client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
-plain:
+# hcoop-change: Authenticate against either /etc/courier/exim.dat or
+# SASL for plain and login authenticators
+
+hcoop_plain:
driver = plaintext
public_name = PLAIN
-.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
- client_send = "${if !eq{$tls_cipher}{}{\
- ^${extract{1}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}\
- ^${extract{2}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}\
- }fail}"
-.else
- client_send = "^${extract{1}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}\
- ^${extract{2}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}"
-.endif
+ server_condition = \
+ ${if or {{crypteq {$3} \
+ {${extract{systempw}{${tr{${lookup{$2} \
+ dbm{/etc/courier/exim.dat} \
+ }}{|}{ }}}}}} \
+ {saslauthd {{$2}{$3}}}}}
+ server_set_id = $2
-login:
+hcoop_login:
driver = plaintext
public_name = LOGIN
-.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
- # Return empty string if not non-TLS AND looking up $host in passwd-file
- # yields a non-empty string; fail otherwise.
- client_send = "${if and{\
- {!eq{$tls_cipher}{}}\
- {!eq\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}\
- {$value}fail}}\
- {}}\
- }\
- {}fail}\
- : ${extract{1}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}} \
- : ${extract{2}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}"
-.else
- # Return empty string if looking up $host in passwd-file yields a
- # non-empty string; fail otherwise.
- client_send = "${if !eq\
- {${lookup\
- {$host}nwildlsearch{CONFDIR/passwd.client}\
- {$value}fail}}\
- {}\
- {}fail}\
- : ${extract{1}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}} \
- : ${extract{2}{::}\
- {${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}"
-.endif
+ server_prompts = "Username:: : Password::"
+ server_condition = \
+ ${if or {{crypteq {$2} \
+ {${extract{systempw}{${tr{${lookup{$1} \
+ dbm{/etc/courier/exim.dat} \
+ }}{|}{ }}}}}} \
+ {saslauthd {{$1}{$2}}}}}
+ server_set_id = $1
+
+# this returns the matching line from passwd.client and doubles all ^
+PASSWDLINE=${sg{\
+ ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
+ }\
+ {\\N[\\^]\\N}\
+ {^^}\
+ }
+
+# hcoop-change: Comment out plain and login authenticators
+
+# plain:
+# driver = plaintext
+# public_name = PLAIN
+# .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
+# client_send = "<; ${if !eq{$tls_cipher}{}\
+# {^${extract{1}{:}{PASSWDLINE}}\
+# ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}\
+# }fail}"
+# .else
+# client_send = "<; ^${extract{1}{:}{PASSWDLINE}}\
+# ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+# .endif
+
+# login:
+# driver = plaintext
+# public_name = LOGIN
+# .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
+# # Return empty string if not non-TLS AND looking up $host in passwd-file
+# # yields a non-empty string; fail otherwise.
+# client_send = "<; ${if and{\
+# {!eq{$tls_cipher}{}}\
+# {!eq{PASSWDLINE}{}}\
+# }\
+# {}fail}\
+# ; ${extract{1}{::}{PASSWDLINE}}\
+# ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+# .else
+# # Return empty string if looking up $host in passwd-file yields a
+# # non-empty string; fail otherwise.
+# client_send = "<; ${if !eq{PASSWDLINE}{}\
+# {}fail}\
+# ; ${extract{1}{::}{PASSWDLINE}}\
+# ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+# .endif