Re: [Exim] Crazy expansion

Top Page
This message is part of the following thread:
M--\the complete thread tree sorted by date
M+\MDave C. at <-
MMMMVadim Vygonets at ->
Delete this message
Reply to this message
Author: Dave C.
Date:  
To: exim-users
Subject: Re: [Exim] Crazy expansion
Well, I've managed to come up with the following.. It is completely
untested, I havent even put it in a config file yet.

${if crypteq {$2} {\{crypt\}${lookup {${local_part:$1}} lsearch
{/etc/virtual/${domain:$1}/passwd}
{$value} {0123456789123} }} {yes} {no} }

(This is the case where the auth data is $1=username and $2=password)

Am I on the right track or is this going to blow up horribly?

I don't have any special checks to make sure the file or directory
exists, what will happen if they dont?

Is there anything else I need to worry about?


On Fri, 5 May 2000, Dave C. wrote:

>
>
> I need to write a condition for an authenticator, that I know is going
> to be a nightmare, and I'm hoping someone that is a lot more expert
> than I at crufting these things can help. I know the general concept I
> need, I'm just not familiar with the exact syntax.
>
> (I know I will get some RTFM responses. I am R'ing the FM and am just
> hoping perhaps someone can help me do it a little faster)
>
> The authenticators are currently as follows, which is fairly
> straightforward.
> 
> fixed_login:
>   driver = plaintext
>   public_name = LOGIN
>   server_prompts = "Username:: : Password::"
>   server_condition = "\
>       ${if pam {$1:$2}{yes}{no}}"
>   server_set_id = $1

> 
> fixed_plain:
>   driver = plaintext
>   public_name = PLAIN
>   server_condition = "\
>     ${if pam {$2:$3}{yes}{no}}"
>   server_set_id = $2

>
>
> I need to modify these to succeed if either the pam check succeeds -OR-
>
> 1. The username-part of the auth data contains an "@"
>
> (if $1 contains "@" then () else pam () ) ?
> 
> 2. A directory exists, /path/to/<DOMAINPART>, where <DOMAINPART> is the
>    portion of the username-part after the "@"

> 
> 3. There exists in that directory a file /path/to/<DOMAINPART>/passwd,
>    which contains a standard username/password pair, and the username
>    in the file matches the portion of the username-part of auth data
>    which is before the "@"

>
> (exists : /path/to/(substr(everything_after(@)($1)))/passwd ) ?
> 
> 4. The password for that username in the file matches (with crypt) the
>    password-part of the auth data.

>
> (lsearch in file /path/to/(substr(everything_after(@)($1)))/passwd with a key of
> (substr(everything_before(@)($1))) = crypt($2) ) ?
>
> An example:
>
> There is a file /path/to/some-domain.com/passwd, which contains (among
> other entries):
>
> |
> |webmaster:T0dKpGFFwan8o
> |
>
>
> If the client provides
>
> "webmaster@???" as a username, and "12345" (which matches
> the crypt above) as a password, it should satisfy the auth criteria
>
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>

--






This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Integrating PGP with Exim (...& procmail filtering?)Re: [Exim] Generic VBS script detection - filter attached (fwd)->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)