Pass authenticator pubname through spool. Bug 2648
authorJeremy Harris <jgh146exb@wizmail.org>
Sat, 31 Oct 2020 23:58:11 +0000 (23:58 +0000)
committerJeremy Harris <jgh146exb@wizmail.org>
Mon, 2 Nov 2020 14:23:32 +0000 (14:23 +0000)
doc/doc-txt/ChangeLog
src/exim_monitor/em_globals.c
src/src/smtp_in.c
src/src/spool_in.c
src/src/spool_out.c
test/confs/3403
test/mail/3403.userx
test/stdout/3415

index 9592181006de1bc1b0219ac68631ed6aff9a1b86..e61ad62264b8dfeaa6326aeacd405911319567b8 100644 (file)
@@ -130,6 +130,10 @@ JH/26 Bug 2646: fix a memory usage issue in ldap lookups.  Previously, when more
       details, an internal consistency trap could be hit while walking the list
       of servers.
 
+JH/27 Bug 2648: fix the passing of an authenticator public-name through spool
+      files.  The value is used by the authresults expansion item.  Previously
+      if this was used in a router or transport, a crash could result.
+
 
 Exim version 4.94
 -----------------
index 925e88e053133bf52966502eeda64a8458e059a4..30d22b5ebca2bb34b7483dbb640ec2e660a69fd0 100644 (file)
@@ -205,6 +205,7 @@ uschar *sender_address         = NULL;
 uschar *sender_fullhost        = NULL;
 uschar *sender_helo_name       = NULL;
 uschar *sender_host_address    = NULL;
+uschar *sender_host_auth_pubname = NULL;
 uschar *sender_host_authenticated = NULL;
 uschar *sender_host_name       = NULL;
 int     sender_host_port       = 0;
index cf6271c6033c2510821bacd2b26299ab10c36f39..b50070cfa5a72a62e8ccf77fff0ac1a9d6a84b80 100644 (file)
@@ -5894,12 +5894,14 @@ if (!sender_host_authenticated)
 
 g = string_append(g, 2, US";\n\tauth=pass (", sender_host_auth_pubname);
 
-if (Ustrcmp(sender_host_auth_pubname, "tls") != 0)
-  g = string_append(g, 2, US") smtp.auth=", authenticated_id);
-else if (authenticated_id)
-  g = string_append(g, 2, US") x509.auth=", authenticated_id);
+if (Ustrcmp(sender_host_auth_pubname, "tls") == 0)
+  g = authenticated_id
+    ? string_append(g, 2, US") x509.auth=", authenticated_id)
+    : string_cat(g, US") reason=x509.auth");
 else
-  g = string_cat(g, US") reason=x509.auth");
+  g = authenticated_id
+    ? string_append(g, 2, US") smtp.auth=", authenticated_id)
+    : string_cat(g, US", no id saved)");
 
 if (authenticated_sender)
   g = string_append(g, 2, US" smtp.mailfrom=", authenticated_sender);
index 7d95fccc132cb8299dee29974159155aaa038962..022ac02bc8e16da84c188b1a855f0fb79b8db4a6 100644 (file)
@@ -253,7 +253,7 @@ sender_helo_name = NULL;
 sender_host_address = NULL;
 sender_host_name = NULL;
 sender_host_port = 0;
-sender_host_authenticated = NULL;
+sender_host_authenticated = sender_host_auth_pubname = NULL;
 sender_ident = NULL;
 f.sender_local = FALSE;
 f.sender_set_untrusted = FALSE;
@@ -580,6 +580,8 @@ for (;;)
       host_lookup_deferred = TRUE;
     else if (Ustrcmp(p, "ost_lookup_failed") == 0)
       host_lookup_failed = TRUE;
+    else if (Ustrncmp(p, "ost_auth_pubname", 16) == 0)
+      sender_host_auth_pubname = string_copy_taint(var + 18, tainted);
     else if (Ustrncmp(p, "ost_auth", 8) == 0)
       sender_host_authenticated = string_copy_taint(var + 10, tainted);
     else if (Ustrncmp(p, "ost_name", 8) == 0)
index 4539e3c697f0f8d5149024d3b08e55db5f554c44..113765babb90dbaedaf23d64e7e2edac78b43b05 100644 (file)
@@ -174,9 +174,11 @@ if (sender_host_address)
   fprintf(fp, "-host_address %s.%d\n", sender_host_address, sender_host_port);
   if (sender_host_name)
     spool_var_write(fp, US"host_name", sender_host_name);
-  if (sender_host_authenticated)
-    spool_var_write(fp, US"host_auth", sender_host_authenticated);
   }
+if (sender_host_authenticated)
+  spool_var_write(fp, US"host_auth", sender_host_authenticated);
+if (sender_host_auth_pubname)
+  spool_var_write(fp, US"host_auth_pubname", sender_host_auth_pubname);
 
 /* Also about the interface a message came in on */
 
index 161cdeaeeeed1280c384ecef0d07ae8576ffeee2..5d59e6dee9efcd499cc46f193418182c4f67d370 100644 (file)
@@ -40,6 +40,7 @@ begin routers
 d1:
   driver = accept
   headers_add = aid: $authenticated_id
+  headers_add = rtr_authres: ${authresults {$primary_hostname}}
   retry_use_local_part
   transport = t1
 
index 08cdf9a3126a36f04d476fc4967011cdc07dcf38..9ec9b79b70bf9bf3b09ce302b4d90d51fd7fd6a8 100644 (file)
@@ -10,6 +10,8 @@ Message-Id: <E10HmaX-0005vi-00@myhost.test.ex>
 From: CALLER_NAME <CALLER@myhost.test.ex>
 Date: Tue, 2 Mar 1999 09:44:33 +0000
 aid: userx
+rtr_authres: Authentication-Results: myhost.test.ex;
+       auth=pass (PLAIN) smtp.auth=userx
 
 Test data
 
index 0889dd7957dc7fe14dfc2431c6b2afa9830b450b..d806fa66cf5dbac41aa6d6a5cb33134180082b28 100644 (file)
@@ -159,6 +159,7 @@ ddddddddd 0
 --helo_name rhu.barb
 -host_address 127.0.0.1.9999
 -host_auth au1
+-host_auth_pubname PLAIN
 -interface_address 127.0.0.1.1225
 -received_protocol esmtpa
 -body_linecount 0
@@ -186,6 +187,7 @@ ddddddddd 0
 --helo_name rhu.barb
 -host_address 127.0.0.1.9999
 -host_auth au1
+-host_auth_pubname PLAIN
 -interface_address 127.0.0.1.1225
 -received_protocol esmtpa
 -body_linecount 0
@@ -211,6 +213,7 @@ ddddddddd 0
 --helo_name rhu.barb
 -host_address 127.0.0.1.9999
 -host_auth au1
+-host_auth_pubname PLAIN
 -interface_address 127.0.0.1.1225
 -received_protocol esmtpa
 -body_linecount 0
@@ -236,6 +239,7 @@ ddddddddd 0
 --helo_name rhu.barb
 -host_address 127.0.0.1.9999
 -host_auth au1
+-host_auth_pubname PLAIN
 -interface_address 127.0.0.1.1225
 -received_protocol esmtpa
 -body_linecount 0
@@ -261,6 +265,7 @@ ddddddddd 0
 --helo_name rhu.barb
 -host_address 127.0.0.1.9999
 -host_auth au1
+-host_auth_pubname PLAIN
 -interface_address 127.0.0.1.1225
 -received_protocol esmtpa
 -body_linecount 0