Add $auth1, $auth2, $auth3 variables.

author: Philip Hazel <ph10@hermes.cam.ac.uk> 2006-02-10 14:25:43 +0000
committer: Philip Hazel <ph10@hermes.cam.ac.uk> 2006-02-10 14:25:43 +0000
commit: f78eb7c6264c5f1a4ec2fb24c39060e0686f7714 (patch)
tree: c203285c5e61555dfd8cebc4ed1110cf34349a11 /src
parent: 727071f81598850285bc4f6270a5bd9ad40c61ba (diff)
11 files changed, 78 insertions, 42 deletions
diff --git a/src/src/auths/README b/src/src/auths/README
index 18ca50033..9143b9e91 100644
--- a/src/src/auths/README
+++ b/src/src/auths/README
@@ -1,4 +1,4 @@
-$Cambridge: exim/src/src/auths/README,v 1.3 2005/02/17 11:58:27 ph10 Exp $
+$Cambridge: exim/src/src/auths/README,v 1.4 2006/02/10 14:25:43 ph10 Exp $
 
 AUTHS
 
@@ -44,9 +44,10 @@ The second function performs authentication as a server. It receives a pointer
 to the instance block, and its second argument is the remainder of the data
 from the AUTH command. The numeric variable maximum setting (expand_nmax) is
 set to zero, with $0 initialized as unset. The authenticator may set up numeric
-variables according to its specification; it should leave expand_nmax set at
-the end so that they can be used for the expansion of the generic server_set_id
-option, which happens centrally.
+variables according to its (old) specification and $auth<n> variables the
+preferred ones nowadays; it should leave them set at the end so that they can
+be used for the expansion of the generic server_set_id option, which happens
+centrally.
 
 This function has access to the SMTP input and output so that it can write
 intermediate responses and read more data if necessary. There is a packaged
diff --git a/src/src/auths/b64decode.c b/src/src/auths/b64decode.c
index dceb59f0c..bc1fbc5ef 100644
--- a/src/src/auths/b64decode.c
+++ b/src/src/auths/b64decode.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/b64decode.c,v 1.3 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/b64decode.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -22,7 +22,7 @@ compact loop is messy and would probably run more slowly.
 Arguments:
   code        points to the coded string, zero-terminated
   ptr         where to put the pointer to the result, which is in
-              dynamic store
+              dynamic store, and zero-terminated
 
 Returns:      the number of bytes in the result,
               or -1 if the input was malformed
diff --git a/src/src/auths/cram_md5.c b/src/src/auths/cram_md5.c
index 41c9c5cfa..7b5598762 100644
--- a/src/src/auths/cram_md5.c
+++ b/src/src/auths/cram_md5.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/cram_md5.c,v 1.3 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/cram_md5.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -177,10 +177,11 @@ if ((rc = auth_get_data(&data, challenge, Ustrlen(challenge))) != OK) return rc;
 if ((len = auth_b64decode(data, &clear)) < 0) return BAD64;
 
 /* The return consists of a user name, space-separated from the CRAM-MD5
-digest, expressed in hex. Extract the user name and put it in $1. Then check
-that the remaining length is 32. */
+digest, expressed in hex. Extract the user name and put it in $auth1 and $1.
+The former is now the preferred variable; the latter is the original one. Then
+check that the remaining length is 32. */
 
