGO, .flags = SASL_MECH_SEC_ALLOW_NULS, .passdb_need = SASL_MECH_PASSDB_NEED_NOTHING, diff --git a/src/auth/test-auth-request-fields.c b/src/auth/test-auth-request-fields.c index 25096d280f..e9c7758539 100644 --- a/src/auth/test-auth-request-fields.c +++ b/src/auth/test-auth-request-fields.c @@ -144,16 +144,20 @@ static void test_auth_request_fields_secured(void) static void test_auth_request_export_import(void) { - struct auth_request *request_a = test_auth_request_init(mech_module_find("PLAIN")); + struct auth_request *request_a = + test_auth_request_init(mech_module_find(SASL_MECH_NAME_PLAIN)); string_t *exported_a = t_str_new(128); string_t *exported_b = t_str_new(128); request_a->passdb_success = TRUE; - auth_request_set_field(request_a, "event_brand with fun = \" values", "this = has _ fun \t values \"", "PLAIN"); + auth_request_set_field(request_a, "event_brand with fun = \" values", + "this = has _ fun \t values \"", + SASL_MECH_NAME_PLAIN); auth_request_export(request_a, exported_a); test_auth_request_deinit(request_a); /* then import it */ - struct auth_request *request_b = test_auth_request_init(mech_module_find("PLAIN")); + struct auth_request *request_b = + test_auth_request_init(mech_module_find(SASL_MECH_NAME_PLAIN)); const char *const *args = t_strsplit_tabescaped(str_c(exported_a)); for (; *args != NULL; args++) { const char *value = strchr(*args, '='); diff --git a/src/imap-login/client-authenticate.c b/src/imap-login/client-authenticate.c index c063f1bf07..c45b558ac7 100644 --- a/src/imap-login/client-authenticate.c +++ b/src/imap-login/client-authenticate.c @@ -214,5 +214,6 @@ int cmd_login(struct imap_client *imap_client, const struct imap_arg *args) base64 = t_buffer_create(MAX_BASE64_ENCODED_SIZE(plain_login->used)); base64_encode(plain_login->data, plain_login->used, base64); - return imap_client_auth_begin(imap_client, "PLAIN", str_c(base64)); + return imap_client_auth_begin(imap_client, SASL_MECH_NAME_PLAIN, + str_c(base64)); } diff --git a/src/imap-login/imap-login-client.c b/src/imap-login/imap-login-client.c index 4e89ec0ae8..83c65f32e3 100644 --- a/src/imap-login/imap-login-client.c +++ b/src/imap-login/imap-login-client.c @@ -77,7 +77,8 @@ bool client_handle_parser_error(struct imap_client *client, static bool is_login_cmd_disabled(struct client *client) { if (client->connection_secured) { - if (sasl_server_find_available_mech(client, "PLAIN") == NULL) { + if (sasl_server_find_available_mech( + client, SASL_MECH_NAME_PLAIN) == NULL) { /* no PLAIN authentication, can't use LOGIN command */ return TRUE; } diff --git a/src/lib-auth-client/auth-client-connection.c b/src/lib-auth-client/auth-client-connection.c index 8e6bb8ab18..500d1fec7c 100644 --- a/src/lib-auth-client/auth-client-connection.c +++ b/src/lib-auth-client/auth-client-connection.c @@ -73,7 +73,7 @@ auth_server_input_mech(struct auth_client_connection *conn, i_zero(&mech_desc); mech_desc.name = p_strdup(conn->pool, args[0]); - if (strcmp(mech_desc.name, "PLAIN") == 0) + if (strcmp(mech_desc.name, SASL_MECH_NAME_PLAIN) == 0) conn->has_plain_mech = TRUE; for (args++; *args != NULL; args++) { diff --git a/src/lib-sasl/dsasl-client-private.h b/src/lib-sasl/dsasl-client-private.h index fc3982ea0f..4bdc16cedb 100644 --- a/src/lib-sasl/dsasl-client-private.h +++ b/src/lib-sasl/dsasl-client-private.h @@ -1,6 +1,7 @@ #ifndef DSASL_CLIENT_PRIVATE_H #define DSASL_CLIENT_PRIVATE_H +#include "sasl-common.h" #include "dsasl-client.h" enum dsasl_mech_security_flags { diff --git a/src/lib-sasl/mech-anonymous.c b/src/lib-sasl/mech-anonymous.c index bab0b7f467..3c6a791a16 100644 --- a/src/lib-sasl/mech-anonymous.c +++ b/src/lib-sasl/mech-anonymous.c @@ -46,7 +46,7 @@ mech_anonymous_output(struct dsasl_client *_client, } const struct dsasl_client_mech dsasl_client_mech_anonymous = { - .name = "ANONYMOUS", + .name = SASL_MECH_NAME_ANONYMOUS, .struct_size = sizeof(struct anonymous_dsasl_client), .flags = DSASL_MECH_SEC_NO_PASSWORD, diff --git a/src/lib-sasl/mech-external.c b/src/lib-sasl/mech-external.c index 5606fc0d5e..b2efd07f11 100644 --- a/src/lib-sasl/mech-external.c +++ b/src/lib-sasl/mech-external.c @@ -51,7 +51,7 @@ mech_external_output(struct dsasl_client *_client, } const struct dsasl_client_mech dsasl_client_mech_external = { - .name = "EXTERNAL", + .name = SASL_MECH_NAME_EXTERNAL, .struct_size = sizeof(struct external_dsasl_client), .flags = DSASL_MECH_SEC_NO_PASSWORD, diff --git a/src/lib-sasl/mech-login.c b/src/lib-sasl/mech-login.c index 1b39d809d8..9cefc835f3 100644 --- a/src/lib-sasl/mech-login.c +++ b/src/lib-sasl/mech-login.c @@ -67,7 +67,7 @@ mech_login_output(struct dsasl_client *_client, } const struct dsasl_client_mech dsasl_client_mech_login = { - .name = "LOGIN", + .name = SASL_MECH_NAME_LOGIN, .struct_size = sizeof(struct login_dsasl_client), .input = mech_login_input, diff --git a/src/lib-sasl/mech-oauthbearer.c b/src/lib-sasl/mech-oauthbearer.c index 9e92487962..6b8d81f84a 100644 --- a/src/lib-sasl/mech-oauthbearer.c +++ b/src/lib-sasl/mech-oauthbearer.c @@ -199,7 +199,7 @@ mech_oauthbearer_get_result(struct dsasl_client *_client, const char *key, } const struct dsasl_client_mech dsasl_client_mech_oauthbearer = { - .name = "OAUTHBEARER", + .name = SASL_MECH_NAME_OAUTHBEARER, .struct_size = sizeof(struct oauthbearer_dsasl_client), .input = mech_oauthbearer_input, @@ -209,7 +209,7 @@ const struct dsasl_client_mech dsasl_client_mech_oauthbearer = { }; const struct dsasl_client_mech dsasl_client_mech_xoauth2 = { - .name = "XOAUTH2", + .name = SASL_MECH_NAME_XOAUTH2, .struct_size = sizeof(struct oauthbearer_dsasl_client), .input = mech_oauthbearer_input, diff --git a/src/lib-sasl/mech-plain.c b/src/lib-sasl/mech-plain.c index e755fe498b..cdb0d331f5 100644 --- a/src/lib-sasl/mech-plain.c +++ b/src/lib-sasl/mech-plain.c @@ -62,7 +62,7 @@ mech_plain_output(struct dsasl_client *_client, } const struct dsasl_client_mech dsasl_client_mech_plain = { - .name = "PLAIN", + .name = SASL_MECH_NAME_PLAIN, .struct_size = sizeof(struct plain_dsasl_client), .input = mech_plain_input, diff --git a/src/lib-sasl/mech-scram.c b/src/lib-sasl/mech-scram.c index 8b89ec59ab..6024042661 100644 --- a/src/lib-sasl/mech-scram.c +++ b/src/lib-sasl/mech-scram.c @@ -143,7 +143,7 @@ static void mech_scram_free(struct dsasl_client *client) } const struct dsasl_client_mech dsasl_client_mech_scram_sha_1 = { - .name = "SCRAM-SHA-1", + .name = SASL_MECH_NAME_SCRAM_SHA_1, .struct_size = sizeof(struct scram_dsasl_client), .input = mech_scram_input, @@ -152,7 +152,7 @@ const struct dsasl_client_mech dsasl_client_mech_scram_sha_1 = { }; const struct dsasl_client_mech dsasl_client_mech_scram_sha_1_plus = { - .name = "SCRAM-SHA-1-PLUS", + .name = SASL_MECH_NAME_SCRAM_SHA_1_PLUS, .struct_size = sizeof(struct scram_dsasl_client), .input = mech_scram_input, @@ -161,7 +161,7 @@ const struct dsasl_client_mech dsasl_client_mech_scram_sha_1_plus = { }; const struct dsasl_client_mech dsasl_client_mech_scram_sha_256 = { - .name = "SCRAM-SHA-256", + .name = SASL_MECH_NAME_SCRAM_SHA_256, .struct_size = sizeof(struct scram_dsasl_client), .input = mech_scram_input, @@ -170,7 +170,7 @@ const struct dsasl_client_mech dsasl_client_mech_scram_sha_256 = { }; const struct dsasl_client_mech dsasl_client_mech_scram_sha_256_plus = { - .name = "SCRAM-SHA-256-PLUS", + .name = SASL_MECH_NAME_SCRAM_SHA_256_PLUS, .struct_size = sizeof(struct scram_dsasl_client), .input = mech_scram_input, diff --git a/src/lib-sasl/sasl-common.h b/src/lib-sasl/sasl-common.h index 210dfc55c1..d51c7ea31b 100644 --- a/src/lib-sasl/sasl-common.h +++ b/src/lib-sasl/sasl-common.h @@ -1,6 +1,10 @@ #ifndef SASL_COMMON_H #define SASL_COMMON_H +/* + * Mechanism security flags + */ + enum sasl_mech_security_flags { /* Don't advertise this as available SASL mechanism (eg. APOP) */ SASL_MECH_SEC_PRIVATE = 0x0001, @@ -22,4 +26,26 @@ enum sasl_mech_security_flags { SASL_MECH_SEC_CHANNEL_BINDING = 0x0100, }; +/* + * Mechanism names + */ + +#define SASL_MECH_NAME_ANONYMOUS "ANONYMOUS" +#define SASL_MECH_NAME_CRAM_MD5 "CRAM-MD5" +#define SASL_MECH_NAME_DIGEST_MD5 "DIGEST-MD5" +#define SASL_MECH_NAME_EXTERNAL "EXTERNAL" +#define SASL_MECH_NAME_GSSAPI "GSSAPI" +#define SASL_MECH_NAME_GSS_SPNEGO "GSS-SPNEGO" +#define SASL_MECH_NAME_LOGIN "LOGIN" +#define SASL_MECH_NAME_OAUTHBEARER "OAUTHBEARER" +#define SASL_MECH_NAME_OTP "OTP" +#define SASL_MECH_NAME_PLAIN "PLAIN" +#define SASL_MECH_NAME_SCRAM_SHA_1 "SCRAM-SHA-1" +#define SASL_MECH_NAME_SCRAM_SHA_1_PLUS "SCRAM-SHA-1-PLUS" +#define SASL_MECH_NAME_SCRAM_SHA_256 "SCRAM-SHA-256" +#define SASL_MECH_NAME_SCRAM_SHA_256_PLUS "SCRAM-SHA-256-PLUS" + +#define SASL_MECH_NAME_NTLM "NTLM" +#define SASL_MECH_NAME_XOAUTH2 "XOAUTH2" + #endif diff --git a/src/login-common/client-common-auth.c b/src/login-common/client-common-auth.c index ec110e81d9..6741a190df 100644 --- a/src/login-common/client-common-auth.c +++ b/src/login-common/client-common-auth.c @@ -490,7 +490,7 @@ proxy_redirect_reauth(struct client *client, const char *destuser, t_strdup_printf("destuser=%s", str_tabescape(destuser)), t_strdup_printf("proxy_timeout=%u", connect_timeout_msecs), }; - info.mech = "EXTERNAL"; + info.mech = SASL_MECH_NAME_EXTERNAL; t_array_init(&info.extra_fields, N_ELEMENTS(extra_fields)); array_append(&info.extra_fields, extra_fields, N_ELEMENTS(extra_fields)); diff --git a/src/pop3-login/client-authenticate.c b/src/pop3-login/client-authenticate.c index 64cf662ab3..1198cc63df 100644 --- a/src/pop3-login/client-authenticate.c +++ b/src/pop3-login/client-authenticate.c @@ -212,7 +212,7 @@ bool cmd_pass(struct pop3_client *pop3_client, const char *args) base64 = t_buffer_create(MAX_BASE64_ENCODED_SIZE(plain_login->used)); base64_encode(plain_login->data, plain_login->used, base64); - (void)client_auth_begin(client, "PLAIN", str_c(base64)); + (void)client_auth_begin(client, SASL_MECH_NAME_PLAIN, str_c(base64)); return TRUE; } diff --git a/src/submission-login/client-authenticate.c b/src/submission-login/client-authenticate.c index 243c00d6f7..3c21a05324 100644 --- a/src/submission-login/client-authenticate.c +++ b/src/submission-login/client-authenticate.c @@ -353,7 +353,8 @@ void cmd_mail(struct smtp_server_cmd_ctx *cmd, const char *params) if (HAS_NO_BITS(workarounds, SUBMISSION_LOGIN_WORKAROUND_IMPLICIT_AUTH_EXTERNAL) || - sasl_server_find_available_mech(client, "EXTERNAL") == NULL) { + sasl_server_find_available_mech( + client, SASL_MECH_NAME_EXTERNAL) == NULL) { smtp_server_command_fail(cmd->cmd, 530, "5.7.0", "Authentication required."); return; @@ -369,5 +370,5 @@ void cmd_mail(struct smtp_server_cmd_ctx *cmd, const char *params) i_assert(subm_client->pending_auth == NULL); subm_client->pending_auth = cmd; - (void)client_auth_begin_implicit(client, "EXTERNAL", "="); + (void)client_auth_begin_implicit(client, SASL_MECH_NAME_EXTERNAL, "="); }