summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPhilip Hazel <ph10@hermes.cam.ac.uk>2006-02-10 14:25:43 +0000
committerPhilip Hazel <ph10@hermes.cam.ac.uk>2006-02-10 14:25:43 +0000
commitf78eb7c6264c5f1a4ec2fb24c39060e0686f7714 (patch)
treec203285c5e61555dfd8cebc4ed1110cf34349a11
parent727071f81598850285bc4f6270a5bd9ad40c61ba (diff)
Add $auth1, $auth2, $auth3 variables.
-rw-r--r--doc/doc-txt/ChangeLog6
-rw-r--r--doc/doc-txt/NewStuff10
-rw-r--r--doc/doc-txt/OptionLists.txt3
-rw-r--r--src/src/auths/README9
-rw-r--r--src/src/auths/b64decode.c4
-rw-r--r--src/src/auths/cram_md5.c11
-rw-r--r--src/src/auths/cyrus_sasl.c13
-rw-r--r--src/src/auths/plaintext.c23
-rw-r--r--src/src/auths/spa.c11
-rw-r--r--src/src/config.h.defaults7
-rw-r--r--src/src/expand.c12
-rw-r--r--src/src/globals.c3
-rw-r--r--src/src/globals.h3
-rw-r--r--src/src/smtp_in.c24
-rw-r--r--test/confs/00022
-rw-r--r--test/confs/340022
-rw-r--r--test/confs/35008
-rw-r--r--test/confs/36001
-rw-r--r--test/confs/93004
-rw-r--r--test/scripts/0000-Basic/000216
-rw-r--r--test/stderr/34003
-rw-r--r--test/stderr/34083
-rw-r--r--test/stderr/34108
-rw-r--r--test/stderr/35002
-rw-r--r--test/stdout/00024
25 files changed, 148 insertions, 64 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index cc82287fe..a9f562bce 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.289 2006/02/09 14:50:58 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.290 2006/02/10 14:25:43 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
@@ -116,6 +116,10 @@ PH/19 When calculating a retry time, Exim used to measure the "time since
"time since failure" will always be short, possible causing more frequent
delivery attempts for the huge message than are intended.
+PH/20 Added $auth1, $auth2, $auth3 to contain authentication data (as well as
+ $1, $2, $3) because the numerical variables can be reset during some
+ expansion items (e.g. "match"), thereby losing the authentication data.
+
Exim version 4.60
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index 83e44d836..6dfb76ea8 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.81 2006/02/08 16:10:46 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.82 2006/02/10 14:25:43 ph10 Exp $
New Features in Exim
--------------------
@@ -32,6 +32,14 @@ PH/03 If quota_warn_message contains a From: header, Exim now refrains from
adding the default one. Similarly, if it contains a Reply-To: header, the
errors_reply_to option, if set, is not used.
+PH/04 The variables $auth1, $auth2, $auth3 are now available in authenticators,
+ containing the same values as $1, $2, $3. The new variables are provided
+ because the numerical variables can be reset during string expansions
+ (for example, during a "match" operation) and so may lose the
+ authentication data. The preferred variables are now the new ones, with
+ the use of the numerical ones being deprecated, though the support will
+ not be removed, at least, not for a long time.
