On 2021-07-30 14:39, Jeremy Harris wrote: > The server-side spa code only writes $auth1 in one place, before > the call to evaluate the server_password. Since you're doing a > lookup, the use there should be visible in debug. > > I assume it's wrong at that time.
Yes, indeed. The $auth1 only has the "user" part and not the "domain" part in it. > The value being used appears to derive from data sent by the > client in response to a challenge from the server. There's enogh > code munging it I can't swear it won't fall over on an '@' - > but I don't see one mentioned explicitly. > > Are you certain that the full string is being supplied by the client? No, I am not sure and I am not sure how I can verify this. But I am under the impression it has something to do with the "optional" domain part not being used correctly. > The docs chapter mentions that the domain is optional, so I could > imaging it being treated as a separate item. Unfortunately, it also > only describes $auth1 as getting the user name; no mention of the > domain around the same place. > > Hmm. A relevant data structure does have separate fields "uUser" and "uDomain" - > and the server-side code doesn't use it. The client-side code does. > OK, this has likely never worked. For now, you're out of luck with SPA. That seems a logic explanation. > -- > Cheers, > Jeremy Thanks, Jan -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
