[exim-cvs] Pass authenticator pubname through spool. Bug 26…

Top Page
Delete this message
Reply to this message
Author: Exim Git Commits Mailing List
Date:  
To: exim-cvs
Subject: [exim-cvs] Pass authenticator pubname through spool. Bug 2648
Gitweb: https://git.exim.org/exim.git/commitdiff/a75ebe0dcc5faeb915cacb0d9db66d2475789116
Commit:     a75ebe0dcc5faeb915cacb0d9db66d2475789116
Parent:     51b611aa81d7ee01243b196abc34a0e2eabd293c
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Sat Oct 31 23:58:11 2020 +0000
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Mon Nov 2 14:23:32 2020 +0000


    Pass authenticator pubname through spool.  Bug 2648
---
 doc/doc-txt/ChangeLog         |  4 ++++
 src/exim_monitor/em_globals.c |  1 +
 src/src/smtp_in.c             | 12 +++++++-----
 src/src/spool_in.c            |  4 +++-
 src/src/spool_out.c           |  6 ++++--
 test/confs/3403               |  1 +
 test/mail/3403.userx          |  2 ++
 test/stdout/3415              |  5 +++++
 8 files changed, 27 insertions(+), 8 deletions(-)


diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 9592181..e61ad62 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -130,6 +130,10 @@ JH/26 Bug 2646: fix a memory usage issue in ldap lookups.  Previously, when more
       details, an internal consistency trap could be hit while walking the list
       of servers.


+JH/27 Bug 2648: fix the passing of an authenticator public-name through spool
+      files.  The value is used by the authresults expansion item.  Previously
+      if this was used in a router or transport, a crash could result.
+


 Exim version 4.94
 -----------------
diff --git a/src/exim_monitor/em_globals.c b/src/exim_monitor/em_globals.c
index 925e88e..30d22b5 100644
--- a/src/exim_monitor/em_globals.c
+++ b/src/exim_monitor/em_globals.c
@@ -205,6 +205,7 @@ uschar *sender_address         = NULL;
 uschar *sender_fullhost        = NULL;
 uschar *sender_helo_name       = NULL;
 uschar *sender_host_address    = NULL;
+uschar *sender_host_auth_pubname = NULL;
 uschar *sender_host_authenticated = NULL;
 uschar *sender_host_name       = NULL;
 int     sender_host_port       = 0;
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index cf6271c..b50070c 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -5894,12 +5894,14 @@ if (!sender_host_authenticated)


g = string_append(g, 2, US";\n\tauth=pass (", sender_host_auth_pubname);

-if (Ustrcmp(sender_host_auth_pubname, "tls") != 0)
-  g = string_append(g, 2, US") smtp.auth=", authenticated_id);
-else if (authenticated_id)
-  g = string_append(g, 2, US") x509.auth=", authenticated_id);
+if (Ustrcmp(sender_host_auth_pubname, "tls") == 0)
+  g = authenticated_id
+    ? string_append(g, 2, US") x509.auth=", authenticated_id)
+    : string_cat(g, US") reason=x509.auth");
 else
-  g = string_cat(g, US") reason=x509.auth");
+  g = authenticated_id
+    ? string_append(g, 2, US") smtp.auth=", authenticated_id)
+    : string_cat(g, US", no id saved)");


