[exim-cvs] cvs commit: exim/exim-doc/doc-txt NewStuff Optio…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Philip Hazel
Dátum:  
Címzett: exim-cvs
Tárgy: [exim-cvs] cvs commit: exim/exim-doc/doc-txt NewStuff OptionLists.txt exim/exim-src/src EDITME expand.c
ph10 2006/12/05 11:35:28 GMT

  Modified files:
    exim-doc/doc-txt     NewStuff OptionLists.txt 
    exim-src/src         EDITME expand.c 
  Log:
  Documentation and comment tidies.


  Revision  Changes    Path
  1.124     +2 -2      exim/exim-doc/doc-txt/NewStuff
  1.28      +1 -1      exim/exim-doc/doc-txt/OptionLists.txt
  1.18      +18 -5     exim/exim-src/src/EDITME
  1.73      +64 -8     exim/exim-src/src/expand.c


  Index: NewStuff
  ===================================================================
  RCS file: /home/cvs/exim/exim-doc/doc-txt/NewStuff,v
  retrieving revision 1.123
  retrieving revision 1.124
  diff -u -r1.123 -r1.124
  --- NewStuff    14 Nov 2006 16:40:36 -0000    1.123
  +++ NewStuff    5 Dec 2006 11:35:28 -0000    1.124
  @@ -1,4 +1,4 @@
  -$Cambridge: exim/exim-doc/doc-txt/NewStuff,v 1.123 2006/11/14 16:40:36 ph10 Exp $
  +$Cambridge: exim/exim-doc/doc-txt/NewStuff,v 1.124 2006/12/05 11:35:28 ph10 Exp $


   New Features in Exim
   --------------------
  @@ -198,8 +198,8 @@
       available for compatibility.)


   12. The "message" modifier can now be used on acl verbs to vary the message
  -    that is sent when an SMTP command. For example, in a RCPT ACL you could
  -    have:
  +    that is sent when an SMTP command is accepted. For example, in a RCPT ACL
  +    you could have:


         accept  <some conditions>
                 message = OK, I'll allow you through today


  Index: OptionLists.txt
  ===================================================================
  RCS file: /home/cvs/exim/exim-doc/doc-txt/OptionLists.txt,v
  retrieving revision 1.27
  retrieving revision 1.28
  diff -u -r1.27 -r1.28
  --- OptionLists.txt    6 Nov 2006 15:50:12 -0000    1.27
  +++ OptionLists.txt    5 Dec 2006 11:35:28 -0000    1.28
  @@ -1,4 +1,4 @@
  -$Cambridge: exim/exim-doc/doc-txt/OptionLists.txt,v 1.27 2006/11/06 15:50:12 ph10 Exp $
  +$Cambridge: exim/exim-doc/doc-txt/OptionLists.txt,v 1.28 2006/12/05 11:35:28 ph10 Exp $


   LISTS OF EXIM OPTIONS
   ---------------------
  @@ -776,7 +776,7 @@
   DB_LOCKFILE_MODE             optional*    mode for hints lock files
   DB_LOCK_TIMEOUT              optional*    timeout for hints lock files
   DB_MODE                      optional*    mode for hints files
  -DEFAULT_CRYPT                optional     use crypt16() as default
  +DEFAULT_CRYPT                optional     default crypt() function
   DELIVER_IN_BUFFER_SIZE       optional*
   DELIVER_OUT_BUFFER_SIZE      optional*
   DISABLE_D_OPTION             optional     disables -D option


  Index: EDITME
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/EDITME,v
  retrieving revision 1.17
  retrieving revision 1.18
  diff -u -r1.17 -r1.18
  --- EDITME    2 Oct 2006 13:38:18 -0000    1.17
  +++ EDITME    5 Dec 2006 11:35:28 -0000    1.18
  @@ -1,4 +1,4 @@
  -# $Cambridge: exim/exim-src/src/EDITME,v 1.17 2006/10/02 13:38:18 ph10 Exp $
  +# $Cambridge: exim/exim-src/src/EDITME,v 1.18 2006/12/05 11:35:28 ph10 Exp $


   ##################################################
   #          The Exim mail transport agent         #
  @@ -536,7 +536,7 @@
   # configuration of an authenticator for use with SMTP AUTH.) At least one
   # operating system has an extended function called crypt16(), which uses up to
   # 16 characters of a password (the normal crypt() uses only the first 8). Exim
  -# supports the use of crypt16() as well as crypt().
  +# supports the use of crypt16() as well as crypt() but note the warning below.


# You can always indicate a crypt16-encrypted password by preceding it with
# "{crypt16}". If you want the default handling (without any preceding
@@ -548,10 +548,23 @@
# an encrypted password with "{crypt}". For more details, see the description
# of the "crypteq" condition in the manual chapter on string expansions.