+
Version 4.60
------------
diff --git a/doc/doc-txt/OptionLists.txt b/doc/doc-txt/OptionLists.txt
index e99b4e0be..3268b3cbe 100644
--- a/doc/doc-txt/OptionLists.txt
+++ b/doc/doc-txt/OptionLists.txt
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/OptionLists.txt,v 1.15 2006/02/09 10:04:00 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/OptionLists.txt,v 1.16 2006/02/10 14:25:43 ph10 Exp $
LISTS OF EXIM OPTIONS
---------------------
@@ -747,6 +747,7 @@ AUTH_CRAM_MD5 driver include cram_md5 authenticator
AUTH_CYRUS_SASL driver include Cyrus SASL authenticator
AUTH_PLAINTEXT driver include plaintext authenticator
AUTH_SPA driver include SPA (NTLM) authenticator
+AUTH_VARS=3 optional* number of $auth variables
BASENAME_COMMAND system** path to basename
BASE_62=62 optional* not normally changed for Unix
BIN_DIRECTORY mandatory Exim binary directory
diff --git a/src/src/auths/README b/src/src/auths/README
index 18ca50033..9143b9e91 100644
--- a/src/src/auths/README
+++ b/src/src/auths/README
@@ -1,4 +1,4 @@
-$Cambridge: exim/src/src/auths/README,v 1.3 2005/02/17 11:58:27 ph10 Exp $
+$Cambridge: exim/src/src/auths/README,v 1.4 2006/02/10 14:25:43 ph10 Exp $
AUTHS
@@ -44,9 +44,10 @@ The second function performs authentication as a server. It receives a pointer
to the instance block, and its second argument is the remainder of the data
from the AUTH command. The numeric variable maximum setting (expand_nmax) is
set to zero, with $0 initialized as unset. The authenticator may set up numeric
-variables according to its specification; it should leave expand_nmax set at
-the end so that they can be used for the expansion of the generic server_set_id
-option, which happens centrally.
+variables according to its (old) specification and $auth<n> variables the
+preferred ones nowadays; it should leave them set at the end so that they can
+be used for the expansion of the generic server_set_id option, which happens
+centrally.
This function has access to the SMTP input and output so that it can write
intermediate responses and read more data if necessary. There is a packaged
diff --git a/src/src/auths/b64decode.c b/src/src/auths/b64decode.c
index dceb59f0c..bc1fbc5ef 100644
--- a/src/src/auths/b64decode.c
+++ b/src/src/auths/b64decode.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/b64decode.c,v 1.3 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/b64decode.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -22,7 +22,7 @@ compact loop is messy and would probably run more slowly.
Arguments:
code points to the coded string, zero-terminated
ptr where to put the pointer to the result, which is in
- dynamic store
+ dynamic store, and zero-terminated
Returns: the number of bytes in the result,
or -1 if the input was malformed
diff --git a/src/src/auths/cram_md5.c b/src/src/auths/cram_md5.c
index 41c9c5cfa..7b5598762 100644
--- a/src/src/auths/cram_md5.c
+++ b/src/src/auths/cram_md5.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/cram_md5.c,v 1.3 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/cram_md5.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -177,10 +177,11 @@ if ((rc = auth_get_data(&data, challenge, Ustrlen(challenge))) != OK) return rc;
if ((len = auth_b64decode(data, &clear)) < 0) return BAD64;
/* The return consists of a user name, space-separated from the CRAM-MD5
-digest, expressed in hex. Extract the user name and put it in $1. Then check
-that the remaining length is 32. */
+digest, expressed in hex. Extract the user name and put it in $auth1 and $1.
+The former is now the preferred variable; the latter is the original one. Then
+check that the remaining length is 32. */
-expand_nstring[1] = clear;
+auth_vars[0] = expand_nstring[1] = clear;
while (*clear != 0 && !isspace(*clear)) clear++;
if (!isspace(*clear)) return FAIL;
*clear++ = 0;
@@ -212,7 +213,7 @@ compute_cram_md5(secret, challenge, digest);
HDEBUG(D_auth)
{
uschar buff[64];
- debug_printf("CRAM-MD5: user name = %s\n", expand_nstring[1]);
+ debug_printf("CRAM-MD5: user name = %s\n", auth_vars[0]);
debug_printf(" challenge = %s\n", challenge);
debug_printf(" received = %s\n", clear);
Ustrcpy(buff," digest = ");
diff --git a/src/src/auths/cyrus_sasl.c b/src/src/auths/cyrus_sasl.c
index 8651dc605..7e6603988 100644
--- a/src/src/auths/cyrus_sasl.c
+++ b/src/src/auths/cyrus_sasl.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/cyrus_sasl.c,v 1.3 2005/04/05 14:33:27 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/cyrus_sasl.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -324,11 +324,12 @@ while(rc==SASL_CONTINUE)
