From: Jean-Marc Pigeon (Delson) <jmp@safe.ca>
Date: Tue, 8 Jul 2025 20:32:15 +0000 (-0400)
Subject: Authentication cram-md5 is working (No leak)
X-Git-Tag: tag-0.13~19
X-Git-Url: https://jmp-git.ovh.safe.ca/?a=commitdiff_plain;h=a25a82af394445d7c0c2b1883800a94c652ac68c;p=jmp%2Fmailleur

Authentication cram-md5 is working (No leak)
---

diff --git a/lib/lvleml.c b/lib/lvleml.c
index 8b02541..6229a31 100644
--- a/lib/lvleml.c
+++ b/lib/lvleml.c
@@ -506,12 +506,11 @@ if (strlen(local)>0)
 /*      the exchange with the remote sereur             */
 /*                                                      */
 /********************************************************/
-static _Bool get_auth_cram_md5(CONTYP *contact,char **rmtpass)
+static void get_auth_cram_md5(CONTYP *contact,char **rmtpass)
 
 {
 #define OPEP    "lvleml.c:get_auth_cram_md5,"
 
-_Bool goodpass;
 char challenge[300];
 char answer[300];
 char name[300];
@@ -519,7 +518,6 @@ char passwd[300];
 int phase;
 _Bool proceed;
 
-goodpass=false;
 (void) memset(challenge,'\000',sizeof(challenge));
 (void) memset(answer,'\000',sizeof(answer));
 (void) memset(name,'\000',sizeof(name));
@@ -579,6 +577,8 @@ while (proceed==true) {
     case 4      :  {    //extracting user information
       USRTYP *usr;
 
+      contact->authname=rou_freestr(contact->authname);
+      contact->authname=strdup(name);
       if (sql_mngusr(contact->sqlptr,sql_select,name,&usr)==true) {
         (void) snprintf(passwd,sizeof(passwd),"%s",usr->passwd);
         usr=sql_freeusr(usr);
@@ -595,7 +595,7 @@ while (proceed==true) {
       hexa=cnv_tohexa(local,strlen(local));
       //(void) rou_alert(0,"%s anwr=<%s>",OPEP,answer);
       //(void) rou_alert(0,"%s hexa=<%s>",OPEP,hexa);
-      goodpass=(strcmp(hexa,answer)==0);
+      contact->authenticated=(strcmp(hexa,answer)==0);
       hexa=rou_freestr(hexa);
       local=rou_freestr(local);
       }
@@ -605,7 +605,6 @@ while (proceed==true) {
     }
   phase++;
   }
-return goodpass;
 
 #undef  OPEP
 }