1 /* $Cambridge: exim/src/src/auths/check_serv_cond.c,v 1.3 2009/11/16 19:50:38 nm4 Exp $ */
3 /*************************************************
4 * Exim - an Internet mail transport agent *
5 *************************************************/
7 /* Copyright (c) University of Cambridge 1995 - 2009 */
8 /* See the file NOTICE for conditions of use and distribution. */
12 /* This module contains the function server_condition(), which is used
13 by all authenticators. */
16 /*************************************************
17 * Check server_condition *
18 *************************************************/
20 /* This function is called from the server code of all authenticators. For
21 plaintext, it is always called: the argument cannot be empty, because for
22 plaintext, setting server_condition is what enables it as a server
23 authenticator. For all the other authenticators, this function is called after
24 they have authenticated, to enable additional authorization to be done.
26 Argument: the authenticator's instance block
29 OK NULL argument, or success
30 DEFER couldn't complete the check
31 FAIL authentication failed
35 auth_check_serv_cond(auth_instance
*ablock
)
42 debug_printf("%s authenticator:\n", ablock
->name
);
43 for (i
= 0; i
< AUTH_VARS
; i
++)
45 if (auth_vars
[i
] != NULL
)
46 debug_printf(" $auth%d = %s\n", i
+ 1, auth_vars
[i
]);
48 for (i
= 1; i
<= expand_nmax
; i
++)
49 debug_printf(" $%d = %.*s\n", i
, expand_nlength
[i
], expand_nstring
[i
]);
50 debug_print_string(ablock
->server_debug_string
); /* customized debug */
53 /* For the plaintext authenticator, server_condition is never NULL. For the
54 rest, an unset condition lets everything through. */
56 if (ablock
->server_condition
== NULL
) return OK
;
57 cond
= expand_string(ablock
->server_condition
);
62 debug_printf("expansion failed: %s\n", expand_string_message
);
64 debug_printf("expanded string: %s\n", cond
);
67 /* A forced expansion failure causes authentication to fail. Other expansion
68 failures yield DEFER, which will cause a temporary error code to be returned to
69 the AUTH command. The problem is at the server end, so the client should try
74 if (expand_string_forcedfail
) return FAIL
;
75 auth_defer_msg
= expand_string_message
;
79 /* Return FAIL for empty string, "0", "no", and "false"; return OK for
80 "1", "yes", and "true"; return DEFER for anything else, with the string
81 available as an error text for the user. */
84 Ustrcmp(cond
, "0") == 0 ||
85 strcmpic(cond
, US
"no") == 0 ||
86 strcmpic(cond
, US
"false") == 0)
89 if (Ustrcmp(cond
, "1") == 0 ||
90 strcmpic(cond
, US
"yes") == 0 ||
91 strcmpic(cond
, US
"true") == 0)
94 auth_defer_msg
= cond
;
95 auth_defer_user_msg
= string_sprintf(": %s", cond
);
99 /* End of check_serv_cond.c */