[Exim] server_condition on AUTH PLAIN

Top Page
Delete this message
Reply to this message
Author: Fernando Gutierrez Perez
Date:  
To: exim-users
Subject: [Exim] server_condition on AUTH PLAIN
I'm trying to test 2 conditions on server_condition . I put this:

server_condition =${if and {{ eq {${extract{2}{@}{$2}}} {mydomain.com}
}}{ ${if crypteq{$3}{${sg{${lookup ldap
{ldap://ldapmachine.in.mad.mydomain.com/o=mydomain.com?userpassword?sub?(mail=$2)}}}{\\\{SHA\\\}}{\\\{sha1\\\}}}}{yes}{no}}}}
server_set_id = $2

I test this config .. the expresion is expanded OK but auth fails . This
is debug session . Some data like machine or root of ldap:


 8416 SMTP>> 250-mymachine.eresmas.com Hello ipsistemas.com [10.192.1.50]
 8416 250-SIZE 52428800
 8416 250-PIPELINING
 8416 250-AUTH PLAIN LOGIN
 8416 250 HELP
 8416 SMTP<< AUTH PLAIN AHJib290QGVyZXNtYXMuY29tADEyMzQ1Ng==
 8416 expanding: 2
 8416    result: 2
 8416 expanding: @
 8416    result: @
 8416 expanding: $2
 8416    result: rboot@???
 8416 expanding: ${extract{2}{@}{$2}}
 8416    result: eresmas.com
 8416 expanding: eresmas.com
 8416    result: eresmas.com
 8416 condition: and {{ eq {${extract{2}{@}{$2}}} {eresmas.com} }}
 8416    result: true
 8416 expanding: $3
 8416    result: 123456
 8416 expanding:
ldap://ldapmachine.in.mad.mydomain.com/o=mydomain.com?userpassword?sub?(mail=$2)
 8416    result:
ldap://ldapmachine.in.mad.mydomain.com/o=mydomain.com?userpassword?sub?(mail=rboot@???)
 8416 search_open: ldap "NULL"
 8416 search_find: file="NULL"
 8416
key="ldap://ldapmachine.in.mad.mydomain.com/o=mydomain.com?userpassword?sub?(mail=rboot@???)"
partial=-1 affix=NULL starflags=0
 8416 LRU list:
 8416 internal_search_find: file="NULL"
 8416   type=ldap
key="ldap://ldapmachine.in.mad.mydomain.com/o=mydomain.com?userpassword?sub?(mail=rboot@???)"
 8416 database lookup required for
ldap://ldapm.in.mad.eresmas.com/o=mydomain.com?userpassword?sub?(mail=rboot@???)
 8416 LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1
dereference=0
 8416 perform_ldap_search: ldap URL
="ldap://ldapmachine.in.mad.mydomain.com/o=mydomain.com?userpassword?sub?(mail=rboot@???)"
server=NULL port=0 sizelimit=0 timelimit=0 tcplimit=-1
 8416 after ldap_url_parse: host=ldapmachine.in.mad.mydomain.com port=389
 8416 ldap_initialize with URL ldap://ldapmachine.in.mad.mydomain.com:389/
 8416 initialized for LDAP (v3) server ldapmachine.in.mad.mydomain.com:389
 8416 binding with user=NULL password=NULL
 8416 Start search
 8416 ldap_result loop
 8416 LDAP entry loop
 8416 LDAP attr loop userpassword:{SHA}fEqNCco3Yq9h5ZUglD3CZJT4lBs=
 8416 search ended by ldap_result yielding 101
 8416 ldap_parse_result yielded 0: Success
 8416 LDAP search: returning: {SHA}fEqNCco3Yq9h5ZUglD3CZJT4lBs=
 8416 lookup yielded: {SHA}fEqNCco3Yq9h5ZUglD3CZJT4lBs=
 8416 expanding: ${lookup ldap
{ldap://ldapmachine.in.mad.mydomain.com/o=alehop.com?userpassword?sub?(mail=$2)}}
 8416    result: {SHA}fEqNCco3Yq9h5ZUglD3CZJT4lBs=
 8416 expanding: \\\{SHA\\\}
 8416    result: \{SHA\}
 8416 expanding: \\\{sha1\\\}
 8416    result: \{sha1\}
 8416 expanding: \{sha1\}
 8416    result: {sha1}
 8416 expanding: ${sg{${lookup ldap
{ldap://ldapmachine.in.mad.mydomain.com/o=alehop.com?userpassword?sub?(mail=$2)}}}{\\\{SHA\\\}}{\\\{sha1\\\}}}
 8416    result: {sha1}fEqNCco3Yq9h5ZUglD3CZJT4lBs=
 8416 crypteq: using SHA1+B64 hashing
 8416   subject=fEqNCco3Yq9h5ZUglD3CZJT4lBs=
 8416   crypted=fEqNCco3Yq9h5ZUglD3CZJT4lBs=
 8416 condition: crypteq{$3}{${sg{${lookup ldap
{ldap://ldapmachine.in.mad.mydomain.com/o=mydomain.com?userpassword?sub?(mail=$2)}}}{\\\{SHA\\\}}{\\\{sha1\\\}}}}
 8416    result: true
 8416 expanding: yes
 8416    result: yes
 8416 expanding: no
 8416    result: no
 8416 skipping: result is not used
 8416 expanding:    ${if crypteq{$3}{${sg{${lookup ldap
{ldap://ldapmachine.in.mad.mydomain.com/o=mydomain.com?userpassword?sub?(mail=$2)}}}{\\\{SHA\\\}}{\\\{sha1\\\}}}}{yes}{no}}
 8416    result:    yes
 8416 expanding: ${if and {{ eq {${extract{2}{@}{$2}}} {eresmas.com}
}}{   ${if crypteq{$3}{${sg{${lookup ldap
{ldap://ldapmachine.in.mad.mydomain.com/o=mydomain.com?userpassword?sub?(mail=$2)}}}{\\\{SHA\\\}}{\\\{sha1\\\}}}}{yes}{no}}}}
 8416    result:    yes
 8416 plain authenticator:
 8416   $1 =
 8416   $2 = rboot@???
 8416   $3 = 123456
 8416 expanded string:    yes
 8416 expanding: $2
 8416    result: rboot@???
 8416 SMTP>> 435 Unable to authenticate at present:    yes
 8416 LOG: MAIN REJECT
 8416   plain authenticator failed for (ipsistemas.com) [10.192.1.50]:
435 Unable to authenticate at present (set_id=rboot@???):    yes
 8416 LOG: lost_incoming_connection MAIN
 8416   SMTP command timeout on connection from (ipsistemas.com)
[10.192.1.50]
 8416 SMTP>> 421 mailamena.eresmas.com: SMTP command timeout - closing
connection
 8416 search_tidyup called
 8416 unbind LDAP connection to ldapm.in.mad.eresmas.com:389
 8416 >>>>>>>>>>>>>>>> Exim pid=8416 terminating with rc=1 >>>>>>>>>>>>>>>>
 8379 child 8416 ended: status=0x100
 8379 0 SMTP accept processes now running
 8379 Listening...



Thanks in advance