On Mon, 7 Apr 2003, Christopher Allen [BigFatPipe.Net] wrote:
> Does anyone have an example of a working auth config against a FreeBSD
> password file?
Okay, when I e-mailed this morning I was blind in both eyes as I hadn't
ever even begun to play with this before. Having spent a great deal of
time looking at FAQs and searching Google, I'm almost there.
I have everything in place, and can auth both plaintext and login against
a fixed username/password. However, once I try to point to an altered-
for-Exim password file, users who are listed in the file can authenticate
without even supplying a password. If I try to point to the actual system
password file, all auth attempts fail (presumably because permissions
prevent reading it). The Altered-for-Exim password file is a user:pass
mapping which looks exactly like a standard .htpasswd file.
I'm positive this is something with the server_condition string I'm using,
does anyone have ideas here? I should note, thus far I've only tested
with Outlook Express (gah), which is making use of the fixed_login
authenticator.
Here's the relevant section of my config:
; begin paste
fixed_plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_condition = "${if and {{!eq{$2}{}}{!eq{$3}{}} \
{crypteq{$3}{${extract{2}{:} \
{${lookup{$2}lsearch{/usr/local/exim/exim_password}{$value}{*:*}}}}}}}{1}{0}}"
server_set_id = $2
fixed_login:
driver = plaintext
public_name = LOGIN
server_prompts = Username:: : Password::
server_condition = "${if and {{!eq{$1}{}}{!eq{$2}{}} \
{crypteq{$2}{${extract{1}{:} \
{${lookup{$1}lsearch{/usr/local/exim/exim_password}{$value}{*:*}}}}}}}{1}{0}}"
server_set_id = $1
; end paste
Any help or guiding lights that can be shed are appreciated.
-CA
-- Christopher R. Allen ---- cra@??? --
-- "Education is a progressive discovery of our --
-- own ignorance." ---------------- Will Durant --
