[Pkg-xmpp-commits] [jabberd2] 03/11: New upstream version 2.6.1

[Simon Josefsson]

This is an automated email from the git hooks/post-receive script.

jas pushed a commit to branch master
in repository jabberd2.

commit 4e93438c16c9919127e72219acd82dd35f0e7b46
Author: Simon Josefsson <simon at josefsson.org>
Date:   Sun Jul 9 08:29:34 2017 +0200

    New upstream version 2.6.1
---
 NEWS         | 8 ++++++++
 c2s/main.c   | 2 ++
 configure.ac | 2 +-
 sx/sasl.c    | 2 +-
 4 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/NEWS b/NEWS
index 9929dcb..0993cbf 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,14 @@ This file contains news, important changes
 and upgrade instructions between different versions of jabberd2.
 
 
+* 2.6.0 to 2.6.1 upgrade:
+
+What changed:
+- Fixed offered SASL mechanism check
+
+This is a security bugfix release.
+
+
 * 2.5.0 to 2.6.0 upgrade:
 
 What changed:
diff --git a/c2s/main.c b/c2s/main.c
index 1efa365..7972c54 100644
--- a/c2s/main.c
+++ b/c2s/main.c
@@ -562,6 +562,8 @@ static int _c2s_sx_sasl_callback(int cb, void *arg, void **res, sx_t s, void *cb
             mechbuf[sizeof(mechbuf)-1]='\0';
             for(i = 0; mechbuf[i]; i++) mechbuf[i] = tolower(mechbuf[i]);
 
+            log_debug(ZONE, "sx sasl callback: check mech (mech=%s)", mechbuf);
+
             /* get host for request */
             host = xhash_get(c2s->hosts, s->req_to);
             if(host == NULL) {
diff --git a/configure.ac b/configure.ac
index 1d70ac2..632e5d7 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,7 +2,7 @@
 # Process this file with autoconf to produce a configure script.
 
 AC_PREREQ(2.61)
-AC_INIT([jabberd], [2.6.0], [jabberd2 at lists.xiaoka.com])
+AC_INIT([jabberd], [2.6.1], [jabberd2 at lists.xiaoka.com])
 AC_CONFIG_SRCDIR([sx/sx.h])
 AC_CONFIG_HEADER([config.h])
 AM_INIT_AUTOMAKE
diff --git a/sx/sasl.c b/sx/sasl.c
index 96d4408..d52f6af 100644
--- a/sx/sasl.c
+++ b/sx/sasl.c
@@ -332,7 +332,7 @@ static void _sx_sasl_client_process(sx_t s, sx_plugin_t p, Gsasl_session *sd, co
     if(mech != NULL) {
         _sx_debug(ZONE, "auth request from client (mechanism=%s)", mech);
 
-        if(!gsasl_server_support_p(ctx->gsasl_ctx, mech)) {
+        if(!gsasl_server_support_p(ctx->gsasl_ctx, mech) || (ctx->cb)(sx_sasl_cb_CHECK_MECH, (void*)mech, NULL, s, ctx->cbarg) != sx_sasl_ret_OK) {
              _sx_debug(ZONE, "client requested mechanism (%s) that we didn't offer", mech);
              _sx_nad_write(s, _sx_sasl_failure(s, _sasl_err_INVALID_MECHANISM, NULL), 0);
              return;

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-xmpp/jabberd2.git