summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/src/auths/spa.c20
-rw-r--r--test/confs/36002
-rw-r--r--test/log/36004
-rw-r--r--test/rejectlog/36002
4 files changed, 13 insertions, 15 deletions
diff --git a/src/src/auths/spa.c b/src/src/auths/spa.c
index 1abd65781..0bf7b0428 100644
--- a/src/src/auths/spa.c
+++ b/src/src/auths/spa.c
@@ -196,17 +196,14 @@ that causes failure if the size of msgbuf is exceeded. ****/
/***************************************************************/
/* Put the username in $auth1 and $1. The former is now the preferred variable;
-the latter is the original variable. */
+the latter is the original variable. These have to be out of stack memory, and
+need to be available once known even if not authenticated, for error messages
+(server_set_id, which only makes it to authenticated_id if we return OK) */
-auth_vars[0] = expand_nstring[1] = msgbuf;
+auth_vars[0] = expand_nstring[1] = string_copy(msgbuf);
expand_nlength[1] = Ustrlen(msgbuf);
expand_nmax = 1;
-/* clean up globals which aren't referenced, but still shouldn't be left
-pointing to stack memory */
-#define CLEANUP_RETURN(Code) do { auth_vars[0] = expand_nstring[1] = NULL; \
- expand_nlength[1] = expand_nmax = 0; return (Code); } while (0);
-
debug_print_string(ablock->server_debug_string); /* customized debug */
/* look up password */
@@ -218,13 +215,13 @@ if (clearpass == NULL)
{
DEBUG(D_auth) debug_printf("auth_spa_server(): forced failure while "
"expanding spa_serverpassword\n");
- CLEANUP_RETURN(FAIL);
+ return FAIL;
}
else
{
DEBUG(D_auth) debug_printf("auth_spa_server(): error while expanding "
"spa_serverpassword: %s\n", expand_string_message);
- CLEANUP_RETURN(DEFER);
+ return DEFER;
}
}
@@ -240,13 +237,12 @@ if (memcmp(ntRespData,
24) == 0)
/* success. we have a winner. */
{
- int rc = auth_check_serv_cond(ablock);
- CLEANUP_RETURN(rc);
+ return auth_check_serv_cond(ablock);
}
/* Expand server_condition as an authorization check (PH) */
-CLEANUP_RETURN(FAIL);
+return FAIL;
}
diff --git a/test/confs/3600 b/test/confs/3600
index c70fa19d7..fca55ff51 100644
--- a/test/confs/3600
+++ b/test/confs/3600
@@ -39,6 +39,7 @@ spabad:
client_password = ${if eq{1}{0}{xxx}fail}
client_username = username
server_password = ok@test.ex
+ server_set_id = $auth1
spa:
driver = spa
@@ -47,6 +48,7 @@ spa:
client_username = username
server_debug_print = +++SPA \$auth1="$auth1"
server_password = ok@test.ex
+ server_set_id = $auth1
# ----- Routers -----
diff --git a/test/log/3600 b/test/log/3600
index 43549c63a..16c59f368 100644
--- a/test/log/3600
+++ b/test/log/3600
@@ -11,7 +11,7 @@
******** SERVER ********
1999-03-02 09:44:33 exim x.yz daemon started: pid=pppp, no queue runs, listening for SMTP on port 1225
-1999-03-02 09:44:33 10HmaY-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpa A=spa S=sss id=E10HmaX-0005vi-00@myhost.test.ex
-1999-03-02 09:44:33 spa authenticator failed for localhost (myhost.test.ex) [127.0.0.1]: 535 Incorrect authentication data
+1999-03-02 09:44:33 10HmaY-0005vi-00 <= ok@test.ex H=localhost (myhost.test.ex) [127.0.0.1] P=esmtpa A=spa:username S=sss id=E10HmaX-0005vi-00@myhost.test.ex
+1999-03-02 09:44:33 spa authenticator failed for localhost (myhost.test.ex) [127.0.0.1]: 535 Incorrect authentication data (set_id=username)
1999-03-02 09:44:33 spa authenticator failed for (xxxx) [127.0.0.1]: 535 Incorrect authentication data
1999-03-02 09:44:33 spa authenticator failed for (xxxx) [127.0.0.1]: 535 Incorrect authentication data
diff --git a/test/rejectlog/3600 b/test/rejectlog/3600
index 629d314e2..4398a403a 100644
--- a/test/rejectlog/3600
+++ b/test/rejectlog/3600
@@ -1,5 +1,5 @@
******** SERVER ********
-1999-03-02 09:44:33 spa authenticator failed for localhost (myhost.test.ex) [127.0.0.1]: 535 Incorrect authentication data
+1999-03-02 09:44:33 spa authenticator failed for localhost (myhost.test.ex) [127.0.0.1]: 535 Incorrect authentication data (set_id=username)
1999-03-02 09:44:33 spa authenticator failed for (xxxx) [127.0.0.1]: 535 Incorrect authentication data
1999-03-02 09:44:33 spa authenticator failed for (xxxx) [127.0.0.1]: 535 Incorrect authentication data