Bug #47758 for Win32-IntAuth: Small bugfix for Win32::IntAuth

> --- Win32\IntAuth.pm Wed Jul 01 15:59:31 2009 > +++ Win32\IntAuth.new Thu Jul 09 11:55:47 2009 > @@ -385,7 +385,8 @@ > my $pContextAttr = pack('L', 0); > my $buf_size = 4096; > - my $sec_inbuf = pack("L L P$buf_size", $buf_size, SECBUFFER_TOKEN, $ > token); > + my $tok_size = length($token || "") || $buf_size; > + my $sec_inbuf = pack("L L P$tok_size", $tok_size, SECBUFFER_TOKEN, $ > token); > my $pInput = pack('L L P', 0, 1, $sec_inbuf); > my $out_buf = ' ' x $buf_size; > my $sec_outbuf = pack("L L P$buf_size", $buf_size, SECBUFFER_TOKEN, $ > out_buf); > @@ -410,7 +411,8 @@ > $self->{continue} = 1 > if $self->{last_err} == SEC_I_CONTINUE_NEEDED; > - return($out_buf); > + $buf_size = unpack('L', $sec_outbuf); > + return(substr($out_buf, 0, $buf_size)); > } > > The first change makes sure InitializeSecurityContext doesn't try to > read more from $token than it should, and the second truncates the > output buffer that gets returned to the proper length. > > I don't know if this affects the "impersonation" that the module is > intended for, but it seems to fix our SMTP authentication! 'make test' > also works successfully, so I think it's a good change. > > Give it a look and see if you think this is a change you'd like to > take for the next version; but regardless, thanks again for making > this easy on me!

________________________________________________________________ Neu: WEB.DE Doppel-FLAT mit Internet-Flatrate + Telefon-Flatrate für nur 19,99 Euro/mtl.!* http://produkte.web.de/go/02/