From a75ebe0dcc5faeb915cacb0d9db66d2475789116 Mon Sep 17 00:00:00 2001 From: Jeremy Harris Date: Sat, 31 Oct 2020 23:58:11 +0000 Subject: [PATCH] Pass authenticator pubname through spool. Bug 2648 --- doc/doc-txt/ChangeLog | 4 ++++ src/exim_monitor/em_globals.c | 1 + src/src/smtp_in.c | 12 +++++++----- src/src/spool_in.c | 4 +++- src/src/spool_out.c | 6 ++++-- test/confs/3403 | 1 + test/mail/3403.userx | 2 ++ test/stdout/3415 | 5 +++++ 8 files changed, 27 insertions(+), 8 deletions(-) diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog index 959218100..e61ad6226 100644 --- a/doc/doc-txt/ChangeLog +++ b/doc/doc-txt/ChangeLog @@ -130,6 +130,10 @@ JH/26 Bug 2646: fix a memory usage issue in ldap lookups. Previously, when more details, an internal consistency trap could be hit while walking the list of servers. +JH/27 Bug 2648: fix the passing of an authenticator public-name through spool + files. The value is used by the authresults expansion item. Previously + if this was used in a router or transport, a crash could result. + Exim version 4.94 ----------------- diff --git a/src/exim_monitor/em_globals.c b/src/exim_monitor/em_globals.c index 925e88e05..30d22b5eb 100644 --- a/src/exim_monitor/em_globals.c +++ b/src/exim_monitor/em_globals.c @@ -205,6 +205,7 @@ uschar *sender_address = NULL; uschar *sender_fullhost = NULL; uschar *sender_helo_name = NULL; uschar *sender_host_address = NULL; +uschar *sender_host_auth_pubname = NULL; uschar *sender_host_authenticated = NULL; uschar *sender_host_name = NULL; int sender_host_port = 0; diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c index cf6271c60..b50070cfa 100644 --- a/src/src/smtp_in.c +++ b/src/src/smtp_in.c @@ -5894,12 +5894,14 @@ if (!sender_host_authenticated) g = string_append(g, 2, US";\n\tauth=pass (", sender_host_auth_pubname); -if (Ustrcmp(sender_host_auth_pubname, "tls") != 0) - g = string_append(g, 2, US") smtp.auth=", authenticated_id); -else if (authenticated_id) - g = string_append(g, 2, US") x509.auth=", authenticated_id); +if (Ustrcmp(sender_host_auth_pubname, "tls") == 0) + g = authenticated_id + ? string_append(g, 2, US") x509.auth=", authenticated_id) + : string_cat(g, US") reason=x509.auth"); else - g = string_cat(g, US") reason=x509.auth"); + g = authenticated_id + ? string_append(g, 2, US") smtp.auth=", authenticated_id) + : string_cat(g, US", no id saved)"); if (authenticated_sender) g = string_append(g, 2, US" smtp.mailfrom=", authenticated_sender); diff --git a/src/src/spool_in.c b/src/src/spool_in.c index 7d95fccc1..022ac02bc 100644 --- a/src/src/spool_in.c +++ b/src/src/spool_in.c @@ -253,7 +253,7 @@ sender_helo_name = NULL; sender_host_address = NULL; sender_host_name = NULL; sender_host_port = 0; -sender_host_authenticated = NULL; +sender_host_authenticated = sender_host_auth_pubname = NULL; sender_ident = NULL; f.sender_local = FALSE; f.sender_set_untrusted = FALSE; @@ -580,6 +580,8 @@ for (;;) host_lookup_deferred = TRUE; else if (Ustrcmp(p, "ost_lookup_failed") == 0) host_lookup_failed = TRUE; + else if (Ustrncmp(p, "ost_auth_pubname", 16) == 0) + sender_host_auth_pubname = string_copy_taint(var + 18, tainted); else if (Ustrncmp(p, "ost_auth", 8) == 0) sender_host_authenticated = string_copy_taint(var + 10, tainted); else if (Ustrncmp(p, "ost_name", 8) == 0) diff --git a/src/src/spool_out.c b/src/src/spool_out.c index 4539e3c69..113765bab 100644 --- a/src/src/spool_out.c +++ b/src/src/spool_out.c @@ -174,9 +174,11 @@ if (sender_host_address) fprintf(fp, "-host_address %s.%d\n", sender_host_address, sender_host_port); if (sender_host_name) spool_var_write(fp, US"host_name", sender_host_name); - if (sender_host_authenticated) - spool_var_write(fp, US"host_auth", sender_host_authenticated); } +if (sender_host_authenticated) + spool_var_write(fp, US"host_auth", sender_host_authenticated); +if (sender_host_auth_pubname) + spool_var_write(fp, US"host_auth_pubname", sender_host_auth_pubname); /* Also about the interface a message came in on */ diff --git a/test/confs/3403 b/test/confs/3403 index 161cdeaee..5d59e6dee 100644 --- a/test/confs/3403 +++ b/test/confs/3403 @@ -40,6 +40,7 @@ begin routers d1: driver = accept headers_add = aid: $authenticated_id + headers_add = rtr_authres: ${authresults {$primary_hostname}} retry_use_local_part transport = t1 diff --git a/test/mail/3403.userx b/test/mail/3403.userx index 08cdf9a31..9ec9b79b7 100644 --- a/test/mail/3403.userx +++ b/test/mail/3403.userx @@ -10,6 +10,8 @@ Message-Id: From: CALLER_NAME Date: Tue, 2 Mar 1999 09:44:33 +0000 aid: userx +rtr_authres: Authentication-Results: myhost.test.ex; + auth=pass (PLAIN) smtp.auth=userx Test data diff --git a/test/stdout/3415 b/test/stdout/3415 index 0889dd795..d806fa66c 100644 --- a/test/stdout/3415 +++ b/test/stdout/3415 @@ -159,6 +159,7 @@ ddddddddd 0 --helo_name rhu.barb -host_address 127.0.0.1.9999 -host_auth au1 +-host_auth_pubname PLAIN -interface_address 127.0.0.1.1225 -received_protocol esmtpa -body_linecount 0 @@ -186,6 +187,7 @@ ddddddddd 0 --helo_name rhu.barb -host_address 127.0.0.1.9999 -host_auth au1 +-host_auth_pubname PLAIN -interface_address 127.0.0.1.1225 -received_protocol esmtpa -body_linecount 0 @@ -211,6 +213,7 @@ ddddddddd 0 --helo_name rhu.barb -host_address 127.0.0.1.9999 -host_auth au1 +-host_auth_pubname PLAIN -interface_address 127.0.0.1.1225 -received_protocol esmtpa -body_linecount 0 @@ -236,6 +239,7 @@ ddddddddd 0 --helo_name rhu.barb -host_address 127.0.0.1.9999 -host_auth au1 +-host_auth_pubname PLAIN -interface_address 127.0.0.1.1225 -received_protocol esmtpa -body_linecount 0 @@ -261,6 +265,7 @@ ddddddddd 0 --helo_name rhu.barb -host_address 127.0.0.1.9999 -host_auth au1 +-host_auth_pubname PLAIN -interface_address 127.0.0.1.1225 -received_protocol esmtpa -body_linecount 0 -- 2.30.2