-expand_nstring[1] = clear;
+auth_vars[0] = expand_nstring[1] = clear;
 while (*clear != 0 && !isspace(*clear)) clear++;
 if (!isspace(*clear)) return FAIL;
 *clear++ = 0;
@@ -212,7 +213,7 @@ compute_cram_md5(secret, challenge, digest);
 HDEBUG(D_auth)
   {
   uschar buff[64];
-  debug_printf("CRAM-MD5: user name = %s\n", expand_nstring[1]);
+  debug_printf("CRAM-MD5: user name = %s\n", auth_vars[0]);
   debug_printf("          challenge = %s\n", challenge);
   debug_printf("          received  = %s\n", clear);
   Ustrcpy(buff,"          digest    = ");
diff --git a/src/src/auths/cyrus_sasl.c b/src/src/auths/cyrus_sasl.c
index 8651dc605..7e6603988 100644
--- a/src/src/auths/cyrus_sasl.c
+++ b/src/src/auths/cyrus_sasl.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/cyrus_sasl.c,v 1.3 2005/04/05 14:33:27 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/cyrus_sasl.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -324,11 +324,12 @@ while(rc==SASL_CONTINUE)
     }
   else if(rc==SASL_OK)
     {
-    /* get the username and copy it into $1 */
-    rc=sasl_getprop(conn, SASL_USERNAME, (const void **)(&out2));
-    expand_nstring[1]=string_copy(out2);
-    expand_nlength[1]=Ustrlen(expand_nstring[1]);
-    expand_nmax=1;
+    /* Get the username and copy it into $auth1 and $1. The former is now the
+    preferred variable; the latter is the original variable. */
+    rc = sasl_getprop(conn, SASL_USERNAME, (const void **)(&out2));
+    auth_vars[0] = expand_nstring[1] = string_copy(out2);
+    expand_nlength[1] = Ustrlen(expand_nstring[1]);
+    expand_nmax = 1;
 
     HDEBUG(D_auth)
       debug_printf("Cyrus SASL %s authentiction succeeded for %s\n", ob->server_mech, out2);
diff --git a/src/src/auths/plaintext.c b/src/src/auths/plaintext.c
index 5e7fda7cd..e5f261a16 100644
--- a/src/src/auths/plaintext.c
+++ b/src/src/auths/plaintext.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/plaintext.c,v 1.3 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/plaintext.c,v 1.4 2006/02/10 14:25:43 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -87,14 +87,16 @@ if (prompts != NULL)
   }
 
 /* If data was supplied on the AUTH command, decode it, and split it up into
-multiple items at binary zeros. If the data consists of the string "=" it
-indicates a single, empty string. */
+multiple items at binary zeros. The strings are put into $auth1, $auth2, etc,
+up to a maximum. To retain backwards compatibility, they are also put int $1,
+$2, etc. If the data consists of the string "=" it indicates a single, empty
+string. */
 
 if (*data != 0)
   {
   if (Ustrcmp(data, "=") == 0)
     {
-    expand_nstring[++expand_nmax] = US"";
+    auth_vars[0] = expand_nstring[++expand_nmax] = US"";
     expand_nlength[expand_nmax] = 0;
     }
   else
@@ -103,6 +105,7 @@ if (*data != 0)
     end = clear + len;
     while (clear < end && expand_nmax < EXPAND_MAXN)
       {
+      if (expand_nmax < AUTH_VARS) auth_vars[expand_nmax] = clear;
       expand_nstring[++expand_nmax] = clear;
       while (*clear != 0) clear++;
       expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];
@@ -126,6 +129,7 @@ while ((s = string_nextinlist(&prompts, &sep, big_buffer, big_buffer_size))
   /* This loop must run at least once, in case the length is zero */
   do
     {
+    if (expand_nmax < AUTH_VARS) auth_vars[expand_nmax] = clear;
     expand_nstring[++expand_nmax] = clear;
     while (*clear != 0) clear++;
     expand_nlength[expand_nmax] = clear++ - expand_nstring[expand_nmax];
@@ -133,9 +137,9 @@ while ((s = string_nextinlist(&prompts, &sep, big_buffer, big_buffer_size))
   while (clear < end && expand_nmax < EXPAND_MAXN);
   }
 
-/* We now have a number of items of data in $1, $2, etc. Match against the
-decoded data by expanding the condition. Also expand the id to set if
-authentication succeeds. */
+/* We now have a number of items of data in $auth1, $auth2, etc (and also, for
+compatibility, in $1, $2, etc). Match against the decoded data by expanding the
+condition. */
 
 cond = expand_string(ob->server_condition);
 
