Auths: in plaintext authenticator, fix parsing of consecutive circuflex. Bug 2687

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 4c79e87cf81aae44eb0bbd798ddd53f058d7ee79..15b03eabbe43909ca04e7feb8dc99b6164ce7b05 100644 (file)
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -27824,7 +27824,14 @@ fixed_plain:
   client_send = ^username^mysecret
 .endd
 The lack of colons means that the entire text is sent with the AUTH
   client_send = ^username^mysecret
 .endd
 The lack of colons means that the entire text is sent with the AUTH

-command, with the circumflex characters converted to NULs. A similar example
+command, with the circumflex characters converted to NULs.
+.new
+Note that due to the ambiguity of parsing three consectutive circumflex characters
+there is no way to provide a password having a leading circumflex.
+.wen
+
+
+A similar example

 that uses the LOGIN mechanism is:
 .code
 fixed_login:
 that uses the LOGIN mechanism is:
 .code
 fixed_login:

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index d9e979c33e8095f51714212077981874556cb98f..87bf0d009ff1612923d224e35981b826e72cb6de 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -170,6 +170,13 @@ JH/34 Fix the placement of a multiple-message delivery marker in the delivery
 
 JH/35 Bug 2343: Harden exim_tidydb against corrupt wait- files.
 
 
 JH/35 Bug 2343: Harden exim_tidydb against corrupt wait- files.
 

+JH/36 Bug 2687: Fix interpretation of multiple ^ chars in a plaintext
+      authenticator client_send option.  Previously the next char, after a pair
+      was collapsed, was taken verbatim (so ^^^foo became ^^foo; ^^^^foo became
+      ^^\x00foo). Fixed to get ^\x00foo and ^^foo respectively to match the
+      documentation.  There is still no way to get a leading ^ immediately
+      after a NUL (ie. for the password of a PLAIN method authenticator.
+

 
 Exim version 4.94
 -----------------
 
 Exim version 4.94
 -----------------

diff --git a/src/src/auths/get_data.c b/src/src/auths/get_data.c
index 602a1181a38f7f3cb18c80e4253d1a73c5117128..88359658ab5c3300f610bc152a64841924f9fd9e 100644 (file)
--- a/src/src/auths/get_data.c
+++ b/src/src/auths/get_data.c
@@ -168,14 +168,20 @@ if (!ss)
 len = Ustrlen(ss);
 
 /* The character ^ is used as an escape for a binary zero character, which is
 len = Ustrlen(ss);
 
 /* The character ^ is used as an escape for a binary zero character, which is

-needed for the PLAIN mechanism. It must be doubled if really needed. */
+needed for the PLAIN mechanism. It must be doubled if really needed.
+
+The parsing ambiguity of ^^^ is taken as ^^ -> ^ ; ^ -> NUL - and there is
+no way to get a leading ^ after a NUL.  We would need to intro new syntax to
+support that (probably preferring to take a more-standard exim list as a source
+and concat the elements with intervening NULs.  Either a magic marker on the
+source string for client_send, or a new option). */

 
 for (int i = 0; i < len; i++)
   if (ss[i] == '^')
     if (ss[i+1] != '^')
       ss[i] = 0;
     else
 
 for (int i = 0; i < len; i++)
   if (ss[i] == '^')
     if (ss[i+1] != '^')
       ss[i] = 0;
     else

-      if (--len > ++i) memmove(ss + i, ss + i + 1, len - i);
+      if (--len > i+1) memmove(ss + i + 1, ss + i + 2, len - i);

 
 /* The first string is attached to the AUTH command; others are sent
 unembellished. */
 
 /* The first string is attached to the AUTH command; others are sent
 unembellished. */