Add $auth1, $auth2, $auth3 variables.

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index cc82287fe838e419d534ae31ff6f2d49ea26b0f3..a9f562bceaa0aedef10a42601db7ec0a6c871a58 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.289 2006/02/09 14:50:58 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.290 2006/02/10 14:25:43 ph10 Exp $

 
 Change log file for Exim from version 4.21
 -------------------------------------------
 
 Change log file for Exim from version 4.21
 -------------------------------------------


@@ -116,6 +116,10 @@ PH/19 When calculating a retry time, Exim used to measure the "time since
       "time since failure" will always be short, possible causing more frequent
       delivery attempts for the huge message than are intended.
 
       "time since failure" will always be short, possible causing more frequent
       delivery attempts for the huge message than are intended.
 

+PH/20 Added $auth1, $auth2, $auth3 to contain authentication data (as well as
+      $1, $2, $3) because the numerical variables can be reset during some
+      expansion items (e.g. "match"), thereby losing the authentication data.
+

 
 
 Exim version 4.60
 
 
 Exim version 4.60

diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 83e44d8366a9190901409d0b1c30150ae1d232f2..6dfb76ea81cba2548bd3af514379824575b7343b 100644 (file)
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.81 2006/02/08 16:10:46 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.82 2006/02/10 14:25:43 ph10 Exp $

 
 New Features in Exim
 --------------------
 
 New Features in Exim
 --------------------


@@ -32,6 +32,14 @@ PH/03 If quota_warn_message contains a From: header, Exim now refrains from
       adding the default one. Similarly, if it contains a Reply-To: header, the
       errors_reply_to option, if set, is not used.
 
       adding the default one. Similarly, if it contains a Reply-To: header, the
       errors_reply_to option, if set, is not used.
 

+PH/04 The variables $auth1, $auth2, $auth3 are now available in authenticators,
+      containing the same values as $1, $2, $3. The new variables are provided
+      because the numerical variables can be reset during string expansions
+      (for example, during a "match" operation) and so may lose the
+      authentication data. The preferred variables are now the new ones, with
+      the use of the numerical ones being deprecated, though the support will
+      not be removed, at least, not for a long time.
+

 
 Version 4.60
 ------------
 
 Version 4.60
 ------------

diff --git a/doc/doc-txt/OptionLists.txt b/doc/doc-txt/OptionLists.txt
index e99b4e0bea84831b56100bafcacaa910dad2bcef..3268b3cbe6a5c26e69d6a5744e4a878bd0bb4f98 100644 (file)
--- a/doc/doc-txt/OptionLists.txt
+++ b/doc/doc-txt/OptionLists.txt
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/OptionLists.txt,v 1.15 2006/02/09 10:04:00 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/OptionLists.txt,v 1.16 2006/02/10 14:25:43 ph10 Exp $

 
 LISTS OF EXIM OPTIONS
 ---------------------
 
 LISTS OF EXIM OPTIONS
 ---------------------


@@ -747,6 +747,7 @@ AUTH_CRAM_MD5                driver       include cram_md5 authenticator
 AUTH_CYRUS_SASL              driver       include Cyrus SASL authenticator
 AUTH_PLAINTEXT               driver       include plaintext authenticator
 AUTH_SPA                     driver       include SPA (NTLM) authenticator
 AUTH_CYRUS_SASL              driver       include Cyrus SASL authenticator
 AUTH_PLAINTEXT               driver       include plaintext authenticator
 AUTH_SPA                     driver       include SPA (NTLM) authenticator

+AUTH_VARS=3                  optional*    number of $auth variables

 BASENAME_COMMAND             system**     path to basename
 BASE_62=62                   optional*    not normally changed for Unix
 BIN_DIRECTORY                mandatory    Exim binary directory
 BASENAME_COMMAND             system**     path to basename
 BASE_62=62                   optional*    not normally changed for Unix
 BIN_DIRECTORY                mandatory    Exim binary directory

diff --git a/src/src/auths/README b/src/src/auths/README
index 18ca50033431edf75ef857842f02bf63bfa881b4..9143b9e918bbeb76313151381d115e053eb49fb4 100644 (file)
--- a/src/src/auths/README
+++ b/src/src/auths/README
@@ -1,4 +1,4 @@
-$Cambridge: exim/src/src/auths/README,v 1.3 2005/02/17 11:58:27 ph10 Exp $
+$Cambridge: exim/src/src/auths/README,v 1.4 2006/02/10 14:25:43 ph10 Exp $

 
 AUTHS
 
 
 AUTHS
 


@@ -44,9 +44,10 @@ The second function performs authentication as a server. It receives a pointer
 to the instance block, and its second argument is the remainder of the data
 from the AUTH command. The numeric variable maximum setting (expand_nmax) is
 set to zero, with $0 initialized as unset. The authenticator may set up numeric
 to the instance block, and its second argument is the remainder of the data
 from the AUTH command. The numeric variable maximum setting (expand_nmax) is
 set to zero, with $0 initialized as unset. The authenticator may set up numeric

-variables according to its specification; it should leave expand_nmax set at
-the end so that they can be used for the expansion of the generic server_set_id
-option, which happens centrally.
+variables according to its (old) specification and $auth<n> variables the
+preferred ones nowadays; it should leave them set at the end so that they can
+be used for the expansion of the generic server_set_id option, which happens
+centrally.