}
else if(rc==SASL_OK)
{
- /* get the username and copy it into $1 */
- rc=sasl_getprop(conn, SASL_USERNAME, (const void **)(&out2));
- expand_nstring[1]=string_copy(out2);
- expand_nlength[1]=Ustrlen(expand_nstring[1]);
- expand_nmax=1;
+ /* Get the username and copy it into $auth1 and $1. The former is now the
+ preferred variable; the latter is the original variable. */
+ rc = sasl_getprop(conn, SASL_USERNAME, (const void **)(&out2));
+ auth_vars[0] = expand_nstring[1] = string_copy(out2);
+ expand_nlength[1] = Ustrlen(expand_nstring[1]);
+ expand_nmax = 1;
HDEBUG(D_auth)
debug_printf("Cyrus SASL %s authentiction succeeded for %s\n", ob->server_mech, out2);
diff --git a/src/src/auths/plaintext.c b/src/src/auths/plaintext.c
index 5e7fda7cd..e5f261a16 100644
--- a/src/src/auths/plaintext.c
+++ b/src/src/auths/plaintext.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/plaintext.c,v 1.3 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/plaintext.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -87,14 +87,16 @@ if (prompts != NULL)
}
/* If data was supplied on the AUTH command, decode it, and split it up into
-multiple items at binary zeros. If the data consists of the string "=" it
-indicates a single, empty string. */
+multiple items at binary zeros. The strings are put into $auth1, $auth2, etc,
+up to a maximum. To retain backwards compatibility, they are also put int $1,
+$2, etc. If the data consists of the string "=" it indicates a single, empty
+string. */
if (*data != 0)
{
if (Ustrcmp(data, "=") == 0)
{
- expand_nstring[++expand_nmax] = US"";
+ auth_vars[0] = expand_nstring[++expand_nmax] = US"";
expand_nlength[expand_nmax] = 0;
}
else
@@ -103,6 +105,7 @@ if (*data != 0)
end = clear + len;
while (clear < end && expand_nmax < EXPAND_MAXN)
{
+ if (expand_nmax < AUTH_VARS) auth_vars[expand_nmax] = clear;
expand_nstring[++expand_nmax] = clear;
while (*clear != 0) clear++;
expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];
@@ -126,6 +129,7 @@ while ((s = string_nextinlist(&prompts, &sep, big_buffer, big_buffer_size))
/* This loop must run at least once, in case the length is zero */
do
{
+ if (expand_nmax < AUTH_VARS) auth_vars[expand_nmax] = clear;
expand_nstring[++expand_nmax] = clear;
while (*clear != 0) clear++;
expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];
@@ -133,9 +137,9 @@ while ((s = string_nextinlist(&prompts, &sep, big_buffer, big_buffer_size))
while (clear < end && expand_nmax < EXPAND_MAXN);
}
-/* We now have a number of items of data in $1, $2, etc. Match against the
-decoded data by expanding the condition. Also expand the id to set if
-authentication succeeds. */
+/* We now have a number of items of data in $auth1, $auth2, etc (and also, for
+compatibility, in $1, $2, etc). Match against the decoded data by expanding the
+condition. */
cond = expand_string(ob->server_condition);
@@ -143,6 +147,11 @@ HDEBUG(D_auth)
{
int i;
debug_printf("%s authenticator:\n", ablock->name);
+ for (i = 0; i < AUTH_VARS; i++)
+ {
+ if (auth_vars[i] != NULL)
+ debug_printf(" $auth%d = %s\n", i + 1, auth_vars[i]);
+ }
for (i = 1; i <= expand_nmax; i++)
debug_printf(" $%d = %.*s\n", i, expand_nlength[i], expand_nstring[i]);
debug_print_string(ablock->server_debug_string); /* customized debug */
diff --git a/src/src/auths/spa.c b/src/src/auths/spa.c
index 854e96312..264887607 100644
--- a/src/src/auths/spa.c
+++ b/src/src/auths/spa.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/spa.c,v 1.5 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/spa.c,v 1.6 2006/02/10 14:25:43 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -162,8 +162,6 @@ if (spa_base64_to_bits((char *)(&response), sizeof(response), (const char *)(dat
return FAIL;
}
-/* get username and put it in $1 */
-
/***************************************************************
PH 07-Aug-2003: The original code here was this:
@@ -194,10 +192,15 @@ that causes failure if the size of msgbuf is exceeded. ****/
/***************************************************************/
-expand_nstring[1] = msgbuf;
+/* Put the username in $auth1 and $1. The former is now the preferred variable;
+the latter is the original variable. */
+
+auth_vars[0] = expand_nstring[1] = msgbuf;
expand_nlength[1] = Ustrlen(msgbuf);
expand_nmax = 1;
