case GSASL_VALIDATE_SIMPLE:
/* GSASL_AUTHID, GSASL_AUTHZID, and GSASL_PASSWORD */
propval = US gsasl_property_fast(sctx, GSASL_AUTHID);
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ auth_vars[0] = expand_nstring[1] = propval ? string_copy(propval) : US"";
propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
- auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+ auth_vars[1] = expand_nstring[2] = propval ? string_copy(propval) : US"";
propval = US gsasl_property_fast(sctx, GSASL_PASSWORD);
- auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
+ auth_vars[2] = expand_nstring[3] = propval ? string_copy(propval) : US"";
expand_nmax = 3;
for (int i = 1; i <= 3; ++i)
expand_nlength[i] = Ustrlen(expand_nstring[i]);
}
propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
/* We always set $auth1, even if only to empty string. */
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ auth_vars[0] = expand_nstring[1] = propval ? string_copy(propval) : US"";
expand_nlength[1] = Ustrlen(expand_nstring[1]);
expand_nmax = 1;
}
propval = US gsasl_property_fast(sctx, GSASL_ANONYMOUS_TOKEN);
/* We always set $auth1, even if only to empty string. */
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ auth_vars[0] = expand_nstring[1] = propval ? string_copy(propval) : US"";
expand_nlength[1] = Ustrlen(expand_nstring[1]);
expand_nmax = 1;
to the first release of Exim with this authenticator, they've been
switched to match the ordering of GSASL_VALIDATE_SIMPLE. */
propval = US gsasl_property_fast(sctx, GSASL_GSSAPI_DISPLAY_NAME);
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ auth_vars[0] = expand_nstring[1] = propval ? string_copy(propval) : US"";
propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
- auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+ auth_vars[1] = expand_nstring[2] = propval ? string_copy(propval) : US"";
expand_nmax = 2;
for (int i = 1; i <= 2; ++i)
expand_nlength[i] = Ustrlen(expand_nstring[i]);
needing to add more glue, since avoiding that is a large part of the
point of SASL. */
propval = US gsasl_property_fast(sctx, GSASL_AUTHID);
- auth_vars[0] = expand_nstring[1] = propval ? propval : US"";
+ auth_vars[0] = expand_nstring[1] = propval ? string_copy(propval) : US"";
propval = US gsasl_property_fast(sctx, GSASL_AUTHZID);
- auth_vars[1] = expand_nstring[2] = propval ? propval : US"";
+ auth_vars[1] = expand_nstring[2] = propval ? string_copy(propval) : US"";
propval = US gsasl_property_fast(sctx, GSASL_REALM);
- auth_vars[2] = expand_nstring[3] = propval ? propval : US"";
+ auth_vars[2] = expand_nstring[3] = propval ? string_copy(propval) : US"";
expand_nmax = 3;
for (int i = 1; i <= 3; ++i)
expand_nlength[i] = Ustrlen(expand_nstring[i]);
--- /dev/null
+# Exim test configuration 3820
+
+SERVER=
+
+.include DIR/aux-var/std_conf_prefix
+
+primary_hostname = myhost.test.ex
+
+# ----- Main settings -----
+
+
+# ----- Authentication -----
+
+begin authenticators
+
+sasl1:
+ driver = gsasl
+ public_name = ANONYMOUS
+ server_set_id = $auth1
+ server_condition = true
+
+sasl2:
+ driver = gsasl
+ public_name = PLAIN
+ server_set_id = $auth1
+ server_condition = false
+
+sasl3:
+ driver = gsasl
+ public_name = SCRAM-SHA-1
+
+ # will need to give library salt, stored-key, server-key, itercount
+ #
+ # sigh
+ # gsasl takes props: GSASL_SCRAM_ITER, GSASL_SCRAM_SALT. It _might_ take
+ # a GSASL_SCRAM_SALTED_PASSWORD - but that is only documented for client mode.
+
+ server_scram_iter = 4096
+ # unclear if the salt is given in binary or base64 to the library
+ server_scram_salt = QSXCR+Q6sek8bf92
+ server_password = pencil
+
+ server_condition = true
+ server_set_id = $auth1
+
+
+# End
--- /dev/null
+Connecting to 127.0.0.1 port 1225 ... connected
+??? 220
+<<< 220 myhost.test.ex ESMTP Exim x.yz Tue, 2 Mar 1999 09:44:33 +0000
+>>> EHLO xxxx
+??? 250-
+<<< 250-myhost.test.ex Hello xxxx [127.0.0.1]
+??? 250-
+<<< 250-SIZE 52428800
+??? 250-
+<<< 250-8BITMIME
+??? 250-
+<<< 250-PIPELINING
+??? 250-
+<<< 250-AUTH ANONYMOUS PLAIN SCRAM-SHA-1
+??? 250
+<<< 250 HELP
+>>> AUTH PLAIN AHBoMTAAc2VjcmV0
+??? 535
+<<< 535 Incorrect authentication data
+>>> AUTH ANONYMOUS cGgxMA==
+??? 235
+<<< 235 Authentication succeeded
+>>> QUIT
+??? 221
+<<< 221 myhost.test.ex closing connection
+End of script