 
 This function has access to the SMTP input and output so that it can write
 intermediate responses and read more data if necessary. There is a packaged
 
 This function has access to the SMTP input and output so that it can write
 intermediate responses and read more data if necessary. There is a packaged

diff --git a/src/src/auths/b64decode.c b/src/src/auths/b64decode.c
index dceb59f0c2ea48bd25d6ba06cb4957f0eaf72236..bc1fbc5ef0c8214b2283a01adc1cbf12a029828e 100644 (file)
--- a/src/src/auths/b64decode.c
+++ b/src/src/auths/b64decode.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/b64decode.c,v 1.3 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/b64decode.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -22,7 +22,7 @@ compact loop is messy and would probably run more slowly.
 Arguments:
   code        points to the coded string, zero-terminated
   ptr         where to put the pointer to the result, which is in
 Arguments:
   code        points to the coded string, zero-terminated
   ptr         where to put the pointer to the result, which is in

-              dynamic store
+              dynamic store, and zero-terminated

 
 Returns:      the number of bytes in the result,
               or -1 if the input was malformed
 
 Returns:      the number of bytes in the result,
               or -1 if the input was malformed

diff --git a/src/src/auths/cram_md5.c b/src/src/auths/cram_md5.c
index 41c9c5cfa9323e847affa49a4e139ae402fcd7fc..7b559876215a01f103d6a7666be8b452a8854606 100644 (file)
--- a/src/src/auths/cram_md5.c
+++ b/src/src/auths/cram_md5.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/cram_md5.c,v 1.3 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/cram_md5.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -177,10 +177,11 @@ if ((rc = auth_get_data(&data, challenge, Ustrlen(challenge))) != OK) return rc;
 if ((len = auth_b64decode(data, &clear)) < 0) return BAD64;
 
 /* The return consists of a user name, space-separated from the CRAM-MD5
 if ((len = auth_b64decode(data, &clear)) < 0) return BAD64;
 
 /* The return consists of a user name, space-separated from the CRAM-MD5

-digest, expressed in hex. Extract the user name and put it in $1. Then check
-that the remaining length is 32. */
+digest, expressed in hex. Extract the user name and put it in $auth1 and $1.
+The former is now the preferred variable; the latter is the original one. Then
+check that the remaining length is 32. */

 
 

-expand_nstring[1] = clear;
+auth_vars[0] = expand_nstring[1] = clear;

 while (*clear != 0 && !isspace(*clear)) clear++;
 if (!isspace(*clear)) return FAIL;
 *clear++ = 0;
 while (*clear != 0 && !isspace(*clear)) clear++;
 if (!isspace(*clear)) return FAIL;
 *clear++ = 0;


@@ -212,7 +213,7 @@ compute_cram_md5(secret, challenge, digest);
 HDEBUG(D_auth)
   {
   uschar buff[64];
 HDEBUG(D_auth)
   {
   uschar buff[64];

-  debug_printf("CRAM-MD5: user name = %s\n", expand_nstring[1]);
+  debug_printf("CRAM-MD5: user name = %s\n", auth_vars[0]);

   debug_printf("          challenge = %s\n", challenge);
   debug_printf("          received  = %s\n", clear);
   Ustrcpy(buff,"          digest    = ");
   debug_printf("          challenge = %s\n", challenge);
   debug_printf("          received  = %s\n", clear);
   Ustrcpy(buff,"          digest    = ");

diff --git a/src/src/auths/cyrus_sasl.c b/src/src/auths/cyrus_sasl.c
index 8651dc60504b50eba64438d65c6617794b3bf917..7e6603988b3fff0d67e9740182954c57c6df205f 100644 (file)
--- a/src/src/auths/cyrus_sasl.c
+++ b/src/src/auths/cyrus_sasl.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/cyrus_sasl.c,v 1.3 2005/04/05 14:33:27 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/cyrus_sasl.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -324,11 +324,12 @@ while(rc==SASL_CONTINUE)
     }
   else if(rc==SASL_OK)
     {
     }
   else if(rc==SASL_OK)
     {

-    /* get the username and copy it into $1 */
-    rc=sasl_getprop(conn, SASL_USERNAME, (const void **)(&out2));
-    expand_nstring[1]=string_copy(out2);
-    expand_nlength[1]=Ustrlen(expand_nstring[1]);
-    expand_nmax=1;
+    /* Get the username and copy it into $auth1 and $1. The former is now the
+    preferred variable; the latter is the original variable. */
+    rc = sasl_getprop(conn, SASL_USERNAME, (const void **)(&out2));
+    auth_vars[0] = expand_nstring[1] = string_copy(out2);
+    expand_nlength[1] = Ustrlen(expand_nstring[1]);
+    expand_nmax = 1;

