[exim-cvs] Auths: in plaintext authenticator, fix parsing o…

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Exim Git Commits Mailing List
Datum:  
To: exim-cvs
Betreff: [exim-cvs] Auths: in plaintext authenticator, fix parsing of consecutive circuflex. Bug 2687
Gitweb: https://git.exim.org/exim.git/commitdiff/ca22cc0abe93c28f3d296d99c239413bb0d079c4
Commit:     ca22cc0abe93c28f3d296d99c239413bb0d079c4
Parent:     96d16729c2267491424478e623a492acaec6b35e
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Tue Jan 12 15:36:09 2021 +0000
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Tue Jan 12 15:36:09 2021 +0000


    Auths: in plaintext authenticator, fix parsing of consecutive circuflex.  Bug 2687
---
 doc/doc-docbook/spec.xfpt |  9 ++++++++-
 doc/doc-txt/ChangeLog     |  7 +++++++
 src/src/auths/get_data.c  | 10 ++++++++--
 3 files changed, 23 insertions(+), 3 deletions(-)


diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 4c79e87..15b03ea 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -27824,7 +27824,14 @@ fixed_plain:
client_send = ^username^mysecret
.endd
The lack of colons means that the entire text is sent with the AUTH
-command, with the circumflex characters converted to NULs. A similar example
+command, with the circumflex characters converted to NULs.
+.new
+Note that due to the ambiguity of parsing three consectutive circumflex characters
+there is no way to provide a password having a leading circumflex.
+.wen
+
+
+A similar example
that uses the LOGIN mechanism is:
.code
fixed_login:
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index d9e979c..87bf0d0 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -170,6 +170,13 @@ JH/34 Fix the placement of a multiple-message delivery marker in the delivery

JH/35 Bug 2343: Harden exim_tidydb against corrupt wait- files.

+JH/36 Bug 2687: Fix interpretation of multiple ^ chars in a plaintext
+      authenticator client_send option.  Previously the next char, after a pair
+      was collapsed, was taken verbatim (so ^^^foo became ^^foo; ^^^^foo became
+      ^^\x00foo). Fixed to get ^\x00foo and ^^foo respectively to match the
+      documentation.  There is still no way to get a leading ^ immediately
+      after a NUL (ie. for the password of a PLAIN method authenticator.
+


Exim version 4.94
-----------------
diff --git a/src/src/auths/get_data.c b/src/src/auths/get_data.c
index 602a118..8835965 100644
--- a/src/src/auths/get_data.c
+++ b/src/src/auths/get_data.c
@@ -168,14 +168,20 @@ if (!ss)
len = Ustrlen(ss);

/* The character ^ is used as an escape for a binary zero character, which is
-needed for the PLAIN mechanism. It must be doubled if really needed. */
+needed for the PLAIN mechanism. It must be doubled if really needed.
+
+The parsing ambiguity of ^^^ is taken as ^^ -> ^ ; ^ -> NUL - and there is
+no way to get a leading ^ after a NUL. We would need to intro new syntax to
+support that (probably preferring to take a more-standard exim list as a source
+and concat the elements with intervening NULs. Either a magic marker on the
+source string for client_send, or a new option). */

 for (int i = 0; i < len; i++)
   if (ss[i] == '^')
     if (ss[i+1] != '^')
       ss[i] = 0;
     else
-      if (--len > ++i) memmove(ss + i, ss + i + 1, len - i);
+      if (--len > i+1) memmove(ss + i + 1, ss + i + 2, len - i);


/* The first string is attached to the AUTH command; others are sent
unembellished. */