From e34f8ca2022e340d3c0e36260a0232fab306dfcc Mon Sep 17 00:00:00 2001
From: Jeremy Harris <jgh146exb@wizmail.org>
Date: Sun, 18 Feb 2018 16:22:52 +0000
Subject: [PATCH] Expansions: make ${authresults } usable in a named ACL

This will be more common than directly in the acl_smtp_data option,
and suffers one less expansion in operation.
---
 src/src/dkim.c    | 2 +-
 src/src/expand.c  | 6 +++---
 src/src/smtp_in.c | 2 +-
 src/src/spf.c     | 2 +-
 test/confs/3403   | 8 +++++++-
 test/confs/4500   | 5 ++++-
 test/stderr/4507  | 7 ++++---
 7 files changed, 21 insertions(+), 11 deletions(-)

diff --git a/src/src/dkim.c b/src/src/dkim.c
index 4fe4a11ab..ec5ba494b 100644
--- a/src/src/dkim.c
+++ b/src/src/dkim.c
@@ -803,7 +803,7 @@ pdkim_signature * sig;
 
 for (sig = dkim_signatures; sig; sig = sig->next)
   {
-  g = string_catn(g, US";\\n\\tdkim=", 10);
+  g = string_catn(g, US";\n\tdkim=", 8);
 
   if (sig->verify_status & PDKIM_VERIFY_POLICY)
     g = string_append(g, 5,
diff --git a/src/src/expand.c b/src/src/expand.c
index 44e8e1ba0..d49f943b0 100644
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -1666,11 +1666,11 @@ static gstring *
 authres_iprev(gstring * g)
 {
 if (sender_host_name)
-  return string_append(g, 3, US";\\n\\tiprev=pass (", sender_host_name, US")");
+  return string_append(g, 3, US";\n\tiprev=pass (", sender_host_name, US")");
 if (host_lookup_deferred)
-  return string_catn(g, US";\\n\\tiprev=temperror", 21);
+  return string_catn(g, US";\n\tiprev=temperror", 19);
 if (host_lookup_failed)
-  return string_catn(g, US";\\n\\tiprev=fail", 15);
+  return string_catn(g, US";\n\tiprev=fail", 13);
 return g;
 }
 
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index 1b7df5c30..d804bc7d2 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -5751,7 +5751,7 @@ authres_smtpauth(gstring * g)
 if (!sender_host_authenticated)
   return g;
 
-g = string_append(g, 4, US";\\n\\tauth=pass"
+g = string_append(g, 4, US";\n\tauth=pass"
 	" (", sender_host_authenticated, US") smtp.auth=", authenticated_id);
 if (authenticated_sender)
   g = string_append(g, 2, US" smtp.mailfrom=", authenticated_sender);
diff --git a/src/src/spf.c b/src/src/spf.c
index a2f93b0ce..12994a690 100644
--- a/src/src/spf.c
+++ b/src/src/spf.c
@@ -153,7 +153,7 @@ authres_spf(gstring * g)
 {
 if (!spf_result) return g;
 
-return string_append(g, 4, US";\\n\\tspf=", spf_result,
+return string_append(g, 4, US";\n\tspf=", spf_result,
          US" smtp.mailfrom=", expand_string(US"$sender_address_domain"));
 }
 
diff --git a/test/confs/3403 b/test/confs/3403
index 79fb73fe1..b8c8086b6 100644
--- a/test/confs/3403
+++ b/test/confs/3403
@@ -7,7 +7,7 @@ primary_hostname = myhost.test.ex
 # ----- Main settings -----
 
 acl_smtp_rcpt = accept
-acl_smtp_data = accept add_header = :at_start:${authresults {$primary_hostname}}
+acl_smtp_data = check_data
 
 
 # ----- Authentication -----
@@ -27,6 +27,12 @@ plain1:
   server_mail_auth_condition = ${if eq{$authenticated_id}{userx}{yes}}
 
 
+# ----- ACL -----
+begin acl
+
+check_data:
+  accept add_header = :at_start:${authresults {$primary_hostname}}
+
 # ----- Routers -----
 
 begin routers
diff --git a/test/confs/4500 b/test/confs/4500
index a952758ae..502de4a19 100644
--- a/test/confs/4500
+++ b/test/confs/4500
@@ -10,7 +10,7 @@ primary_hostname = myhost.test.ex
 
 acl_smtp_rcpt = accept
 acl_smtp_dkim = check_dkim
-acl_smtp_data = accept logwrite = ${authresults {$primary_hostname}}
+acl_smtp_data = check_data
 
 log_selector = +dkim_verbose
 
@@ -37,4 +37,7 @@ check_dkim:
   accept
 .endif
 
+check_data:
+  accept logwrite = ${authresults {$primary_hostname}}
+
 # End
diff --git a/test/stderr/4507 b/test/stderr/4507
index 42dd96980..e1961ceb3 100644
--- a/test/stderr/4507
+++ b/test/stderr/4507
@@ -23,11 +23,12 @@ LOG: 10HmaX-0005vi-00 signer: test.ex bits: 1024
 >>> accept: condition test succeeded in ACL "check_dkim"
 >>> end of ACL "check_dkim": ACCEPT
 LOG: 10HmaX-0005vi-00 DKIM: d=test.ex s=sel c=simple/simple a=rsa-sha1 b=1024 [verification succeeded]
+>>> using ACL "check_data"
 >>> processing "accept"
->>> check logwrite = Authentication-Results: myhost.test.ex;\n\tdkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
+>>> check logwrite = ${authresults {$primary_hostname}}
 >>>                = Authentication-Results: myhost.test.ex;
 >>> 	dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
 LOG: 10HmaX-0005vi-00 Authentication-Results: myhost.test.ex;\n	dkim=pass header.d=test.ex header.s=sel header.a=rsa-sha1
->>> accept: condition test succeeded in inline ACL
->>> end of inline ACL: ACCEPT
+>>> accept: condition test succeeded in ACL "check_data"
+>>> end of ACL "check_data": ACCEPT
 LOG: 10HmaX-0005vi-00 <= CALLER@bloggs.com H=(xxx) [127.0.0.1] P=smtp S=sss DKIM=test.ex id=qwerty1234@disco-zombie.net
-- 
2.30.2