 
     HDEBUG(D_auth)
       debug_printf("Cyrus SASL %s authentiction succeeded for %s\n", ob->server_mech, out2);
 
     HDEBUG(D_auth)
       debug_printf("Cyrus SASL %s authentiction succeeded for %s\n", ob->server_mech, out2);

diff --git a/src/src/auths/plaintext.c b/src/src/auths/plaintext.c
index 5e7fda7cde4023cf67b119c808729d6f92a2304b..e5f261a161607a095209203a4a0ff5ce3912d55a 100644 (file)
--- a/src/src/auths/plaintext.c
+++ b/src/src/auths/plaintext.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/plaintext.c,v 1.3 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/plaintext.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -87,14 +87,16 @@ if (prompts != NULL)
   }
 
 /* If data was supplied on the AUTH command, decode it, and split it up into
   }
 
 /* If data was supplied on the AUTH command, decode it, and split it up into

-multiple items at binary zeros. If the data consists of the string "=" it
-indicates a single, empty string. */
+multiple items at binary zeros. The strings are put into $auth1, $auth2, etc,
+up to a maximum. To retain backwards compatibility, they are also put int $1,
+$2, etc. If the data consists of the string "=" it indicates a single, empty
+string. */

 
 if (*data != 0)
   {
   if (Ustrcmp(data, "=") == 0)
     {
 
 if (*data != 0)
   {
   if (Ustrcmp(data, "=") == 0)
     {

-    expand_nstring[++expand_nmax] = US"";
+    auth_vars[0] = expand_nstring[++expand_nmax] = US"";

     expand_nlength[expand_nmax] = 0;
     }
   else
     expand_nlength[expand_nmax] = 0;
     }
   else


@@ -103,6 +105,7 @@ if (*data != 0)
     end = clear + len;
     while (clear < end && expand_nmax < EXPAND_MAXN)
       {
     end = clear + len;
     while (clear < end && expand_nmax < EXPAND_MAXN)
       {

+      if (expand_nmax < AUTH_VARS) auth_vars[expand_nmax] = clear;

       expand_nstring[++expand_nmax] = clear;
       while (*clear != 0) clear++;
       expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];
       expand_nstring[++expand_nmax] = clear;
       while (*clear != 0) clear++;
       expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];


@@ -126,6 +129,7 @@ while ((s = string_nextinlist(&prompts, &sep, big_buffer, big_buffer_size))
   /* This loop must run at least once, in case the length is zero */
   do
     {
   /* This loop must run at least once, in case the length is zero */
   do
     {

+    if (expand_nmax < AUTH_VARS) auth_vars[expand_nmax] = clear;

     expand_nstring[++expand_nmax] = clear;
     while (*clear != 0) clear++;
     expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];
     expand_nstring[++expand_nmax] = clear;
     while (*clear != 0) clear++;
     expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];


@@ -133,9 +137,9 @@ while ((s = string_nextinlist(&prompts, &sep, big_buffer, big_buffer_size))
   while (clear < end && expand_nmax < EXPAND_MAXN);
   }
 
   while (clear < end && expand_nmax < EXPAND_MAXN);
   }
 

-/* We now have a number of items of data in $1, $2, etc. Match against the
-decoded data by expanding the condition. Also expand the id to set if
-authentication succeeds. */
+/* We now have a number of items of data in $auth1, $auth2, etc (and also, for
+compatibility, in $1, $2, etc). Match against the decoded data by expanding the
+condition. */

 
 cond = expand_string(ob->server_condition);
 
 
 cond = expand_string(ob->server_condition);
 


@@ -143,6 +147,11 @@ HDEBUG(D_auth)
   {
   int i;
   debug_printf("%s authenticator:\n", ablock->name);
   {
   int i;
   debug_printf("%s authenticator:\n", ablock->name);

+  for (i = 0; i < AUTH_VARS; i++)
+    {
+    if (auth_vars[i] != NULL)
+      debug_printf("  $auth%d = %s\n", i + 1, auth_vars[i]);
+    }

   for (i = 1; i <= expand_nmax; i++)
     debug_printf("  $%d = %.*s\n", i, expand_nlength[i], expand_nstring[i]);
   debug_print_string(ablock->server_debug_string);    /* customized debug */
   for (i = 1; i <= expand_nmax; i++)
     debug_printf("  $%d = %.*s\n", i, expand_nlength[i], expand_nstring[i]);
   debug_print_string(ablock->server_debug_string);    /* customized debug */

diff --git a/src/src/auths/spa.c b/src/src/auths/spa.c
index 854e963124b64d2aa937646bf4bb619d3ef02584..264887607c49047651c065c747f609fc3f3ed80d 100644 (file)
--- a/src/src/auths/spa.c
+++ b/src/src/auths/spa.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/spa.c,v 1.5 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/spa.c,v 1.6 2006/02/10 14:25:43 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -162,8 +162,6 @@ if (spa_base64_to_bits((char *)(&response), sizeof(response), (const char *)(dat
   return FAIL;
   }
 
   return FAIL;
   }
 

-/* get username and put it in $1 */
-

 /***************************************************************
 PH 07-Aug-2003: The original code here was this:
 
