same as in other authenticators (it moves to the next authenticator).
-$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.45 2004/12/20 12:29:10 ph10 Exp $
+$Cambridge: exim/doc/doc-txt/ChangeLog,v 1.46 2004/12/20 14:57:05 ph10 Exp $
Change log file for Exim from version 4.21
-------------------------------------------
Change log file for Exim from version 4.21
-------------------------------------------
messages that were in split spool directories. Consequently, it was
deleting retry records that should have stayed in existence.
messages that were in split spool directories. Consequently, it was
deleting retry records that should have stayed in existence.
+48. Steve fixed some bugs in eximstats.
+
+49. The SPA authentication driver was not abandoning authentication and moving
+ on to the next authenticator when an expansion was forced to fail,
+ contradicting the general specification for all authenticators. Instead it
+ was generating a temporary error. It now behaves as specified.
+
Exim version 4.43
-----------------
Exim version 4.43
-----------------
-$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.7 2004/11/24 15:43:36 ph10 Exp $
+$Cambridge: exim/src/ACKNOWLEDGMENTS,v 1.8 2004/12/20 14:57:05 ph10 Exp $
Philip Hazel
Lists created: 20 November 2002
Philip Hazel
Lists created: 20 November 2002
-Last updated: 24 November 2004
+Last updated: 20 December 2004
Chris Lightfoot Patch for -restore-times in exim_lock
Edgar Lovecraft Patch for ${str2b64:
Torsten Luettgert Suggested patch for proper integer overflow detection
Chris Lightfoot Patch for -restore-times in exim_lock
Edgar Lovecraft Patch for ${str2b64:
Torsten Luettgert Suggested patch for proper integer overflow detection
+David Madole Patch for SPA forced expansion failure bug
Lionel Elie Mamane Patch for IPv4/IPv6 listen() problem on USAGI Linux
Patch for recognizing IPv6 "scoped addresses"
Patch for callout caching bug
Lionel Elie Mamane Patch for IPv4/IPv6 listen() problem on USAGI Linux
Patch for recognizing IPv6 "scoped addresses"
Patch for callout caching bug
-$Cambridge: exim/src/src/auths/README,v 1.1 2004/10/07 13:10:00 ph10 Exp $
+$Cambridge: exim/src/src/auths/README,v 1.2 2004/12/20 14:57:05 ph10 Exp $
OK success
DEFER couldn't complete the check
FAIL authentication failed
OK success
DEFER couldn't complete the check
FAIL authentication failed
- CANCELLED authentication forced to fail by "*" response to challenge
+ CANCELLED authentication forced to fail by "*" response to challenge,
+ or by a forced string expansion failure
BAD64 bad base64 data received
UNEXPECTED unexpected data received
BAD64 bad base64 data received
UNEXPECTED unexpected data received
-/* $Cambridge: exim/src/src/auths/spa.c,v 1.1 2004/10/07 13:10:01 ph10 Exp $ */
+/* $Cambridge: exim/src/src/auths/spa.c,v 1.2 2004/12/20 14:57:05 ph10 Exp $ */
/*************************************************
* Exim - an Internet mail transport agent *
/*************************************************
* Exim - an Internet mail transport agent *
char *domain = NULL;
char *username, *password;
char *domain = NULL;
char *username, *password;
- if (smtp_write_command(outblock, FALSE, "AUTH %s\r\n",
- ablock->public_name) < 0)
- return FAIL_SEND;
-
- /* wait for the 3XX OK message */
- if (!smtp_read_response(inblock, (uschar *)buffer, buffsize, '3', timeout))
- return FAIL;
-
/* Code added by PH to expand the options */
username = CS expand_string(ob->spa_username);
if (username == NULL)
{
/* Code added by PH to expand the options */
username = CS expand_string(ob->spa_username);
if (username == NULL)
{
+ if (expand_string_forcedfail) return CANCELLED;
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_username, ablock->name,
expand_string_message);
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_username, ablock->name,
expand_string_message);
password = CS expand_string(ob->spa_password);
if (password == NULL)
{
password = CS expand_string(ob->spa_password);
if (password == NULL)
{
+ if (expand_string_forcedfail) return CANCELLED;
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_password, ablock->name,
expand_string_message);
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_password, ablock->name,
expand_string_message);
domain = CS expand_string(ob->spa_domain);
if (domain == NULL)
{
domain = CS expand_string(ob->spa_domain);
if (domain == NULL)
{
+ if (expand_string_forcedfail) return CANCELLED;
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_domain, ablock->name,
expand_string_message);
string_format(buffer, buffsize, "expansion of \"%s\" failed in %s "
"authenticator: %s", ob->spa_domain, ablock->name,
expand_string_message);
+ if (smtp_write_command(outblock, FALSE, "AUTH %s\r\n",
+ ablock->public_name) < 0)
+ return FAIL_SEND;
+
+ /* wait for the 3XX OK message */
+ if (!smtp_read_response(inblock, (uschar *)buffer, buffsize, '3', timeout))
+ return FAIL;
+
DSPA("\n\n%s authenticator: using domain %s\n\n",
ablock->name, domain);
DSPA("\n\n%s authenticator: using domain %s\n\n",
ablock->name, domain);