On Mon, Jun 11, 2018 at 03:12:45PM -0700, Brandon Long wrote: > Hey mutt-dev, long time no see. > > Gmail supports RFC 7628 for using OAUTH with IMAP, and they really don't > like you using password based auth. You can still enable "less secure > apps" and then generate an application specific password, but I figured it > was time to support it.
Hi Brandon, Thank you for sending the patch. I will take a closer look in a few days when I have a bit more time. Just after a quick look I have two comments. It would be good to initialize ibuf[0] to '\0' before performing the safe_strcat. Also, are you confident of the static buffer sizes? (I'm not familiar with OAUTH specs, so I have no idea). A couple years ago I had to change imap_auth_sasl to use dynamic sized buffer because even HUGE_STRING wasn't big enough for someone [1cab7de7]. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature
