[exim-cvs] cvs commit: exim/exim-doc/doc-txt ChangeLog exim…

Pàgina inicial
Delete this message
Reply to this message
Autor: Philip Hazel
Data:  
A: exim-cvs
Assumpte: [exim-cvs] cvs commit: exim/exim-doc/doc-txt ChangeLog exim/exim-src/src smtp_in.c exim/exim-test-orig/AutoTest/log 278 exim/exim-test-orig/AutoTest/rejectlog 278 exim/exim-test-orig/AutoTest/scrip
ph10 2005/04/27 11:55:20 BST

  Modified files:
    exim-doc/doc-txt     ChangeLog 
    exim-src/src         smtp_in.c 
    exim-test-orig/AutoTest/log 278 
    exim-test-orig/AutoTest/scripts 278 
    exim-test-orig/AutoTest/stdout 278 
  Added files:
    exim-test-orig/AutoTest/rejectlog 278 
  Log:
  Ensure the value of $authenticated_id contains only printing characters.


  Revision  Changes    Path
  1.126     +6 -0      exim/exim-doc/doc-txt/ChangeLog
  1.16      +8 -0      exim/exim-src/src/smtp_in.c
  1.2       +1 -0      exim/exim-test-orig/AutoTest/log/278
  1.1       +1 -0      exim/exim-test-orig/AutoTest/rejectlog/278 (new)
  1.2       +1 -0      exim/exim-test-orig/AutoTest/scripts/278
  1.2       +1 -0      exim/exim-test-orig/AutoTest/stdout/278


  Index: ChangeLog
  ===================================================================
  RCS file: /home/cvs/exim/exim-doc/doc-txt/ChangeLog,v
  retrieving revision 1.125
  retrieving revision 1.126
  diff -u -r1.125 -r1.126
  --- ChangeLog    27 Apr 2005 10:06:00 -0000    1.125
  +++ ChangeLog    27 Apr 2005 10:55:20 -0000    1.126
  @@ -1,4 +1,4 @@
  -$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.125 2005/04/27 10:06:00 ph10 Exp $
  +$Cambridge: exim/exim-doc/doc-txt/ChangeLog,v 1.126 2005/04/27 10:55:20 ph10 Exp $


   Change log file for Exim from version 4.21
   -------------------------------------------
  @@ -238,6 +238,12 @@
         blindly assumes that writes won't block so it may never time out."


   PH/39 Allow G after quota size as well as K and M.
  +
  +PH/40 The value set for $authenticated_id in an authenticator may not contain
  +      binary zeroes or newlines because the value is written to log lines and
  +      to spool files. There was no check on this. Now the value is run through
  +      the string_printing() function so that such characters are converted to
  +      printable escape sequences.



A note about Exim versions 4.44 and 4.50

  Index: smtp_in.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/smtp_in.c,v
  retrieving revision 1.15
  retrieving revision 1.16
  diff -u -r1.15 -r1.16
  --- smtp_in.c    29 Mar 2005 15:53:12 -0000    1.15
  +++ smtp_in.c    27 Apr 2005 10:55:20 -0000    1.16
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/smtp_in.c,v 1.15 2005/03/29 15:53:12 ph10 Exp $ */
  +/* $Cambridge: exim/exim-src/src/smtp_in.c,v 1.16 2005/04/27 10:55:20 ph10 Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -2112,6 +2112,14 @@
       c = (au->info->servercode)(au, smtp_data);
       if (au->set_id != NULL) set_id = expand_string(au->set_id);
       expand_nmax = -1;        /* Reset numeric variables */
  +
  +    /* The value of authenticated_id is stored in the spool file and printed in
  +    log lines. It must not contain binary zeros or newline characters. In
  +    normal use, it never will, but when playing around or testing, this error
  +    can (did) happen. To guard against this, ensure that the id contains only
  +    printing characters. */
  +
  +    if (set_id != NULL) set_id = string_printing(set_id);


       /* For the non-OK cases, set up additional logging data if set_id
       is not empty. */


  Index: 278
  ===================================================================
  RCS file: /home/cvs/exim/exim-test-orig/AutoTest/log/278,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- 278    8 Oct 2004 14:49:31 -0000    1.1
  +++ 278    27 Apr 2005 10:55:20 -0000    1.2
  @@ -1,3 +1,4 @@
  +1999-03-02 09:44:33 plain1 authenticator failed for ph10: 535 Incorrect authentication data (set_id=ph10\n)
   1999-03-02 09:44:33 10HmaX-0005vi-00 <= ph10@??? U=ph10 P=local-esmtpa A=plain1:ph10 S=296
   1999-03-02 09:44:33 10HmaX-0005vi-00 => ph10 <ph10@???> R=d1 T=t1
   1999-03-02 09:44:33 10HmaX-0005vi-00 Completed


Index: 278
====================================================================
1999-03-02 09:44:33 plain1 authenticator failed for ph10: 535 Incorrect authentication data (set_id=ph10\n)

  Index: 278
  ===================================================================
  RCS file: /home/cvs/exim/exim-test-orig/AutoTest/scripts/278,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- 278    8 Oct 2004 14:49:52 -0000    1.1
  +++ 278    27 Apr 2005 10:55:20 -0000    1.2
  @@ -1,6 +1,7 @@
   0 authentication (preservation of $authenticated_id)
   exim -odi -bs -oMa 10.0.0.2
   ehlo testing.ex
  +auth plain AHBoMTAKAHNlY3JldA==
   auth plain AHBoMTAAc2VjcmV0
   mail from:<ph10@???>
   rcpt to:<ph10@???>


  Index: 278
  ===================================================================
  RCS file: /home/cvs/exim/exim-test-orig/AutoTest/stdout/278,v
  retrieving revision 1.1
  retrieving revision 1.2
  diff -u -r1.1 -r1.2
  --- 278    8 Oct 2004 14:50:13 -0000    1.1
  +++ 278    27 Apr 2005 10:55:20 -0000    1.2
  @@ -4,6 +4,7 @@
   250-PIPELINING
   250-AUTH PLAIN
   250 HELP
  +535 Incorrect authentication data
   235 Authentication succeeded
   250 OK
   250 Accepted