@@ -143,6 +147,11 @@ HDEBUG(D_auth)
   {
   int i;
   debug_printf("%s authenticator:\n", ablock->name);
+  for (i = 0; i < AUTH_VARS; i++)
+    {
+    if (auth_vars[i] != NULL)
+      debug_printf("  $auth%d = %s\n", i + 1, auth_vars[i]);
+    }
   for (i = 1; i <= expand_nmax; i++)
     debug_printf("  $%d = %.*s\n", i, expand_nlength[i], expand_nstring[i]);
   debug_print_string(ablock->server_debug_string);    /* customized debug */
diff --git a/src/src/auths/spa.c b/src/src/auths/spa.c
index 854e96312..264887607 100644
--- a/src/src/auths/spa.c
+++ b/src/src/auths/spa.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/spa.c,v 1.5 2006/02/07 11:19:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/spa.c,v 1.6 2006/02/10 14:25:43 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -162,8 +162,6 @@ if (spa_base64_to_bits((char *)(&response), sizeof(response), (const char *)(dat
   return FAIL;
   }
 
-/* get username and put it in $1 */
-
 /***************************************************************
 PH 07-Aug-2003: The original code here was this:
 
@@ -194,10 +192,15 @@ that causes failure if the size of msgbuf is exceeded. ****/
 
 /***************************************************************/
 
-expand_nstring[1] = msgbuf;
+/* Put the username in $auth1 and $1. The former is now the preferred variable;
+the latter is the original variable. */
+
+auth_vars[0] = expand_nstring[1] = msgbuf;
 expand_nlength[1] = Ustrlen(msgbuf);
 expand_nmax = 1;
 
+debug_print_string(ablock->server_debug_string);    /* customized debug */
+
 /* look up password */
 
 clearpass = expand_string(ob->spa_serverpassword);
diff --git a/src/src/config.h.defaults b/src/src/config.h.defaults
index b76c79425..92f894e4c 100644
--- a/src/src/config.h.defaults
+++ b/src/src/config.h.defaults
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/config.h.defaults,v 1.9 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/config.h.defaults,v 1.10 2006/02/10 14:25:43 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -9,7 +9,8 @@
 
 /* The default settings for Exim configuration variables. A #define without
 any data just defines the existence of the variable; it won't get included
-in config.h unless some value is defined in Local/Makefile. */
+in config.h unless some value is defined in Local/Makefile. If there is data,
+it's a default value. */
 
 #define ACL_CVARS                    20
 #define ACL_MVARS                    20
@@ -26,6 +27,8 @@ in config.h unless some value is defined in Local/Makefile. */
 #define AUTH_PLAINTEXT
 #define AUTH_SPA
 
+#define AUTH_VARS                     3
+
 #define BIN_DIRECTORY
 
 #define CONFIGURE_FILE
diff --git a/src/src/expand.c b/src/src/expand.c
index 4ff6e5043..1d82a150c 100644
--- a/src/src/expand.c
+++ b/src/src/expand.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/expand.c,v 1.53 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/expand.c,v 1.54 2006/02/10 14:25:43 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -1259,6 +1259,16 @@ if (Ustrncmp(name, "acl_", 4) == 0)
     }
   }
 
+/* Similarly for $auth<n> variables. */
+
+if (Ustrncmp(name, "auth", 4) == 0)
+  {
+  uschar *endptr;
+  int n = Ustrtoul(name + 4, &endptr, 10);
+  if (*endptr == 0 && n != 0 && n <= AUTH_VARS)
+    return (auth_vars[n-1] == NULL)? US"" : auth_vars[n-1];
+  }
+
 /* For all other variables, search the table */
 
 while (last > first)
diff --git a/src/src/globals.c b/src/src/globals.c
index 10acc8fc4..e609f3020 100644
--- a/src/src/globals.c
+++ b/src/src/globals.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/globals.c,v 1.45 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.c,v 1.46 2006/02/10 14:25:43 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -327,6 +327,7 @@ auth_instance auth_defaults    = {
 
