ph10 2004/12/20 14:57:06 GMT
Modified files:
exim-doc/doc-txt ChangeLog
exim-src ACKNOWLEDGMENTS
exim-src/src/auths README spa.c
exim-test-orig/AutoTest/confs 436
exim-test-orig/AutoTest/stdout 436
Log:
A forced expansion failure in the SPA authenticator is now treated the
same as in other authenticators (it moves to the next authenticator).
Revision Changes Path
1.46 +7 -0 exim/exim-doc/doc-txt/ChangeLog
1.8 +2 -1 exim/exim-src/ACKNOWLEDGMENTS
1.2 +2 -1 exim/exim-src/src/auths/README
1.2 +11 -8 exim/exim-src/src/auths/spa.c
1.2 +8 -0 exim/exim-test-orig/AutoTest/confs/436
1.2 +2 -2 exim/exim-test-orig/AutoTest/stdout/436
Index: ChangeLog
===================================================================
RCS file: /home/cvs/exim/exim-doc/doc-txt/ChangeLog,v
retrieving revision 1.45
retrieving revision 1.46
diff -u -r1.45 -r1.46
--- ChangeLog 20 Dec 2004 12:29:10 -0000 1.45
+++ ChangeLog 20 Dec 2004 14:57:05 -0000 1.46
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.45 2004/12/20 12:29:10 ph10 Exp $
+$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.46 2004/12/20 14:57:05 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
@@ -194,6 +194,13 @@
which it has found a message-specific retry record, was not finding
messages that were in split spool directories. Consequently, it was
deleting retry records that should have stayed in existence.
+
+48. Steve fixed some bugs in eximstats.
+
+49. The SPA authentication driver was not abandoning authentication and moving
+ on to the next authenticator when an expansion was forced to fail,
+ contradicting the general specification for all authenticators. Instead it
+ was generating a temporary error. It now behaves as specified.
Exim version 4.43
Index: ACKNOWLEDGMENTS
===================================================================
RCS file: /home/cvs/exim/exim-src/ACKNOWLEDGMENTS,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- ACKNOWLEDGMENTS 24 Nov 2004 15:43:36 -0000 1.7
+++ ACKNOWLEDGMENTS 20 Dec 2004 14:57:05 -0000 1.8
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-src/ACKNOWLEDGMENTS,v 1.7 2004/11/24 15:43:36 ph10 Exp $
+$Cambridge: exim/exim-src/ACKNOWLEDGMENTS,v 1.8 2004/12/20 14:57:05 ph10 Exp $
EXIM ACKNOWLEDGEMENTS
@@ -20,7 +20,7 @@
Philip Hazel
Lists created: 20 November 2002
-Last updated: 24 November 2004
+Last updated: 20 December 2004
THE OLD LIST
@@ -158,6 +158,7 @@
Chris Lightfoot Patch for -restore-times in exim_lock
Edgar Lovecraft Patch for ${str2b64:
Torsten Luettgert Suggested patch for proper integer overflow detection
+David Madole Patch for SPA forced expansion failure bug
Lionel Elie Mamane Patch for IPv4/IPv6 listen() problem on USAGI Linux
Patch for recognizing IPv6 "scoped addresses"
Patch for callout caching bug
Index: README
===================================================================
RCS file: /home/cvs/exim/exim-src/src/auths/README,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- README 7 Oct 2004 13:10:00 -0000 1.1
+++ README 20 Dec 2004 14:57:05 -0000 1.2
@@ -1,4 +1,4 @@
-$Cambridge: exim/exim-src/src/auths/README,v 1.1 2004/10/07 13:10:00 ph10 Exp $
+$Cambridge: exim/exim-src/src/auths/README,v 1.2 2004/12/20 14:57:05 ph10 Exp $
AUTHS
@@ -57,7 +57,8 @@
OK success
DEFER couldn't complete the check
FAIL authentication failed
- CANCELLED authentication forced to fail by "*" response to challenge
+ CANCELLED authentication forced to fail by "*" response to challenge,
+ or by a forced string expansion failure
BAD64 bad base64 data received
UNEXPECTED unexpected data received
Index: spa.c
===================================================================
RCS file: /home/cvs/exim/exim-src/src/auths/spa.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- spa.c 7 Oct 2004 13:10:01 -0000 1.1
+++ spa.c 20 Dec 2004 14:57:05 -0000 1.2
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/exim-src/src/auths/spa.c,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */
+/* $Cambridge: exim/exim-src/src/auths/spa.c,v 1.2 2004/12/20 14:57:05 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -258,19 +258,12 @@
char *domain = NULL;
char *username, *password;
- if (smtp_write_command(outblock, FALSE, "AUTH %s\r\n",
- ablock->public_name) < 0)
- return FAIL_SEND;
-
- /* wait for the 3XX OK message */
- if (!smtp_read_response(inblock, (uschar *)buffer, buffsize, '3', timeout))
- return FAIL;
-
/* Code added by PH to expand the options */
username = CS expand_string(ob->spa_username);
if (username == NULL)
{
+ if (expand_string_forcedfail) return CANCELLED;
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_username, ablock->name,
expand_string_message);
@@ -280,6 +273,7 @@
password = CS expand_string(ob->spa_password);
if (password == NULL)
{
+ if (expand_string_forcedfail) return CANCELLED;
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_password, ablock->name,
expand_string_message);
@@ -291,6 +285,7 @@
domain = CS expand_string(ob->spa_domain);
if (domain == NULL)
{
+ if (expand_string_forcedfail) return CANCELLED;
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_domain, ablock->name,
expand_string_message);
@@ -299,6 +294,14 @@
}
/* Original code */
+
+ if (smtp_write_command(outblock, FALSE, "AUTH %s\r\n",
+ ablock->public_name) < 0)
+ return FAIL_SEND;
+
+ /* wait for the 3XX OK message */
+ if (!smtp_read_response(inblock, (uschar *)buffer, buffsize, '3', timeout))
+ return FAIL;
DSPA("\n\n%s authenticator: using domain %s\n\n",
ablock->name, domain);
Index: 436
===================================================================
RCS file: /home/cvs/exim/exim-test-orig/AutoTest/confs/436,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- 436 8 Oct 2004 14:49:16 -0000 1.1
+++ 436 20 Dec 2004 14:57:05 -0000 1.2
@@ -32,6 +32,14 @@
begin authenticators
+# Forced expansion failure
+spabad:
+ driver = spa
+ public_name = NTLMX
+ client_password = ${if eq{1}{0}{xxx}fail}
+ client_username = username
+ server_password = ok@???
+
spa:
driver = spa
public_name = NTLM
Index: 436
===================================================================
RCS file: /home/cvs/exim/exim-test-orig/AutoTest/stdout/436,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- 436 8 Oct 2004 14:50:13 -0000 1.1
+++ 436 20 Dec 2004 14:57:05 -0000 1.2
@@ -10,7 +10,7 @@
??? 250-
<<< 250-PIPELINING
??? 250-
-<<< 250-AUTH NTLM
+<<< 250-AUTH NTLMX NTLM
??? 250
<<< 250 HELP
>>> AUTH NTLM
@@ -34,7 +34,7 @@
??? 250-
<<< 250-PIPELINING
??? 250-
-<<< 250-AUTH NTLM
+<<< 250-AUTH NTLMX NTLM
??? 250
<<< 250 HELP
>>> AUTH NTLM