+debug_print_string(ablock->server_debug_string); /* customized debug */
+
/* look up password */
clearpass = expand_string(ob->spa_serverpassword);
diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults
index b76c79425..92f894e4c 100644
--- a/src/src/config.h.defaults
+++ b/src/src/config.h.defaults
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/config.h.defaults,v 1.9 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/config.h.defaults,v 1.10 2006/02/10 14:25:43 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -9,7 +9,8 @@
/* The default settings for Exim configuration variables. A #define without
any data just defines the existence of the variable; it won't get included
-in config.h unless some value is defined in Local/Makefile. */
+in config.h unless some value is defined in Local/Makefile. If there is data,
+it's a default value. */
#define ACL_CVARS 20
#define ACL_MVARS 20
@@ -26,6 +27,8 @@ in config.h unless some value is defined in Local/Makefile. */
#define AUTH_PLAINTEXT
#define AUTH_SPA
+#define AUTH_VARS 3
+
#define BIN_DIRECTORY
#define CONFIGURE_FILE
diff --git a/src/src/expand.c b/src/src/expand.c
index 4ff6e5043..1d82a150c 100644
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/expand.c,v 1.53 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/expand.c,v 1.54 2006/02/10 14:25:43 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -1259,6 +1259,16 @@ if (Ustrncmp(name, "acl_", 4) == 0)
}
}
+/* Similarly for $auth<n> variables. */
+
+if (Ustrncmp(name, "auth", 4) == 0)
+ {
+ uschar *endptr;
+ int n = Ustrtoul(name + 4, &endptr, 10);
+ if (*endptr == 0 && n != 0 && n <= AUTH_VARS)
+ return (auth_vars[n-1] == NULL)? US"" : auth_vars[n-1];
+ }
+
/* For all other variables, search the table */
while (last > first)
diff --git a/src/src/globals.c b/src/src/globals.c
index 10acc8fc4..e609f3020 100644
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/globals.c,v 1.45 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.c,v 1.46 2006/02/10 14:25:43 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -327,6 +327,7 @@ auth_instance auth_defaults = {
uschar *auth_defer_msg = US"reason not recorded";
uschar *auth_defer_user_msg = US"";
+uschar *auth_vars[AUTH_VARS];
int auto_thaw = 0;
#ifdef WITH_CONTENT_SCAN
uschar *av_scanner = US"sophie:/var/run/sophie"; /* AV scanner */
diff --git a/src/src/globals.h b/src/src/globals.h
index 713aaef3e..e3628167f 100644
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/globals.h,v 1.33 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.h,v 1.34 2006/02/10 14:25:43 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -157,6 +157,7 @@ extern auth_instance *auths; /* Chain of instantiated auths */
extern auth_instance auth_defaults; /* Default values */
extern uschar *auth_defer_msg; /* Error message for log */
extern uschar *auth_defer_user_msg; /* Error message for user */
+extern uschar *auth_vars[]; /* $authn variables */
extern int auto_thaw; /* Auto-thaw interval */
#ifdef WITH_CONTENT_SCAN
extern uschar *av_scanner; /* AntiVirus scanner to use for the malware condition */
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index d572ef9e6..04bffd017 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/smtp_in.c,v 1.29 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/smtp_in.c,v 1.30 2006/02/10 14:25:43 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -2133,7 +2133,7 @@ while (done <= 0)
pid_t pid;
int start, end, sender_domain, recipient_domain;
int ptr, size, rc;
- int c;
+ int c, i;
auth_instance *au;
switch(smtp_read_command(TRUE))
@@ -2222,20 +2222,26 @@ while (done <= 0)
break;
}
- /* Run the checking code, passing the remainder of the command
- line as data. Initialize $0 empty. The authenticator may set up
- other numeric variables. Afterwards, have a go at expanding the set_id
- string, even if authentication failed - for bad passwords it can be useful
- to log the userid. On success, require set_id to expand and exist, and
- put it in authenticated_id. Save this in permanent store, as the working
- store gets reset at HELO, RSET, etc. */
+ /* Run the checking code, passing the remainder of the command line as
+ data. Initials the $auth<n> variables as empty. Initialize $0 empty and set
+ it as the only set numerical variable. The authenticator may set $auth<n>
+ and also set other numeric variables. The $auth<n> variables are preferred
+ nowadays; the numerical variables remain for backwards compatibility.
