From 6c512171a8449f14cc284e13aabc0153d9977c43 Mon Sep 17 00:00:00 2001
From: Philip Hazel <ph10@hermes.cam.ac.uk>
Date: Mon, 18 Jun 2007 13:57:49 +0000
Subject: Add client_condition to authenticators.

---
 doc/doc-txt/ChangeLog |  9 ++++++++-
 doc/doc-txt/NewStuff  | 14 +++++++++++++-
 2 files changed, 21 insertions(+), 2 deletions(-)

(limited to 'doc/doc-txt')

diff --git a/doc/doc-txt/ChangeLog b/doc/doc-txt/ChangeLog
index 6a8e4d1e1..cd802708e 100644
--- a/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.512 2007/06/14 14:18:19 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.513 2007/06/18 13:57:49 ph10 Exp $
 
 Change log file for Exim from version 4.21
 -------------------------------------------
@@ -50,6 +50,13 @@ PH/03 The body_linecount and body_zerocount variables are now exported in the
 
 PH/04 Added the $dnslist_matched variable.
 
+PH/05 Unset $tls_cipher and $tls_peerdn before making a connection as a client.
+      This means they are set thereafter only if the connection becomes
+      encrypted.
+
+PH/06 Added the client_condition to authenticators so that some can be skipped
+      by clients under certain conditions.
+
 
 Exim version 4.67
 -----------------
diff --git a/doc/doc-txt/NewStuff b/doc/doc-txt/NewStuff
index a63027364..7e0c472ec 100644
--- a/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@ -1,4 +1,4 @@
-$Cambridge: exim/doc/doc-txt/NewStuff,v 1.148 2007/06/14 14:18:19 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/NewStuff,v 1.149 2007/06/18 13:57:49 ph10 Exp $
 
 New Features in Exim
 --------------------
@@ -31,6 +31,18 @@ Version 4.68
     If this condition succeeds, the value in $dnslist_matched might be
     192.168.6.7 (for example).
 
+ 3. Authenticators now have a client_condition option. When Exim is running as
+    a client, it skips an authenticator whose client_condition expansion yields
+    "0", "no", or "false". This can be used, for example, to skip plain text
+    authenticators when the connection is not encrypted by a setting such as:
+
+      client_condition = ${if !eq{$tls_cipher}{}}
+
+    Note that the 4.67 documentation states that $tls_cipher contains the
+    cipher used for incoming messages. In fact, during SMTP delivery, it
+    contains the cipher used for the delivery. The same is true for
+    $tls_peerdn.
+
 
 Version 4.67
 ------------
-- 
cgit v1.2.3