X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/0756eb3cb50d73a77b486e47528f7cb1bffdb299..3634fc257bd0667daef14d72005cd87c735bbb24:/src/src/auths/cram_md5.c

diff --git a/src/src/auths/cram_md5.c b/src/src/auths/cram_md5.c
index bd9547a42..31de7c2d2 100644
--- a/src/src/auths/cram_md5.c
+++ b/src/src/auths/cram_md5.c
@@ -1,10 +1,8 @@
-/* $Cambridge: exim/src/src/auths/cram_md5.c,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */
-
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 *************************************************/
 
-/* Copyright (c) University of Cambridge 1995 - 2004 */
+/* Copyright (c) University of Cambridge 1995 - 2009 */
 /* See the file NOTICE for conditions of use and distribution. */
 
 
@@ -177,10 +175,11 @@ if ((rc = auth_get_data(&data, challenge, Ustrlen(challenge))) != OK) return rc;
 if ((len = auth_b64decode(data, &clear)) < 0) return BAD64;
 
 /* The return consists of a user name, space-separated from the CRAM-MD5
-digest, expressed in hex. Extract the user name and put it in $1. Then check
-that the remaining length is 32. */
+digest, expressed in hex. Extract the user name and put it in $auth1 and $1.
+The former is now the preferred variable; the latter is the original one. Then
+check that the remaining length is 32. */
 
-expand_nstring[1] = clear;
+auth_vars[0] = expand_nstring[1] = clear;
 while (*clear != 0 && !isspace(*clear)) clear++;
 if (!isspace(*clear)) return FAIL;
 *clear++ = 0;
@@ -212,7 +211,7 @@ compute_cram_md5(secret, challenge, digest);
 HDEBUG(D_auth)
   {
   uschar buff[64];
-  debug_printf("CRAM-MD5: user name = %s\n", expand_nstring[1]);
+  debug_printf("CRAM-MD5: user name = %s\n", auth_vars[0]);
   debug_printf("          challenge = %s\n", challenge);
   debug_printf("          received  = %s\n", clear);
   Ustrcpy(buff,"          digest    = ");
@@ -232,7 +231,8 @@ for (i = 0; i < 16; i++)
         ((b >= 'a')? b - 'a' + 10 : b - '0')) != digest[i]) return FAIL;
   }
 
-return OK;
+/* Expand server_condition as an authorization check */
+return auth_check_serv_cond(ablock);
 }
 
 
@@ -249,7 +249,7 @@ auth_cram_md5_client(
   smtp_inblock *inblock,                 /* input connection */
   smtp_outblock *outblock,               /* output connection */
   int timeout,                           /* command timeout */
-  uschar *buffer,                          /* for reading response */
+  uschar *buffer,                        /* for reading response */
   int buffsize)                          /* size of buffer */
 {
 auth_cram_md5_options_block *ob =
@@ -265,7 +265,11 @@ or ERROR, as approriate. */
 
 if (secret == NULL || name == NULL)
   {
-  if (expand_string_forcedfail) return CANCELLED;
+  if (expand_string_forcedfail)
+    {
+    *buffer = 0;           /* No message */
+    return CANCELLED;
+    }
   string_format(buffer, buffsize, "expansion of \"%s\" failed in "
     "%s authenticator: %s",
     (secret == NULL)? ob->client_secret : ob->client_name,