cleanup channel bindings logic

diff --git a/include/saslplug.h b/include/saslplug.h
index 205ce4c..321e79f 100755 (executable)
--- a/include/saslplug.h
+++ b/include/saslplug.h
@@ -289,7 +289,11 @@ typedef struct sasl_client_params {
 
     int (*spare_fptr1)();
 
 
     int (*spare_fptr1)();
 

-    int chanbindingscrit;
+#define SASL_CB_FLAG_NONE   0       /* client did not support CB */
+#define SASL_CB_FLAG_USED   1       /* client supports and used CB */
+#define SASL_CB_FLAG_WANT   2       /* client supports CB, thinks server does not */
+
+    int chanbindingsflag;

     int chanbindingslen;
     int spare_int3;
 
     int chanbindingslen;
     int spare_int3;
 

diff --git a/lib/client.c b/lib/client.c
index 5ba6116..c42d6f5 100644 (file)
--- a/lib/client.c
+++ b/lib/client.c
@@ -531,11 +531,15 @@ int sasl_client_start(sasl_conn_t *conn,
            }
 
            /* If client requires channel binding, prefer -PLUS mech */
            }
 
            /* If client requires channel binding, prefer -PLUS mech */

-           if (c_conn->cparams->chanbindingscrit &&
-               !sasl_is_plus_mech(name)) {
-               break;
+           if (c_conn->cparams->chanbindingslen != 0) {
+               if (sasl_is_plus_mech(name))
+                   c_conn->cparams->chanbindingsflag = SASL_CB_FLAG_USED;
+               else
+                   c_conn->cparams->chanbindingsflag = SASL_CB_FLAG_WANT;
+           } else {
+               c_conn->cparams->chanbindingsflag = SASL_CB_FLAG_NONE;

            }
            }

-           
+

 #ifdef PREFER_MECH
            if (strcasecmp(m->m.plug->mech_name, PREFER_MECH) &&
                bestm && m->m.plug->max_ssf <= bestssf) {
 #ifdef PREFER_MECH
            if (strcasecmp(m->m.plug->mech_name, PREFER_MECH) &&
                bestm && m->m.plug->max_ssf <= bestssf) {

diff --git a/lib/common.c b/lib/common.c
index 9df3217..1bf804d 100644 (file)
--- a/lib/common.c
+++ b/lib/common.c
@@ -1212,13 +1212,14 @@ int sasl_setprop(sasl_conn_t *conn, int propnum, const void *value)
     struct sasl_channel_bindings *cb = (struct sasl_channel_bindings *)value;
 
     if (conn->type == SASL_CONN_SERVER) {
     struct sasl_channel_bindings *cb = (struct sasl_channel_bindings *)value;
 
     if (conn->type == SASL_CONN_SERVER) {

+        int cb_flag;
+

         ((sasl_server_conn_t *)conn)->sparams->chanbindingstype = cb->type;
         ((sasl_server_conn_t *)conn)->sparams->chanbindingscrit = cb->critical;
         ((sasl_server_conn_t *)conn)->sparams->chanbindingsdata = cb->data;
         ((sasl_server_conn_t *)conn)->sparams->chanbindingslen = cb->len;
     } else {
         ((sasl_client_conn_t *)conn)->cparams->chanbindingstype = cb->type;
         ((sasl_server_conn_t *)conn)->sparams->chanbindingstype = cb->type;
         ((sasl_server_conn_t *)conn)->sparams->chanbindingscrit = cb->critical;
         ((sasl_server_conn_t *)conn)->sparams->chanbindingsdata = cb->data;
         ((sasl_server_conn_t *)conn)->sparams->chanbindingslen = cb->len;
     } else {
         ((sasl_client_conn_t *)conn)->cparams->chanbindingstype = cb->type;

-        ((sasl_client_conn_t *)conn)->cparams->chanbindingscrit = cb->critical;

         ((sasl_client_conn_t *)conn)->cparams->chanbindingsdata = cb->data;
         ((sasl_client_conn_t *)conn)->cparams->chanbindingslen = cb->len;
     }
         ((sasl_client_conn_t *)conn)->cparams->chanbindingsdata = cb->data;
         ((sasl_client_conn_t *)conn)->cparams->chanbindingslen = cb->len;
     }

diff --git a/sample/client.c b/sample/client.c
index 2d235e0..d1b02d4 100644 (file)
--- a/sample/client.c
+++ b/sample/client.c
@@ -421,7 +421,7 @@ int main(int argc, char *argv[])
     if (r != SASL_OK) saslfail(r, "allocating connection state");
 
     cb.type = "sasl-sample";
     if (r != SASL_OK) saslfail(r, "allocating connection state");
 
     cb.type = "sasl-sample";

-    cb.critical = 1;
+    cb.critical = 0;

     cb.data = "this is a test of channel bindings";
     cb.len = strlen(cb.data);
 
     cb.data = "this is a test of channel bindings";
     cb.len = strlen(cb.data);
 

diff --git a/sample/server.c b/sample/server.c
index 7d680f9..0ba17a8 100644 (file)
--- a/sample/server.c
+++ b/sample/server.c
@@ -441,7 +441,7 @@ int main(int argc, char *argv[])
        if (r != SASL_OK) saslfail(r, "allocating connection state");
 
         cb.type = "sasl-sample";
        if (r != SASL_OK) saslfail(r, "allocating connection state");
 
         cb.type = "sasl-sample";

-        cb.critical = 1;
+        cb.critical = 0;

         cb.data = "this is a test of channel bindings";
         cb.len = strlen(cb.data);
 
         cb.data = "this is a test of channel bindings";
         cb.len = strlen(cb.data);