X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/f9fc9427579982838daf3e50c1d14b69bf59a43e..a85c067ba6c6940512cf57ec213277a370d87e70:/src/src/auths/get_data.c

diff --git a/src/src/auths/get_data.c b/src/src/auths/get_data.c
index efb4d6d8b..0c85d2651 100644
--- a/src/src/auths/get_data.c
+++ b/src/src/auths/get_data.c
@@ -3,7 +3,9 @@
 *************************************************/
 
 /* Copyright (c) University of Cambridge 1995 - 2018 */
+/* Copyright (c) The Exim Maintainers 2020 - 2021 */
 /* See the file NOTICE for conditions of use and distribution. */
+/* SPDX-License-Identifier: GPL-2.0-only */
 
 #include "../exim.h"
 
@@ -53,13 +55,13 @@ return OK;
 *      Issue a challenge and get a response      *
 *************************************************/
 
-/* This function is used by authentication drivers to output a challenge
-to the SMTP client and read the response line.
+/* This function is used by authentication drivers to b64-encode and
+output a challenge to the SMTP client, and read the response line.
 
 Arguments:
    aptr       set to point to the response (which is in big_buffer)
-   challenge  the challenge text (unencoded, may be binary)
-   challen    the length of the challenge text
+   challenge  the challenge data (unencoded, may be binary)
+   challen    the length of the challenge data, in bytes
 
 Returns:      OK on success
               BAD64 if response too large for buffer
@@ -167,14 +169,20 @@ if (!ss)
 len = Ustrlen(ss);
 
 /* The character ^ is used as an escape for a binary zero character, which is
-needed for the PLAIN mechanism. It must be doubled if really needed. */
+needed for the PLAIN mechanism. It must be doubled if really needed.
+
+The parsing ambiguity of ^^^ is taken as ^^ -> ^ ; ^ -> NUL - and there is
+no way to get a leading ^ after a NUL.  We would need to intro new syntax to
+support that (probably preferring to take a more-standard exim list as a source
+and concat the elements with intervening NULs.  Either a magic marker on the
+source string for client_send, or a new option). */
 
 for (int i = 0; i < len; i++)
   if (ss[i] == '^')
     if (ss[i+1] != '^')
       ss[i] = 0;
     else
-      if (--len > ++i) memmove(ss + i, ss + i + 1, len - i);
+      if (--len > i+1) memmove(ss + i + 1, ss + i + 2, len - i);
 
 /* The first string is attached to the AUTH command; others are sent
 unembellished. */
@@ -193,7 +201,7 @@ else
 has succeeded. There may be more data to send, but is there any point
 in provoking an error here? */
 
-if (smtp_read_response(sx, US buffer, buffsize, '2', timeout))
+if (smtp_read_response(sx, buffer, buffsize, '2', timeout))
   {
   *inout = NULL;
   return OK;