-compatibility, in $1, $2, etc). Match against the decoded data by expanding the
-condition. */
-
-cond = expand_string(ob->server_condition);
-
-HDEBUG(D_auth)
- {
- int i;
- debug_printf("%s authenticator:\n", ablock->name);
- for (i = 0; i < AUTH_VARS; i++)
- {
- if (auth_vars[i] != NULL)
- debug_printf(" $auth%d = %s\n", i + 1, auth_vars[i]);
- }
- for (i = 1; i <= expand_nmax; i++)
- debug_printf(" $%d = %.*s\n", i, expand_nlength[i], expand_nstring[i]);
- debug_print_string(ablock->server_debug_string); /* customized debug */
- if (cond == NULL)
- debug_printf("expansion failed: %s\n", expand_string_message);
- else
- debug_printf("expanded string: %s\n", cond);
- }
-
-/* A forced expansion failure causes authentication to fail. Other expansion
-failures yield DEFER, which will cause a temporary error code to be returned to
-the AUTH command. The problem is at the server end, so the client should try
-again later. */
-
-if (cond == NULL)
- {
- if (expand_string_forcedfail) return FAIL;
- auth_defer_msg = expand_string_message;
- return DEFER;
- }
-
-/* Return FAIL for empty string, "0", "no", and "false"; return OK for
-"1", "yes", and "true"; return DEFER for anything else, with the string
-available as an error text for the user. */
+compatibility, in $1, $2, etc). Authentication and authorization are handled
+together for this authenticator by expanding the server_condition option. Note
+that ablock->server_condition is always non-NULL because that's what configures
+this authenticator as a server. */