 uschar *auth_defer_msg         = US"reason not recorded";
 uschar *auth_defer_user_msg    = US"";
+uschar *auth_vars[AUTH_VARS];
 int     auto_thaw              = 0;
 #ifdef WITH_CONTENT_SCAN
 uschar *av_scanner             = US"sophie:/var/run/sophie";  /* AV scanner */
diff --git a/src/src/globals.h b/src/src/globals.h
index 713aaef3e..e3628167f 100644
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/globals.h,v 1.33 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/globals.h,v 1.34 2006/02/10 14:25:43 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -157,6 +157,7 @@ extern auth_instance *auths;           /* Chain of instantiated auths */
 extern auth_instance auth_defaults;    /* Default values */
 extern uschar *auth_defer_msg;         /* Error message for log */
 extern uschar *auth_defer_user_msg;    /* Error message for user */
+extern uschar *auth_vars[];            /* $authn variables */
 extern int     auto_thaw;              /* Auto-thaw interval */
 #ifdef WITH_CONTENT_SCAN
 extern uschar *av_scanner;             /* AntiVirus scanner to use for the malware condition */
diff --git a/src/src/smtp_in.c b/src/src/smtp_in.c
index d572ef9e6..04bffd017 100644
--- a/src/src/smtp_in.c
+++ b/src/src/smtp_in.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/smtp_in.c,v 1.29 2006/02/07 11:19:00 ph10 Exp $ */
+/* $Cambridge: exim/src/src/smtp_in.c,v 1.30 2006/02/10 14:25:43 ph10 Exp $ */
 
 /*************************************************
 *     Exim - an Internet mail transport agent    *
@@ -2133,7 +2133,7 @@ while (done <= 0)
   pid_t pid;
   int start, end, sender_domain, recipient_domain;
   int ptr, size, rc;
-  int c;
+  int c, i;
   auth_instance *au;
 
   switch(smtp_read_command(TRUE))
@@ -2222,20 +2222,26 @@ while (done <= 0)
       break;
       }
 
-    /* Run the checking code, passing the remainder of the command
-    line as data. Initialize $0 empty. The authenticator may set up
-    other numeric variables. Afterwards, have a go at expanding the set_id
-    string, even if authentication failed - for bad passwords it can be useful
-    to log the userid. On success, require set_id to expand and exist, and
-    put it in authenticated_id. Save this in permanent store, as the working
-    store gets reset at HELO, RSET, etc. */
+    /* Run the checking code, passing the remainder of the command line as
+    data. Initials the $auth<n> variables as empty. Initialize $0 empty and set
+    it as the only set numerical variable. The authenticator may set $auth<n>
+    and also set other numeric variables. The $auth<n> variables are preferred
+    nowadays; the numerical variables remain for backwards compatibility.
 
+    Afterwards, have a go at expanding the set_id string, even if
+    authentication failed - for bad passwords it can be useful to log the
+    userid. On success, require set_id to expand and exist, and put it in
+    authenticated_id. Save this in permanent store, as the working store gets
+    reset at HELO, RSET, etc. */
+
+    for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;
     expand_nmax = 0;
     expand_nlength[0] = 0;   /* $0 contains nothing */
 
     c = (au->info->servercode)(au, smtp_cmd_argument);
     if (au->set_id != NULL) set_id = expand_string(au->set_id);
     expand_nmax = -1;        /* Reset numeric variables */
+    for (i = 0; i < AUTH_VARS; i++) auth_vars[i] = NULL;   /* Reset $auth<n> */
 
     /* The value of authenticated_id is stored in the spool file and printed in
     log lines. It must not contain binary zeros or newline characters. In
author	Philip Hazel <ph10@hermes.cam.ac.uk>	2006-02-10 14:25:43 +0000
committer	Philip Hazel <ph10@hermes.cam.ac.uk>	2006-02-10 14:25:43 +0000
commit	f78eb7c6264c5f1a4ec2fb24c39060e0686f7714 (patch)
tree	c203285c5e61555dfd8cebc4ed1110cf34349a11 /src
parent	727071f81598850285bc4f6270a5bd9ad40c61ba (diff)