 /***************************************************************
 PH 07-Aug-2003: The original code here was this:
 


@@ -194,10 +192,15 @@ that causes failure if the size of msgbuf is exceeded. ****/
 
 /***************************************************************/
 
 
 /***************************************************************/
 

-expand_nstring[1] = msgbuf;
+/* Put the username in $auth1 and $1. The former is now the preferred variable;
+the latter is the original variable. */
+
+auth_vars[0] = expand_nstring[1] = msgbuf;

 expand_nlength[1] = Ustrlen(msgbuf);
 expand_nmax = 1;
 
 expand_nlength[1] = Ustrlen(msgbuf);
 expand_nmax = 1;
 

+debug_print_string(ablock->server_debug_string);    /* customized debug */
+

 /* look up password */
 
 clearpass = expand_string(ob->spa_serverpassword);
 /* look up password */
 
 clearpass = expand_string(ob->spa_serverpassword);

diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults
index b76c794253180261573eaf6dd2f5d2adf10aaa96..92f894e4cda3a12931bf7f6abb381fa900165fee 100644 (file)
--- a/src/src/config.h.defaults
+++ b/src/src/config.h.defaults
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/config.h.defaults,v 1.9 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/config.h.defaults,v 1.10 2006/02/10 14:25:43 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -9,7 +9,8 @@
 
 /* The default settings for Exim configuration variables. A #define without
 any data just defines the existence of the variable; it won't get included
 
 /* The default settings for Exim configuration variables. A #define without
 any data just defines the existence of the variable; it won't get included

-in config.h unless some value is defined in Local/Makefile. */
+in config.h unless some value is defined in Local/Makefile. If there is data,
+it's a default value. */

 
 #define ACL_CVARS                    20
 #define ACL_MVARS                    20
 
 #define ACL_CVARS                    20
 #define ACL_MVARS                    20


@@ -26,6 +27,8 @@ in config.h unless some value is defined in Local/Makefile. */
 #define AUTH_PLAINTEXT
 #define AUTH_SPA
 
 #define AUTH_PLAINTEXT
 #define AUTH_SPA
 

+#define AUTH_VARS                     3
+

 #define BIN_DIRECTORY
 
 #define CONFIGURE_FILE
 #define BIN_DIRECTORY
 
 #define CONFIGURE_FILE

diff --git a/src/src/expand.c b/src/src/expand.c
index 4ff6e5043232829cb6e2f2f7ce32919a50306225..1d82a150ca949a0c092e16f77e51c56a329efae6 100644 (file)
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/expand.c,v 1.53 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/expand.c,v 1.54 2006/02/10 14:25:43 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -1259,6 +1259,16 @@ if (Ustrncmp(name, "acl_", 4) == 0)
     }
   }
 
     }
   }
 

+/* Similarly for $auth<n> variables. */
+
+if (Ustrncmp(name, "auth", 4) == 0)
+  {
+  uschar *endptr;
+  int n = Ustrtoul(name + 4, &endptr, 10);
+  if (*endptr == 0 && n != 0 && n <= AUTH_VARS)
+    return (auth_vars[n-1] == NULL)? US"" : auth_vars[n-1];
+  }
+

 /* For all other variables, search the table */
 
 while (last > first)
 /* For all other variables, search the table */
 
 while (last > first)

diff --git a/src/src/globals.c b/src/src/globals.c
index 10acc8fc4531fcd8a2c576ee13a5faa4e08faa88..e609f302087c963dc5deabc5f8321cbe9f14e09c 100644 (file)
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/globals.c,v 1.45 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.c,v 1.46 2006/02/10 14:25:43 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -327,6 +327,7 @@ auth_instance auth_defaults    = {
 
 uschar *auth_defer_msg         = US"reason not recorded";
 uschar *auth_defer_user_msg    = US"";
 
 uschar *auth_defer_msg         = US"reason not recorded";
 uschar *auth_defer_user_msg    = US"";

+uschar *auth_vars[AUTH_VARS];

 int     auto_thaw              = 0;
 #ifdef WITH_CONTENT_SCAN
 uschar *av_scanner             = US"sophie:/var/run/sophie";  /* AV scanner */
 int     auto_thaw              = 0;
 #ifdef WITH_CONTENT_SCAN
 uschar *av_scanner             = US"sophie:/var/run/sophie";  /* AV scanner */

diff --git a/src/src/globals.h b/src/src/globals.h
index 713aaef3e8a3c946e354fe3a90a09c3ef343b929..e3628167fcec74b37938f5be040a3a587f22af58 100644 (file)
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/globals.h,v 1.33 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.h,v 1.34 2006/02/10 14:25:43 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -157,6 +157,7 @@ extern auth_instance *auths;           /* Chain of instantiated auths */
 extern auth_instance auth_defaults;    /* Default values */
 extern uschar *auth_defer_msg;         /* Error message for log */
 extern uschar *auth_defer_user_msg;    /* Error message for user */
 extern auth_instance auth_defaults;    /* Default values */
 extern uschar *auth_defer_msg;         /* Error message for log */
 extern uschar *auth_defer_user_msg;    /* Error message for user */

