Andreas Metzler <eximusers@???> (Sa 29 Apr 2006 13:20:08 CEST):
> Heiko Schlittermann <hs@???> wrote:
> [...]
> > # login authentication using a clear text password file
> > login:
> > driver = plaintext
> > public_name = LOGIN
> > server_prompts = Username:: : Password::
> > server_condition = ${if eq{$2}{${lookup{$1}lsearch{/etc/exim4/passwd}}}{yes}{no}}
> > server_set_id = $1
>
> > If there's an unknown user and an empty password this authenticator
> > *will* succeed! Now I changed it a little bit:
>
> > server_condition = ${if eq{PLAIN\:$2}{${lookup{$1}lsearch{/etc/exim4/passwd}}}{yes}{no}}
>
> > (and of course my password file as well containing lines like 'user:PLAIN:xxx'
>
> > My question: Is there a more elegant solution? In this case here it
> > would be enough if failing lseach could about the complete condition.
> [...]
>
> Won't this
> ${if eq{$2}{${lookup{$1}lsearch{/etc/exim4/passwd}{$value}fail}{yes}{no}}
yes, with one more '}':
${if eq{$2}{${lookup{$1}lsearch{/etc/exim4/passwd}{$value}fail}}{yes}{no}}
It's that I meant with 'failing lsearch could abort the complete
condition'.
> work or alternatively
> ${if eq{$2}{${lookup{$1}lsearch{/etc/exim4/passwd}{$value}{supersecretstring}}{yes}{no}
Hm. Should work as well.
Thanks for your input. I was blind, obvisously.
Best regards from Dresden
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann HS12-RIPE -----------------------------------------
gnupg encrypted messages are welcome - key ID: 48D0359B ---------------
gnupg fingerprint: 3061 CFBF 2D88 F034 E8D2 7E92 EE4E AC98 48D0 359B -
