summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/doc-txt/ChangeLog9
-rw-r--r--src/ACKNOWLEDGMENTS5
-rw-r--r--src/src/auths/README5
-rw-r--r--src/src/auths/spa.c21
4 files changed, 26 insertions, 14 deletions
diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index a06b29b49..6774dad4a 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.45 2004/12/20 12:29:10 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.46 2004/12/20 14:57:05 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
@@ -195,6 +195,13 @@ Exim version 4.50
messages that were in split spool directories. Consequently, it was
deleting retry records that should have stayed in existence.
+48. Steve fixed some bugs in eximstats.
+
+49. The SPA authentication driver was not abandoning authentication and moving
+ on to the next authenticator when an expansion was forced to fail,
+ contradicting the general specification for all authenticators. Instead it
+ was generating a temporary error. It now behaves as specified.
+
Exim version 4.43
-----------------
diff --git a/src/ACKNOWLEDGMENTS b/src/ACKNOWLEDGMENTS
index fe092c448..a914262c7 100644
--- a/src/ACKNOWLEDGMENTS
+++ b/src/ACKNOWLEDGMENTS
@@ -1,4 +1,4 @@
-$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.7 2004/11/24 15:43:36 ph10 Exp $
+$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.8 2004/12/20 14:57:05 ph10 Exp $
EXIM ACKNOWLEDGEMENTS
@@ -20,7 +20,7 @@ relatively small patches.
Philip Hazel
Lists created: 20 November 2002
-Last updated: 24 November 2004
+Last updated: 20 December 2004
THE OLD LIST
@@ -158,6 +158,7 @@ Chris Liddiard Fix for bug in exiqsumm
Chris Lightfoot Patch for -restore-times in exim_lock
Edgar Lovecraft Patch for ${str2b64:
Torsten Luettgert Suggested patch for proper integer overflow detection
+David Madole Patch for SPA forced expansion failure bug
Lionel Elie Mamane Patch for IPv4/IPv6 listen() problem on USAGI Linux
Patch for recognizing IPv6 "scoped addresses"
Patch for callout caching bug
diff --git a/src/src/auths/README b/src/src/auths/README
index 190505f25..a25aaf0b0 100644
--- a/src/src/auths/README
+++ b/src/src/auths/README
@@ -1,4 +1,4 @@
-$Cambridge: exim/src/src/auths/README,v 1.1 2004/10/07 13:10:00 ph10 Exp $
+$Cambridge: exim/src/src/auths/README,v 1.2 2004/12/20 14:57:05 ph10 Exp $
AUTHS
@@ -57,7 +57,8 @@ The yield of a server authentication check must be one of:
OK success
DEFER couldn't complete the check
FAIL authentication failed
- CANCELLED authentication forced to fail by "*" response to challenge
+ CANCELLED authentication forced to fail by "*" response to challenge,
+ or by a forced string expansion failure
BAD64 bad base64 data received
UNEXPECTED unexpected data received
diff --git a/src/src/auths/spa.c b/src/src/auths/spa.c
index 31451344e..dc859674e 100644
--- a/src/src/auths/spa.c
+++ b/src/src/auths/spa.c
@@ -1,4 +1,4 @@
-/* $Cambridge: exim/src/src/auths/spa.c,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/spa.c,v 1.2 2004/12/20 14:57:05 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
@@ -258,19 +258,12 @@ auth_spa_client(
char *domain = NULL;
char *username, *password;
- if (smtp_write_command(outblock, FALSE, "AUTH %s\r\n",
- ablock->public_name) < 0)
- return FAIL_SEND;
-
- /* wait for the 3XX OK message */
- if (!smtp_read_response(inblock, (uschar *)buffer, buffsize, '3', timeout))
- return FAIL;
-
/* Code added by PH to expand the options */
username = CS expand_string(ob->spa_username);
if (username == NULL)
{
+ if (expand_string_forcedfail) return CANCELLED;
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_username, ablock->name,
expand_string_message);
@@ -280,6 +273,7 @@ auth_spa_client(
password = CS expand_string(ob->spa_password);
if (password == NULL)
{
+ if (expand_string_forcedfail) return CANCELLED;
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_password, ablock->name,
expand_string_message);
@@ -291,6 +285,7 @@ auth_spa_client(
domain = CS expand_string(ob->spa_domain);
if (domain == NULL)
{
+ if (expand_string_forcedfail) return CANCELLED;
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_domain, ablock->name,
expand_string_message);
@@ -300,6 +295,14 @@ auth_spa_client(
/* Original code */
+ if (smtp_write_command(outblock, FALSE, "AUTH %s\r\n",
+ ablock->public_name) < 0)
+ return FAIL_SEND;
+
+ /* wait for the 3XX OK message */
+ if (!smtp_read_response(inblock, (uschar *)buffer, buffsize, '3', timeout))
+ return FAIL;
+
DSPA("\n\n%s authenticator: using domain %s\n\n",
ablock->name, domain);