+ Afterwards, have a go at expanding the set_id string, even if
+ authentication failed - for bad passwords it can be useful to log the
+ userid. On success, require set_id to expand and exist, and put it in
+ authenticated_id. Save this in permanent store, as the working store gets
+ reset at HELO, RSET, etc. */
+
+ for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
expand_nmax = 0;
expand_nlength[0] = 0; /* $0 contains nothing */
c = (au->info->servercode)(au, smtp_cmd_argument);
if (au->set_id != NULL) set_id = expand_string(au->set_id);
expand_nmax = -1; /* Reset numeric variables */
+ for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL; /* Reset $auth<n> */
/* The value of authenticated_id is stored in the spool file and printed in
log lines. It must not contain binary zeros or newline characters. In
diff --git a/test/confs/0002 b/test/confs/0002
index 6f02fafa7..8662e54d0 100644
--- a/test/confs/0002
+++ b/test/confs/0002
@@ -14,7 +14,7 @@ gecos_name = CALLER_NAME
# ----- Main settings -----
-domainlist dlist = *.aa.bb : ^\Nxxx
+domainlist dlist = *.aa.bb : ^\Nxxx(.*)
hostlist hlist = V4NET.11.12.13 : iplsearch;DIR/aux-fixed/0002.iplsearch
headers_charset = iso-8859-8
diff --git a/test/confs/3400 b/test/confs/3400
index 61dc5a590..b84ee56c4 100644
--- a/test/confs/3400
+++ b/test/confs/3400
@@ -85,46 +85,46 @@ plain:
driver = plaintext
public_name = PLAIN
server_condition = "\
- ${if and {{eq{$2}{userx}}{eq{$3}{secret}}}{yes}{no}}"
- server_set_id = $2
+ ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
+ server_set_id = $auth2
extended_plain:
driver = plaintext
public_name = EXPLAIN
server_prompts = :
server_condition = "\
- ${if and {{eq{$2}{userx}}{eq{$3}{secret}}}{yes}{no}}"
- server_set_id = $2
+ ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
+ server_set_id = $auth2
expanded_prompt_plain:
driver = plaintext
public_name = EXPANDED
server_prompts = $primary_hostname
server_condition = "\
- ${if and {{eq{$2}{userx}}{eq{$3}{secret}}}{yes}{no}}"
- server_set_id = $2
+ ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
+ server_set_id = $auth2
expanded_prompt_plain_fail:
driver = plaintext
public_name = EXPANDFAIL
server_prompts = $nonexistent
server_condition = "\
- ${if and {{eq{$2}{userx}}{eq{$3}{secret}}}{yes}{no}}"
- server_set_id = $2
+ ${if and {{eq{$auth2}{userx}}{eq{$auth3}{secret}}}{yes}{no}}"
+ server_set_id = $auth2
defer:
driver = plaintext
public_name = DEFER
server_condition = "account suspended"
- server_set_id = $2
+ server_set_id = $auth2
login:
driver = plaintext
public_name = LOGIN
server_prompts = "User Name : Password "
server_condition = "\
- ${if and {{eq{$1}{userx}}{eq{$2}{secret}}}{yes}{no}}"
- server_set_id = $1
+ ${if and {{eq{$auth1}{userx}}{eq{$auth2}{secret}}}{yes}{no}}"