+extern uschar *auth_vars[];            /* $authn variables */

 extern int     auto_thaw;              /* Auto-thaw interval */
 #ifdef WITH_CONTENT_SCAN
 extern uschar *av_scanner;             /* AntiVirus scanner to use for the malware condition */
 extern int     auto_thaw;              /* Auto-thaw interval */
 #ifdef WITH_CONTENT_SCAN
 extern uschar *av_scanner;             /* AntiVirus scanner to use for the malware condition */

diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index d572ef9e6cb3eaefc515a25b4ff7a5b7178024fb..04bffd017e345ab103ab31e97cee711b5e166569 100644 (file)
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/smtp_in.c,v 1.29 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/smtp_in.c,v 1.30 2006/02/10 14:25:43 ph10 Exp $ */

 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *


@@ -2133,7 +2133,7 @@ while (done <= 0)
   pid_t pid;
   int start, end, sender_domain, recipient_domain;
   int ptr, size, rc;
   pid_t pid;
   int start, end, sender_domain, recipient_domain;
   int ptr, size, rc;

-  int c;
+  int c, i;

   auth_instance *au;
 
   switch(smtp_read_command(TRUE))
   auth_instance *au;
 
   switch(smtp_read_command(TRUE))


@@ -2222,20 +2222,26 @@ while (done <= 0)
       break;
       }
 
       break;
       }
 

-    /* Run the checking code, passing the remainder of the command
-    line as data. Initialize $0 empty. The authenticator may set up
-    other numeric variables. Afterwards, have a go at expanding the set_id
-    string, even if authentication failed - for bad passwords it can be useful
-    to log the userid. On success, require set_id to expand and exist, and
-    put it in authenticated_id. Save this in permanent store, as the working
-    store gets reset at HELO, RSET, etc. */
+    /* Run the checking code, passing the remainder of the command line as
+    data. Initials the $auth<n> variables as empty. Initialize $0 empty and set
+    it as the only set numerical variable. The authenticator may set $auth<n>
+    and also set other numeric variables. The $auth<n> variables are preferred
+    nowadays; the numerical variables remain for backwards compatibility.

 
 

+    Afterwards, have a go at expanding the set_id string, even if
+    authentication failed - for bad passwords it can be useful to log the
+    userid. On success, require set_id to expand and exist, and put it in
+    authenticated_id. Save this in permanent store, as the working store gets
+    reset at HELO, RSET, etc. */
+
+    for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;

     expand_nmax = 0;
     expand_nlength[0] = 0;   /* $0 contains nothing */
 
     c = (au->info->servercode)(au, smtp_cmd_argument);
     if (au->set_id != NULL) set_id = expand_string(au->set_id);
     expand_nmax = -1;        /* Reset numeric variables */
     expand_nmax = 0;
     expand_nlength[0] = 0;   /* $0 contains nothing */
 
     c = (au->info->servercode)(au, smtp_cmd_argument);
     if (au->set_id != NULL) set_id = expand_string(au->set_id);
     expand_nmax = -1;        /* Reset numeric variables */

+    for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;   /* Reset $auth<n> */

 
     /* The value of authenticated_id is stored in the spool file and printed in
     log lines. It must not contain binary zeros or newline characters. In
 
     /* The value of authenticated_id is stored in the spool file and printed in
     log lines. It must not contain binary zeros or newline characters. In

diff --git a/test/confs/0002 b/test/confs/0002
index 6f02fafa74d2b4100794bd311be7679beb33e588..8662e54d07512fe739a4a5bfb396bc27bc85c7d4 100644 (file)
--- a/test/confs/0002
+++ b/test/confs/0002
@@ -14,7 +14,7 @@ gecos_name = CALLER_NAME
 
 # ----- Main settings -----
 
 
 # ----- Main settings -----
 

-domainlist dlist = *.aa.bb : ^\Nxxx
+domainlist dlist = *.aa.bb : ^\Nxxx(.*)

 hostlist   hlist = V4NET.11.12.13 : iplsearch;DIR/aux-fixed/0002.iplsearch
 headers_charset = iso-8859-8
 
 hostlist   hlist = V4NET.11.12.13 : iplsearch;DIR/aux-fixed/0002.iplsearch
 headers_charset = iso-8859-8
 

diff --git a/test/confs/3400 b/test/confs/3400
index 61dc5a590588b401ea17e4eea2274cd0423ca817..b84ee56c41f73ec5124eaf9891fd8dc1046f4401 100644 (file)
--- a/test/confs/3400
+++ b/test/confs/3400
@@ -85,46 +85,46 @@ plain:
   driver = plaintext
   public_name = PLAIN
   server_condition = "\
   driver = plaintext
   public_name = PLAIN
   server_condition = "\

