Tamas TEVESZ wrote: > On Wed, 12 Mar 2003, Nico Erfurth wrote:
>
> > Hmmm, well let me think, maybe it doesn't matter, whatever you have the
> > same Challange or not, in your situation?
>
> it certainly did. it was proper cram-md5, only the actual checking
> was put back to postgres (ie. a pg stored procedure received the
> challenge made by exim and the encrypted hash supplied by the client,
> then it looked up the cleartext pw from a database, re-hashed it with
> the supplied challenge, and compared the two hashes).
Well, maybe I'm wrong with the expansion vs. Macro-stuff, but I'm pretty
sure that the macro isn't expanded. The macro-substitution takes place
when exim reads the configfile and blindly expanding it here would cause
REAL trouble.