+ server_set_id = $auth1
# ----- Routers -----
diff --git a/test/confs/3500 b/test/confs/3500
index 999cd5673..b83b1c33f 100644
--- a/test/confs/3500
+++ b/test/confs/3500
@@ -76,10 +76,10 @@ begin authenticators
cram_md5:
driver = cram_md5
public_name = CRAM-MD5
- server_debug_print = +++CRAM-MD5 \$1="$1" \$2=\"$2" \$3="$3"
- server_secret = "${if eq{$1}{tim}{tanstaaftanstaaf}\
- {${if eq{$1}{userx}{secret}fail}}}"
- server_set_id = $1
+ server_debug_print = +++CRAM-MD5 \$auth1="$auth1" \$auth2=\"$auth2" \$auth3="$auth3"
+ server_secret = "${if eq{$auth1}{tim}{tanstaaftanstaaf}\
+ {${if eq{$auth1}{userx}{secret}fail}}}"
+ server_set_id = $auth1
diff --git a/test/confs/3600 b/test/confs/3600
index 5550c3b11..c70fa19d7 100644
--- a/test/confs/3600
+++ b/test/confs/3600
@@ -45,6 +45,7 @@ spa:
public_name = NTLM
client_password = $sender_address
client_username = username
+ server_debug_print = +++SPA \$auth1="$auth1"
server_password = ok@test.ex
diff --git a/test/confs/9300 b/test/confs/9300
index 8f413c0f2..91365047f 100644
--- a/test/confs/9300
+++ b/test/confs/9300
@@ -21,11 +21,11 @@ begin authenticators
sasl1:
driver = cyrus_sasl
public_name = ANONYMOUS
- server_set_id = $1
+ server_set_id = $auth1
sasl2:
driver = cyrus_sasl
public_name = PLAIN
- server_set_id = $1
+ server_set_id = $auth1
# End
diff --git a/test/scripts/0000-Basic/0002 b/test/scripts/0000-Basic/0002
index eaa0dd82a..f869c6da4 100644
--- a/test/scripts/0000-Basic/0002
+++ b/test/scripts/0000-Basic/0002
@@ -269,6 +269,22 @@ match_domain: ${if match_domain{5.aa.bb}{+dlist}{yes}{no}}
match_domain: ${if match_domain{xxxyz}{+dlist}{yes}{no}}
match_domain: ${if match_domain{xyz}{+dlist}{yes}{no}}
+${if match{x@zz.aa.bb}{^(.*)} \
+ { \
+ >$1< \
+ ${if match_domain{${domain:$1}}{+dlist}{[$1]}} \
+ >$1< \
+ } \
+ { CAN'T HAPPEN}}
+
+${if match{x@xxxabc}{^(.*)} \
+ { \
+ >$1< \
+ ${if match_domain{${domain:$1}}{^\Nxxx(.*)\N}{[$1]}} \
+ >$1< \
+ } \
+ { CAN'T HAPPEN}}
+
match_address: ${if match_address{x@y.z}{p@q:*@y.z}{yes}{no}}
match_address: ${if match_address{x@y.z}{p@q:x@*.z}{yes}{no}}
diff --git a/test/stderr/3400 b/test/stderr/3400
index 16b12b26c..fb3b9895b 100644
--- a/test/stderr/3400
+++ b/test/stderr/3400
@@ -109,6 +109,7 @@ LOG: H=(test.host) [10.0.0.1] rejected ETRN abcd: authentication required
>>> deny: condition test succeeded
LOG: H=(test.host) [10.0.0.1] F=<junk@jink.jonk.test.ex> rejected RCPT <userx@test.ex>: authentication required
>>> mylogin authenticator:
+>>> $auth1 = userx secret
>>> $1 = userx secret
>>> +++MYLOGIN $1="userx secret" $2="" $3=""
>>> expanded string: yes
@@ -273,6 +274,7 @@ LOG: H=(test.host) [10.0.0.1] Warning: accepted ETRN #abcd
>>> accept: endpass encountered - denying access
LOG: H=(test.host) [10.0.0.3] F=<junk@jink.jonk.test.ex> rejected RCPT <userx@cus.cam.ac.uk>: authentication required