 if (authenticated_sender)
   g = string_append(g, 2, US" smtp.mailfrom=", authenticated_sender);
diff --git a/src/src/spool_in.c b/src/src/spool_in.c
index 7d95fcc..022ac02 100644
--- a/src/src/spool_in.c
+++ b/src/src/spool_in.c
@@ -253,7 +253,7 @@ sender_helo_name = NULL;
 sender_host_address = NULL;
 sender_host_name = NULL;
 sender_host_port = 0;
-sender_host_authenticated = NULL;
+sender_host_authenticated = sender_host_auth_pubname = NULL;
 sender_ident = NULL;
 f.sender_local = FALSE;
 f.sender_set_untrusted = FALSE;
@@ -580,6 +580,8 @@ for (;;)
       host_lookup_deferred = TRUE;
     else if (Ustrcmp(p, "ost_lookup_failed") == 0)
       host_lookup_failed = TRUE;
+    else if (Ustrncmp(p, "ost_auth_pubname", 16) == 0)
+      sender_host_auth_pubname = string_copy_taint(var + 18, tainted);
     else if (Ustrncmp(p, "ost_auth", 8) == 0)
       sender_host_authenticated = string_copy_taint(var + 10, tainted);
     else if (Ustrncmp(p, "ost_name", 8) == 0)
diff --git a/src/src/spool_out.c b/src/src/spool_out.c
index 4539e3c..113765b 100644
--- a/src/src/spool_out.c
+++ b/src/src/spool_out.c
@@ -174,9 +174,11 @@ if (sender_host_address)
   fprintf(fp, "-host_address %s.%d\n", sender_host_address, sender_host_port);
   if (sender_host_name)
     spool_var_write(fp, US"host_name", sender_host_name);
-  if (sender_host_authenticated)
-    spool_var_write(fp, US"host_auth", sender_host_authenticated);
   }
+if (sender_host_authenticated)
+  spool_var_write(fp, US"host_auth", sender_host_authenticated);
+if (sender_host_auth_pubname)
+  spool_var_write(fp, US"host_auth_pubname", sender_host_auth_pubname);


/* Also about the interface a message came in on */

diff --git a/test/confs/3403 b/test/confs/3403
index 161cdea..5d59e6d 100644
--- a/test/confs/3403
+++ b/test/confs/3403
@@ -40,6 +40,7 @@ begin routers
d1:
driver = accept
headers_add = aid: $authenticated_id
+ headers_add = rtr_authres: ${authresults {$primary_hostname}}
retry_use_local_part
transport = t1

diff --git a/test/mail/3403.userx b/test/mail/3403.userx
index 08cdf9a..9ec9b79 100644
--- a/test/mail/3403.userx
+++ b/test/mail/3403.userx
@@ -10,6 +10,8 @@ Message-Id: <E10HmaX-0005vi-00@???>
 From: CALLER_NAME <CALLER@???>
 Date: Tue, 2 Mar 1999 09:44:33 +0000
 aid: userx
+rtr_authres: Authentication-Results: myhost.test.ex;
+    auth=pass (PLAIN) smtp.auth=userx


Test data

diff --git a/test/stdout/3415 b/test/stdout/3415
index 0889dd7..d806fa6 100644
--- a/test/stdout/3415
+++ b/test/stdout/3415
@@ -159,6 +159,7 @@ ddddddddd 0
--helo_name rhu.barb
-host_address 127.0.0.1.9999
-host_auth au1
+-host_auth_pubname PLAIN
-interface_address 127.0.0.1.1225
-received_protocol esmtpa
-body_linecount 0
@@ -186,6 +187,7 @@ ddddddddd 0
--helo_name rhu.barb
-host_address 127.0.0.1.9999
-host_auth au1
+-host_auth_pubname PLAIN
-interface_address 127.0.0.1.1225
-received_protocol esmtpa
-body_linecount 0
@@ -211,6 +213,7 @@ ddddddddd 0
--helo_name rhu.barb
-host_address 127.0.0.1.9999
-host_auth au1
+-host_auth_pubname PLAIN
-interface_address 127.0.0.1.1225
-received_protocol esmtpa
-body_linecount 0
@@ -236,6 +239,7 @@ ddddddddd 0
--helo_name rhu.barb
-host_address 127.0.0.1.9999
-host_auth au1
+-host_auth_pubname PLAIN
-interface_address 127.0.0.1.1225
-received_protocol esmtpa
-body_linecount 0
@@ -261,6 +265,7 @@ ddddddddd 0
--helo_name rhu.barb
-host_address 127.0.0.1.9999
-host_auth au1
+-host_auth_pubname PLAIN
-interface_address 127.0.0.1.1225
-received_protocol esmtpa
-body_linecount 0