Add expansion $authenticated_fail_id

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index df53f87219ca8a45b7c11c1f0d9a8cdfb98fab28..9fb00a7071b76d28d1f4ca4d887242c7c0d07552 100644 (file)
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -217,6 +217,9 @@ TL/08 Adjust exiqgrep to be case-insensitive for sender/receiver.
 
 JH/16 Fix comparisons for 64b.  Bugzilla 1385.
 
 
 JH/16 Fix comparisons for 64b.  Bugzilla 1385.
 

+TL/09 Add expansion variable $authenticated_fail_id to keep track of
+      last id that failed so it may be referenced in subsequent ACL's.
+

 
 Exim version 4.80.1
 -------------------
 
 Exim version 4.80.1
 -------------------

diff --git a/src/src/expand.c b/src/src/expand.c
index 0d8e70295c15b7c5631f7297e33c42674945fe81..edef45dba2eee90b82774da9542343c0ccdbd666 100644 (file)
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -410,6 +410,7 @@ static var_entry var_table[] = {
   { "address_data",        vtype_stringptr,   &deliver_address_data },
   { "address_file",        vtype_stringptr,   &address_file },
   { "address_pipe",        vtype_stringptr,   &address_pipe },
   { "address_data",        vtype_stringptr,   &deliver_address_data },
   { "address_file",        vtype_stringptr,   &address_file },
   { "address_pipe",        vtype_stringptr,   &address_pipe },

+  { "authenticated_fail_id",vtype_stringptr,  &authenticated_fail_id },

   { "authenticated_id",    vtype_stringptr,   &authenticated_id },
   { "authenticated_sender",vtype_stringptr,   &authenticated_sender },
   { "authentication_failed",vtype_int,        &authentication_failed },
   { "authenticated_id",    vtype_stringptr,   &authenticated_id },
   { "authenticated_sender",vtype_stringptr,   &authenticated_sender },
   { "authentication_failed",vtype_int,        &authentication_failed },

diff --git a/src/src/globals.c b/src/src/globals.c
index 74b6edb016132ddd00d90e2e4d040e7800fa579e..05bb0ae86191e5bf8eb7ba6ab601627e8b935abf 100644 (file)
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -371,6 +371,7 @@ BOOL    allow_mx_to_ip         = FALSE;
 BOOL    allow_unqualified_recipient = TRUE;    /* For local messages */
 BOOL    allow_unqualified_sender = TRUE;       /* Reset for SMTP */
 BOOL    allow_utf8_domains     = FALSE;
 BOOL    allow_unqualified_recipient = TRUE;    /* For local messages */
 BOOL    allow_unqualified_sender = TRUE;       /* Reset for SMTP */
 BOOL    allow_utf8_domains     = FALSE;

+uschar *authenticated_fail_id  = NULL;

 uschar *authenticated_id       = NULL;
 uschar *authenticated_sender   = NULL;
 BOOL    authentication_failed  = FALSE;
 uschar *authenticated_id       = NULL;
 uschar *authenticated_sender   = NULL;
 BOOL    authentication_failed  = FALSE;

diff --git a/src/src/globals.h b/src/src/globals.h
index db436c06d18285dd6787ff9120f189ee88ea6d7b..2cc16881b119416f7e2796a0473208d14910928b 100644 (file)
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -192,6 +192,7 @@ extern BOOL    allow_mx_to_ip;         /* Allow MX records to -> ip address */
 extern BOOL    allow_unqualified_recipient; /* As it says */
 extern BOOL    allow_unqualified_sender; /* Ditto */
 extern BOOL    allow_utf8_domains;     /* For experimenting */
 extern BOOL    allow_unqualified_recipient; /* As it says */
 extern BOOL    allow_unqualified_sender; /* Ditto */
 extern BOOL    allow_utf8_domains;     /* For experimenting */

+extern uschar *authenticated_fail_id;  /* ID that failed authentication */

 extern uschar *authenticated_id;       /* ID that was authenticated */
 extern uschar *authenticated_sender;   /* From AUTH on MAIL */
 extern BOOL    authentication_failed;  /* TRUE if AUTH was tried and failed */
 extern uschar *authenticated_id;       /* ID that was authenticated */
 extern uschar *authenticated_sender;   /* From AUTH on MAIL */
 extern BOOL    authentication_failed;  /* TRUE if AUTH was tried and failed */

diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index cb1a86991fe1eb62dffcf8a9d60485f952d80a41..4740aa5ff519e86e7ecbca2ff8815f7aa5523aa7 100644 (file)
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -2821,6 +2821,7 @@ while (done <= 0)
         if (set_id != NULL) authenticated_id = string_copy_malloc(set_id);
         sender_host_authenticated = au->name;
         authentication_failed = FALSE;
         if (set_id != NULL) authenticated_id = string_copy_malloc(set_id);
         sender_host_authenticated = au->name;
         authentication_failed = FALSE;

+        authenticated_fail_id = NULL;   /* Impossible to already be set? */

         received_protocol =
           protocols[pextend + pauthed + ((tls_in.active >= 0)? pcrpted:0)] +
             ((sender_host_address != NULL)? pnlocal : 0);
         received_protocol =
           protocols[pextend + pauthed + ((tls_in.active >= 0)? pcrpted:0)] +
             ((sender_host_address != NULL)? pnlocal : 0);


@@ -2836,6 +2837,7 @@ while (done <= 0)
       /* Fall through */
 
       case DEFER:
       /* Fall through */
 
       case DEFER:

+      if (set_id != NULL) authenticated_fail_id = string_copy_malloc(set_id);

       s = string_sprintf("435 Unable to authenticate at present%s",
         auth_defer_user_msg);
       ss = string_sprintf("435 Unable to authenticate at present%s: %s",
       s = string_sprintf("435 Unable to authenticate at present%s",
         auth_defer_user_msg);
       ss = string_sprintf("435 Unable to authenticate at present%s: %s",


@@ -2855,11 +2857,13 @@ while (done <= 0)
       break;
 
       case FAIL:
       break;
 
       case FAIL:

+      if (set_id != NULL) authenticated_fail_id = string_copy_malloc(set_id);

       s = US"535 Incorrect authentication data";
       ss = string_sprintf("535 Incorrect authentication data%s", set_id);
       break;
 
       default:
       s = US"535 Incorrect authentication data";
       ss = string_sprintf("535 Incorrect authentication data%s", set_id);
       break;
 
       default:

+      if (set_id != NULL) authenticated_fail_id = string_copy_malloc(set_id);

       s = US"435 Internal error";
       ss = string_sprintf("435 Internal error%s: return %d from authentication "
         "check", set_id, c);
       s = US"435 Internal error";
       ss = string_sprintf("435 Internal error%s: return %d from authentication "
         "check", set_id, c);