-    ${if and {{eq{$2}{userx}}{eq{$3}{secret}}}{yes}{no}}"
-  server_set_id = $2
+    ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
+  server_set_id = $auth2

 
 extended_plain:
   driver = plaintext
   public_name = EXPLAIN
   server_prompts = :
   server_condition = "\
 
 extended_plain:
   driver = plaintext
   public_name = EXPLAIN
   server_prompts = :
   server_condition = "\

-    ${if and {{eq{$2}{userx}}{eq{$3}{secret}}}{yes}{no}}"
-  server_set_id = $2
+    ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
+  server_set_id = $auth2

 
 expanded_prompt_plain:
   driver = plaintext
   public_name = EXPANDED
   server_prompts = $primary_hostname
   server_condition = "\
 
 expanded_prompt_plain:
   driver = plaintext
   public_name = EXPANDED
   server_prompts = $primary_hostname
   server_condition = "\

-    ${if and {{eq{$2}{userx}}{eq{$3}{secret}}}{yes}{no}}"
-  server_set_id = $2
+    ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
+  server_set_id = $auth2

 
 expanded_prompt_plain_fail:
   driver = plaintext
   public_name = EXPANDFAIL
   server_prompts = $nonexistent
   server_condition = "\
 
 expanded_prompt_plain_fail:
   driver = plaintext
   public_name = EXPANDFAIL
   server_prompts = $nonexistent
   server_condition = "\

-    ${if and {{eq{$2}{userx}}{eq{$3}{secret}}}{yes}{no}}"
-  server_set_id = $2
+    ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
+  server_set_id = $auth2

 
 defer:
   driver = plaintext
   public_name = DEFER
   server_condition = "account suspended"
 
 defer:
   driver = plaintext
   public_name = DEFER
   server_condition = "account suspended"

-  server_set_id = $2
+  server_set_id = $auth2

 
 login:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "User Name : Password "
   server_condition = "\
 
 login:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "User Name : Password "
   server_condition = "\

-    ${if and {{eq{$1}{userx}}{eq{$2}{secret}}}{yes}{no}}"
-  server_set_id = $1
+    ${if and {{eq{$auth1}{userx}}{eq{$auth2}{secret}}}{yes}{no}}"
+  server_set_id = $auth1

 
 
 # ----- Routers -----
 
 
 # ----- Routers -----

diff --git a/test/confs/3500 b/test/confs/3500
index 999cd5673babe70fd39bd4f1c8568f7dc6446c95..b83b1c33fa9802ffdf1f571432c463cbbc0c8350 100644 (file)
--- a/test/confs/3500
+++ b/test/confs/3500
@@ -76,10 +76,10 @@ begin authenticators
 cram_md5:
   driver = cram_md5
   public_name = CRAM-MD5
 cram_md5:
   driver = cram_md5
   public_name = CRAM-MD5

-  server_debug_print = +++CRAM-MD5 \$1="$1" \$2=\"$2" \$3="$3"
-  server_secret = "${if eq{$1}{tim}{tanstaaftanstaaf}\
-    {${if eq{$1}{userx}{secret}fail}}}"
-  server_set_id = $1
+  server_debug_print = +++CRAM-MD5 \$auth1="$auth1" \$auth2=\"$auth2" \$auth3="$auth3"
+  server_secret = "${if eq{$auth1}{tim}{tanstaaftanstaaf}\
+    {${if eq{$auth1}{userx}{secret}fail}}}"
+  server_set_id = $auth1

 
 
 
 
 
 

diff --git a/test/confs/3600 b/test/confs/3600
index 5550c3b112e8f8c6288f4ed6c99db59d8262ec77..c70fa19d7e0a89c183ba4ef09e63f7d831560d12 100644 (file)
--- a/test/confs/3600
+++ b/test/confs/3600
@@ -45,6 +45,7 @@ spa:
   public_name = NTLM
   client_password = $sender_address
   client_username = username
   public_name = NTLM
   client_password = $sender_address
   client_username = username

+  server_debug_print = +++SPA \$auth1="$auth1"

   server_password = ok@test.ex
 
 
   server_password = ok@test.ex
 
 

diff --git a/test/confs/9300 b/test/confs/9300
index 8f413c0f24e243334fe21fa009fdf6d6084738f6..91365047f7d06296e962281468f3c6ee47898419 100644 (file)
--- a/test/confs/9300
+++ b/test/confs/9300
@@ -21,11 +21,11 @@ begin authenticators
 sasl1:
   driver = cyrus_sasl
   public_name = ANONYMOUS
 sasl1:
   driver = cyrus_sasl
   public_name = ANONYMOUS