>>> mylogin authenticator:
+>>> $auth1 = userx secret
>>> $1 = userx secret
>>> +++MYLOGIN $1="userx secret" $2="" $3=""
>>> expanded string: yes
@@ -367,6 +369,7 @@ SMTP>> 250-myhost.test.ex Hello CALLER at testing.testing [10.0.0.5]
250 HELP
SMTP<< auth mylogin dXNlcnggc2VjcmV0
mylogin authenticator:
+ $auth1 = userx secret
$1 = userx secret
+++MYLOGIN $1="userx secret" $2="" $3=""
expanded string: yes
diff --git a/test/stderr/3408 b/test/stderr/3408
index 0ce50f216..a5e576f43 100644
--- a/test/stderr/3408
+++ b/test/stderr/3408
@@ -51,6 +51,9 @@ LOG: 10HmaX-0005vi-00 <= postmaster@exim.test.ex H=(exim.test.ex) [V4NET.11.12.1
>>> host in pipelining_advertise_hosts? yes (matched "*")
>>> host in auth_advertise_hosts? yes (matched "*")
>>> plain authenticator:
+>>> $auth1 =
+>>> $auth2 = userx
+>>> $auth3 = secret
>>> $1 =
>>> $2 = userx
>>> $3 = secret
diff --git a/test/stderr/3410 b/test/stderr/3410
index 02dc1343c..b7cdcf399 100644
--- a/test/stderr/3410
+++ b/test/stderr/3410
@@ -16,6 +16,9 @@ LOG: H=[5.6.9.1] F=<x@y> rejected RCPT <x@y>: You must authenticate
>>> host in pipelining_advertise_hosts? yes (matched "*")
>>> host in auth_advertise_hosts? yes (matched "*")
>>> auth1 authenticator:
+>>> $auth1 =
+>>> $auth2 = userx
+>>> $auth3 = secret
>>> $1 =
>>> $2 = userx
>>> $3 = secret
@@ -43,6 +46,9 @@ LOG: H=[5.6.10.1] F=<x@y> rejected RCPT <x@y>
>>> host in pipelining_advertise_hosts? yes (matched "*")
>>> host in auth_advertise_hosts? yes (matched "*")
>>> auth1 authenticator:
+>>> $auth1 =
+>>> $auth2 = userx
+>>> $auth3 = secret
>>> $1 =
>>> $2 = userx
>>> $3 = secret
@@ -64,6 +70,8 @@ LOG: H=[5.6.10.1] F=<x@y> rejected RCPT <x@y>
>>> host in pipelining_advertise_hosts? yes (matched "*")
>>> host in auth_advertise_hosts? yes (matched "*")
>>> auth2 authenticator:
+>>> $auth1 = userx
+>>> $auth2 = secret
>>> $1 = userx
>>> $2 = secret
>>> expanded string: yes
diff --git a/test/stderr/3500 b/test/stderr/3500
index fc3637f33..b0432c58c 100644
--- a/test/stderr/3500
+++ b/test/stderr/3500
@@ -23,7 +23,7 @@
>>> host in pipelining_advertise_hosts? yes (matched "*")
>>> host in "10.0.0.1"? yes (matched "10.0.0.1")
>>> host in auth_advertise_hosts? yes (matched "+auth_hosts")
->>> +++CRAM-MD5 $1="tim" $2="" $3=""
+>>> +++CRAM-MD5 $auth1="tim" $auth2="" $auth3=""
>>> CRAM-MD5: user name = tim
>>> challenge = <1896.697170952@postoffice.reston.mci.net>
>>> received = b913a602c7eda7a495b4e6e7334d3890
diff --git a/test/stdout/0002 b/test/stdout/0002
index b2e86b2a6..4d87e0acc 100644
--- a/test/stdout/0002
+++ b/test/stdout/0002
@@ -250,6 +250,10 @@
> match_domain: yes
> match_domain: no
>
+> >x@zz.aa.bb< [] >x@zz.aa.bb<
+>
+> >x@xxxabc< [] >x@xxxabc<
+>
> match_address: yes
> match_address: yes
>