From: root <root@deleuze.hcoop.net>
Date: Mon, 10 Sep 2007 14:07:19 +0000 (-0400)
Subject: Update exim4 auth config to handle LOGIN
X-Git-Url: https://git.hcoop.net/hcoop/zz_old/config/exim4-hopper.git/commitdiff_plain/e5d180e5354327d6c0cfc3a655bd6e9d27fd3e90

Update exim4 auth config to handle LOGIN
---

diff --git a/conf.d/auth/30_exim4-config_examples b/conf.d/auth/30_exim4-config_examples
index fdb35c2..b228b4c 100644
--- a/conf.d/auth/30_exim4-config_examples
+++ b/conf.d/auth/30_exim4-config_examples
@@ -210,7 +210,9 @@ cram_md5:
   client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
   client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
 
-# hcoop-change: Authenticate against /etc/courier/exim.dat
+# hcoop-change: Authenticate against /etc/courier/exim.dat for plain
+# and login authenticators
+
 userdb_plain:
   driver = plaintext
   public_name = PLAIN
@@ -225,6 +227,21 @@ userdb_plain:
     }
   server_set_id = $2
 
+userdb_login:
+  driver = plaintext
+  public_name = LOGIN
+  server_prompts = "Username:: : Password::"
+  server_condition = \
+    ${if \
+      crypteq {$2} \
+              {${extract{systempw}{${tr{${lookup{$1} \
+                                 dbm{/etc/courier/exim.dat} \
+                           }}{|}{ }}}}} \
+      {yes} \
+      {no} \
+    }
+  server_set_id = $1
+
 # this returns the matching line from passwd.client and doubles all ^
 PASSWDLINE=${sg{\
                 ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
@@ -233,8 +250,8 @@ PASSWDLINE=${sg{\
 	        {^^}\
 	    }
 
-# hcoop-change: Comment out plain authenticator
-#
+# hcoop-change: Comment out plain and login authenticators
+
 # plain:
 #   driver = plaintext
 #   public_name = PLAIN
@@ -248,24 +265,24 @@ PASSWDLINE=${sg{\
 # 		    ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
 # .endif
 
-login:
-  driver = plaintext
-  public_name = LOGIN
-.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
-  # Return empty string if not non-TLS AND looking up $host in passwd-file
-  # yields a non-empty string; fail otherwise.
-  client_send = "<; ${if and{\
-                          {!eq{$tls_cipher}{}}\
-                          {!eq{PASSWDLINE}{}}\
-                         }\
-                      {}fail}\
-                 ; ${extract{1}{::}{PASSWDLINE}}\
-		 ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
-.else
-  # Return empty string if looking up $host in passwd-file yields a
-  # non-empty string; fail otherwise.
-  client_send = "<; ${if !eq{PASSWDLINE}{}\
-                      {}fail}\
-                 ; ${extract{1}{::}{PASSWDLINE}}\
-		 ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
-.endif
+# login:
+#   driver = plaintext
+#   public_name = LOGIN
+# .ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
+#   # Return empty string if not non-TLS AND looking up $host in passwd-file
+#   # yields a non-empty string; fail otherwise.
+#   client_send = "<; ${if and{\
+#                           {!eq{$tls_cipher}{}}\
+#                           {!eq{PASSWDLINE}{}}\
+#                          }\
+#                       {}fail}\
+#                  ; ${extract{1}{::}{PASSWDLINE}}\
+# 		 ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+# .else
+#   # Return empty string if looking up $host in passwd-file yields a
+#   # non-empty string; fail otherwise.
+#   client_send = "<; ${if !eq{PASSWDLINE}{}\
+#                       {}fail}\
+#                  ; ${extract{1}{::}{PASSWDLINE}}\
+# 		 ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
+# .endif