On Tue, 22 Apr 2003 22:44:02 +0100, Jez Hancock jez.hancock at munk.nu wrote :-
http://www.exim.org/pipermail/exim-users/Week-of-Mon-20030421/052791.html
> The code is here anyway in case anyone in future is interested:
On Wed, 23 Apr 2003 10:19:53 +0200, Kirill Miazine replied with some excellent suggestions.
I compiled exim4 for FreeBSD, with pam support, but could not get pam
to work for me. I used the following authenticator :-
#plain:
# driver = plaintext
# public_name = PLAIN
# server_condition = "${if pam{$2:$3}{1}{0}}"
# server_set_id = $1
But had no luck. This would, naturally, be the best solution.
Any better ideas on this one ?
I implemented Kirill Miazine's suggestions, and, for completeness,
this is the result.
It works for me .. thanks everybody !!
Cheers, Andy!
#############################################################
#!/usr/bin/perl
# Originally by Jez Hancock jez.hancock at munk.nu
# Other suggestions by Kirill Miazine
# Patched by Andy Rabagliati - andyr at wizzy.com
package EximAuth;
use strict;
use vars qw(@ISA);
use Crypt::PasswdMD5;
use Net::Server::PreFork;
@ISA = qw(Net::Server::PreFork);
sub process_request {
my $self = shift;
my $sock = $self->{'server'}->{'client'};
chomp(my $username = $sock->getline());
chomp(my $password = $sock->getline());
# some minimal data validation:
if (!$username ||
!$password ||
length($username) >16 ||
length($password) >255) {
return $sock->print("no");
}
# get the line from the pwd db based on $username:
my (undef,$sys_password) = getpwnam($username);
# get the salt:
my ($salt) = $sys_password =~ /\$.*\$(.*)\$/;
# get our hash:
my $hash=unix_md5_crypt($password, $salt);
$sock->print($hash eq $sys_password ? 'yes' : 'no');
# for debug output:
#open(LOG, ">>/tmp/log") || die("can't open logfile: $!");
#print(LOG "username: $username submitted password: "
# ."$password salt: $salt myhash: $hash syshash: $sys_password\n"
#);
}
umask(0000);
__PACKAGE__->run(
proto => 'unix',
port => '/var/spool/exim/auth/auth.sock',
min_servers => 5,
min_spare_servers => 5,
max_spare_servers => 10,
max_servers => 15,
max_requests => 1000,
log_level => 7,
);
#------------------------------------------------------------------------------
#and an exim authenticator:
#------------------------------------------------------------------------------
#plain:
# driver = plaintext
# public_name = PLAIN
# server_condition = ${readsocket{/var/spool/exim/auth/auth.sock}{$2\n$3\n}}
#------------------------------------------------------------------------------
