Re: [Exim] extract problems with digits in smtp-auth

Pàgina inicial
Delete this message
Reply to this message
Autor: Philip Hazel
Data:  
A: robert rotman
CC: exim-users
Assumpte: Re: [Exim] extract problems with digits in smtp-auth
On Wed, 28 Feb 2001, robert rotman wrote:

> > On Wed, 28 Feb 2001, robert rotman wrote:
> >
> > >   $1 = '#exim.org
> > >        ^
> > >        this is a binary charakter, like a caro;)
> > >   $2 = ph10

> > >
> > > --> this is when i authenticat with "1#exim.org and ph10"
> > >
> > >
> > > when i authenticate with "a#exim.org" and "ph10" everything works ok!


I have just tried this experiment, using this authenticator:

fixed_plain:                     
  driver = plaintext
  public_name = PLAIN
  server_condition = ${lookup mysql{select password from table where \
     username='${extract{1}{#}{$2}}' and \
     domain='${extract{2}{#}{$2}}'}{$value}fail}    


The command I sent was

auth plain AHBoMTAAMSNleGltLm9yZw==

That b64 string decodes to "?ph10?1#exim.org" where the "?" characters
represent binary zeros. The debug log I got was

fixed_plain authenticator:
$1 =
$2 = ph10
$3 = 1#exim.org

which is of course correct.

However, during the course of this experiment, I came across something
that might explain your problem, depending on exactly how you are
testing this. In order to run the test, I had to find out the b64 string
to use (I was telnetting to the testing Exim). I have a script that does
b64 encoding - it's a Perl script that basically does

printf ("%s", encode_base64(eval "\"$ARGV[0]\""));

My first attempt was to run this script with the argument

'\0ph10\01#exim.org'

This of course did not work, because the \01 was taken as a single
character. The correct argument is

'\0ph10\0001#exim.org'

Now, if I'd used "a" instead of "1" it would have worked. Could
something like this be what you are seeing?

-- 
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.