-  server_set_id = $1
+  server_set_id = $auth1

 
 sasl2:
   driver = cyrus_sasl
   public_name = PLAIN
 
 sasl2:
   driver = cyrus_sasl
   public_name = PLAIN

-  server_set_id = $1
+  server_set_id = $auth1

 
 # End
 
 # End

diff --git a/test/scripts/0000-Basic/0002 b/test/scripts/0000-Basic/0002
index eaa0dd82a07254e3fb5c6dc07a1a5ee9e48ea08e..f869c6da440c5546c6fe9e5912cdb81ffd9d6517 100644 (file)
--- a/test/scripts/0000-Basic/0002
+++ b/test/scripts/0000-Basic/0002
@@ -269,6 +269,22 @@ match_domain:    ${if match_domain{5.aa.bb}{+dlist}{yes}{no}}
 match_domain:    ${if match_domain{xxxyz}{+dlist}{yes}{no}}
 match_domain:    ${if match_domain{xyz}{+dlist}{yes}{no}}
 
 match_domain:    ${if match_domain{xxxyz}{+dlist}{yes}{no}}
 match_domain:    ${if match_domain{xyz}{+dlist}{yes}{no}}
 

+${if match{x@zz.aa.bb}{^(.*)} \
+  { \
+  >$1< \ 
+  ${if match_domain{${domain:$1}}{+dlist}{[$1]}} \
+  >$1< \
+  } \
+  { CAN'T HAPPEN}} 
+
+${if match{x@xxxabc}{^(.*)} \
+  { \
+  >$1< \ 
+  ${if match_domain{${domain:$1}}{^\Nxxx(.*)\N}{[$1]}} \
+  >$1< \
+  } \
+  { CAN'T HAPPEN}} 
+

 match_address:   ${if match_address{x@y.z}{p@q:*@y.z}{yes}{no}}
 match_address:   ${if match_address{x@y.z}{p@q:x@*.z}{yes}{no}}
 
 match_address:   ${if match_address{x@y.z}{p@q:*@y.z}{yes}{no}}
 match_address:   ${if match_address{x@y.z}{p@q:x@*.z}{yes}{no}}
 

diff --git a/test/stderr/3400 b/test/stderr/3400
index 16b12b26c2194a5cd7b57499ab6be02f8c8da23b..fb3b9895be4fcbd89e7c7d342854f80f1cc13de2 100644 (file)
--- a/test/stderr/3400
+++ b/test/stderr/3400
@@ -109,6 +109,7 @@ LOG: H=(test.host) [10.0.0.1] rejected ETRN abcd: authentication required
 >>> deny: condition test succeeded
 LOG: H=(test.host) [10.0.0.1] F=<junk@jink.jonk.test.ex> rejected RCPT <userx@test.ex>: authentication required
 >>> mylogin authenticator:
 >>> deny: condition test succeeded
 LOG: H=(test.host) [10.0.0.1] F=<junk@jink.jonk.test.ex> rejected RCPT <userx@test.ex>: authentication required
 >>> mylogin authenticator:

+>>>   $auth1 = userx secret

 >>>   $1 = userx secret
 >>> +++MYLOGIN $1="userx secret" $2="" $3=""
 >>> expanded string: yes
 >>>   $1 = userx secret
 >>> +++MYLOGIN $1="userx secret" $2="" $3=""
 >>> expanded string: yes


@@ -273,6 +274,7 @@ LOG: H=(test.host) [10.0.0.1] Warning: accepted ETRN #abcd
 >>> accept: endpass encountered - denying access
 LOG: H=(test.host) [10.0.0.3] F=<junk@jink.jonk.test.ex> rejected RCPT <userx@cus.cam.ac.uk>: authentication required
 >>> mylogin authenticator:
 >>> accept: endpass encountered - denying access
 LOG: H=(test.host) [10.0.0.3] F=<junk@jink.jonk.test.ex> rejected RCPT <userx@cus.cam.ac.uk>: authentication required
 >>> mylogin authenticator:

+>>>   $auth1 = userx secret

 >>>   $1 = userx secret
 >>> +++MYLOGIN $1="userx secret" $2="" $3=""
 >>> expanded string: yes
 >>>   $1 = userx secret
 >>> +++MYLOGIN $1="userx secret" $2="" $3=""
 >>> expanded string: yes


@@ -367,6 +369,7 @@ SMTP>> 250-myhost.test.ex Hello CALLER at testing.testing [10.0.0.5]
 250 HELP\r
 SMTP<< auth mylogin dXNlcnggc2VjcmV0
 mylogin authenticator:
 250 HELP\r
 SMTP<< auth mylogin dXNlcnggc2VjcmV0
 mylogin authenticator:

+  $auth1 = userx secret

   $1 = userx secret
 +++MYLOGIN $1="userx secret" $2="" $3=""
 expanded string: yes
   $1 = userx secret
 +++MYLOGIN $1="userx secret" $2="" $3=""
 expanded string: yes

diff --git a/test/stderr/3408 b/test/stderr/3408
index 0ce50f216e202e9b50d5b70cd9e32e1a5ca762e3..a5e576f43293f960c1800e5c6bfee990cb11f4ea 100644 (file)
--- a/test/stderr/3408
+++ b/test/stderr/3408
@@ -51,6 +51,9 @@ LOG: 10HmaX-0005vi-00 <= postmaster@exim.test.ex H=(exim.test.ex) [V4NET.11.12.1
 >>> host in pipelining_advertise_hosts? yes (matched "*")
 >>> host in auth_advertise_hosts? yes (matched "*")
 >>> plain authenticator:
 >>> host in pipelining_advertise_hosts? yes (matched "*")
 >>> host in auth_advertise_hosts? yes (matched "*")
 >>> plain authenticator:

+>>>   $auth1 = 
+>>>   $auth2 = userx
+>>>   $auth3 = secret

 >>>   $1 = 
 >>>   $2 = userx
 >>>   $3 = secret
 >>>   $1 = 
 >>>   $2 = userx
 >>>   $3 = secret

diff --git a/test/stderr/3410 b/test/stderr/3410
index 02dc1343cefb444cac899379874340a6c97fb525..b7cdcf399b4114407dd1537b580aaff9e4d56dff 100644 (file)
--- a/test/stderr/3410
+++ b/test/stderr/3410
@@ -16,6 +16,9 @@ LOG: H=[5.6.9.1] F=<x@y> rejected RCPT <x@y>: You must authenticate
 >>> host in pipelining_advertise_hosts? yes (matched "*")
 >>> host in auth_advertise_hosts? yes (matched "*")
 >>> auth1 authenticator:
 >>> host in pipelining_advertise_hosts? yes (matched "*")
 >>> host in auth_advertise_hosts? yes (matched "*")
 >>> auth1 authenticator:

+>>>   $auth1 = 
+>>>   $auth2 = userx
+>>>   $auth3 = secret

 >>>   $1 = 
 >>>   $2 = userx
 >>>   $3 = secret
 >>>   $1 = 
 >>>   $2 = userx
 >>>   $3 = secret


@@ -43,6 +46,9 @@ LOG: H=[5.6.10.1] F=<x@y> rejected RCPT <x@y>
 >>> host in pipelining_advertise_hosts? yes (matched "*")
 >>> host in auth_advertise_hosts? yes (matched "*")
 >>> auth1 authenticator:
 >>> host in pipelining_advertise_hosts? yes (matched "*")
 >>> host in auth_advertise_hosts? yes (matched "*")
 >>> auth1 authenticator:

+>>>   $auth1 = 
+>>>   $auth2 = userx
+>>>   $auth3 = secret

 >>>   $1 = 
 >>>   $2 = userx
 >>>   $3 = secret
 >>>   $1 = 
 >>>   $2 = userx
 >>>   $3 = secret


@@ -64,6 +70,8 @@ LOG: H=[5.6.10.1] F=<x@y> rejected RCPT <x@y>
 >>> host in pipelining_advertise_hosts? yes (matched "*")
 >>> host in auth_advertise_hosts? yes (matched "*")
 >>> auth2 authenticator:
 >>> host in pipelining_advertise_hosts? yes (matched "*")
 >>> host in auth_advertise_hosts? yes (matched "*")
 >>> auth2 authenticator:

+>>>   $auth1 = userx
+>>>   $auth2 = secret

 >>>   $1 = userx
 >>>   $2 = secret
 >>> expanded string: yes
 >>>   $1 = userx
 >>>   $2 = secret
 >>> expanded string: yes

diff --git a/test/stderr/3500 b/test/stderr/3500
index fc3637f33a2070a90ff68c98372cb725ce1c8a40..b0432c58c5c6cfbd75d1b7e18e65a15334ffa466 100644 (file)
--- a/test/stderr/3500
+++ b/test/stderr/3500
@@ -23,7 +23,7 @@
 >>> host in pipelining_advertise_hosts? yes (matched "*")
 >>> host in "10.0.0.1"? yes (matched "10.0.0.1")
 >>> host in auth_advertise_hosts? yes (matched "+auth_hosts")
 >>> host in pipelining_advertise_hosts? yes (matched "*")
 >>> host in "10.0.0.1"? yes (matched "10.0.0.1")
 >>> host in auth_advertise_hosts? yes (matched "+auth_hosts")

->>> +++CRAM-MD5 $1="tim" $2="" $3=""
+>>> +++CRAM-MD5 $auth1="tim" $auth2="" $auth3=""

 >>> CRAM-MD5: user name = tim
 >>>           challenge = <1896.697170952@postoffice.reston.mci.net>
 >>>           received  = b913a602c7eda7a495b4e6e7334d3890
 >>> CRAM-MD5: user name = tim
 >>>           challenge = <1896.697170952@postoffice.reston.mci.net>
 >>>           received  = b913a602c7eda7a495b4e6e7334d3890

diff --git a/test/stdout/0002 b/test/stdout/0002
index b2e86b2a603420921db3ae3e9d84866336b53a55..4d87e0acc7ff25ccd0f05fbc3db5a6d84e3207e5 100644 (file)
--- a/test/stdout/0002
+++ b/test/stdout/0002
@@ -250,6 +250,10 @@
 > match_domain:    yes
 > match_domain:    no
 > 
 > match_domain:    yes
 > match_domain:    no
 > 

+>  >x@zz.aa.bb< [] >x@zz.aa.bb< 
+> 
+>  >x@xxxabc< [] >x@xxxabc< 
+> 

 > match_address:   yes
 > match_address:   yes
 > 
 > match_address:   yes
 > match_address:   yes
 >