-# Since most operating systems do not include a crypt16() function (yet?), Exim
-# has one of its own, which it uses unless HAVE_CRYPT16 is defined. Normally,
-# that will be set in an OS-specific Makefile for the OS that have such a
-# function, so you should not need to bother with it.
+# Some operating systems do not include a crypt16() function, so Exim has one
+# of its own, which it uses unless HAVE_CRYPT16 is defined. Normally, that will
+# be set in an OS-specific Makefile for the OS that have such a function, so
+# you should not need to bother with it.
+
+# *** WARNING *** WARNING *** WARNING *** WARNING *** WARNING ***
+# It turns out that the above is not entirely accurate. As well as crypt16()
+# there is a function called bigcrypt() that some operating systems have. This
+# may or may not use the same algorithm, and both of them may be different to
+# Exim's built-in crypt16() that is used unless HAVE_CRYPT16 is defined.
+#
+# However, since there is now a move away from the traditional crypt()
+# functions towards using SHA1 and other algorithms, tidying up this area of
+# Exim is seen as very low priority. In practice, if you need to, you can
+# define DEFAULT_CRYPT to the name of any function that has the same interface
+# as the traditional crypt() function.
+# *** WARNING *** WARNING *** WARNING *** WARNING *** WARNING ***


#------------------------------------------------------------------------------

  Index: expand.c
  ===================================================================
  RCS file: /home/cvs/exim/exim-src/src/expand.c,v
  retrieving revision 1.72
  retrieving revision 1.73
  diff -u -r1.72 -r1.73
  --- expand.c    13 Nov 2006 12:32:58 -0000    1.72
  +++ expand.c    5 Dec 2006 11:35:28 -0000    1.73
  @@ -1,4 +1,4 @@
  -/* $Cambridge: exim/exim-src/src/expand.c,v 1.72 2006/11/13 12:32:58 ph10 Exp $ */
  +/* $Cambridge: exim/exim-src/src/expand.c,v 1.73 2006/12/05 11:35:28 ph10 Exp $ */


   /*************************************************
   *     Exim - an Internet mail transport agent    *
  @@ -13,12 +13,20 @@


#include "exim.h"

+/* Recursively called function */
+
+static uschar *expand_string_internal(uschar *, BOOL, uschar **, BOOL);
+
#ifdef STAND_ALONE
#ifndef SUPPORT_CRYPTEQ
#define SUPPORT_CRYPTEQ
#endif
#endif

+#ifdef LOOKUP_LDAP
+#include "lookups/ldap.h"
+#endif
+
#ifdef SUPPORT_CRYPTEQ
#ifdef CRYPT_H
#include <crypt.h>
@@ -28,15 +36,63 @@
#endif
#endif

  -#ifdef LOOKUP_LDAP
  -#include "lookups/ldap.h"
  -#endif
  -
  +/* The handling of crypt16() is a mess. I will record below the analysis of the
  +mess that was sent to me. We decided, however, to make changing this very low
  +priority, because in practice people are moving away from the crypt()
  +algorithms nowadays, so it doesn't seem worth it.
  +
  +<quote>
  +There is an algorithm named "crypt16" in Ultrix and Tru64.  It crypts
  +the first 8 characters of the password using a 20-round version of crypt
  +(standard crypt does 25 rounds).  It then crypts the next 8 characters,
  +or an empty block if the password is less than 9 characters, using a
  +20-round version of crypt and the same salt as was used for the first
  +block.  Charaters after the first 16 are ignored.  It always generates
  +a 16-byte hash, which is expressed together with the salt as a string
  +of 24 base 64 digits.  Here are some links to peruse:
  +
  +        http://cvs.pld.org.pl/pam/pamcrypt/crypt16.c?rev=1.2
  +        http://seclists.org/bugtraq/1999/Mar/0076.html
  +
  +There's a different algorithm named "bigcrypt" in HP-UX, Digital Unix,
  +and OSF/1.  This is the same as the standard crypt if given a password
  +of 8 characters or less.  If given more, it first does the same as crypt
  +using the first 8 characters, then crypts the next 8 (the 9th to 16th)
  +using as salt the first two base 64 digits from the first hash block.
  +If the password is more than 16 characters then it crypts the 17th to 24th
  +characters using as salt the first two base 64 digits from the second hash
  +block.  And so on: I've seen references to it cutting off the password at
  +40 characters (5 blocks), 80 (10 blocks), or 128 (16 blocks).  Some links:
  +
  +        http://cvs.pld.org.pl/pam/pamcrypt/bigcrypt.c?rev=1.2
  +        http://seclists.org/bugtraq/1999/Mar/0109.html
  +        http://h30097.www3.hp.com/docs/base_doc/DOCUMENTATION/HTML/AA-Q0R2D-
  +             TET1_html/sec.c222.html#no_id_208
  +
  +Exim has something it calls "crypt16".  It will either use a native
  +crypt16 or its own implementation.  A native crypt16 will presumably
  +be the one that I called "crypt16" above.  The internal "crypt16"
  +function, however, is a two-block-maximum implementation of what I called
  +"bigcrypt".  The documentation matches the internal code.
  +
  +I suspect that whoever did the "crypt16" stuff for Exim didn't realise
  +that crypt16 and bigcrypt were different things.
  +
  +Exim uses the LDAP-style scheme identifier "{crypt16}" to refer
  +to whatever it is using under that name.  This unfortunately sets a
  +precedent for using "{crypt16}" to identify two incompatible algorithms
  +whose output can't be distinguished.  With "{crypt16}" thus rendered
  +ambiguous, I suggest you deprecate it and invent two new identifiers
  +for the two algorithms.
  +
  +Both crypt16 and bigcrypt are very poor algorithms, btw.  Hashing parts
  +of the password separately means they can be cracked separately, so
  +the double-length hash only doubles the cracking effort instead of
  +squaring it.  I recommend salted SHA-1 ({SSHA}), or the Blowfish-based
  +bcrypt ({CRYPT}$2a$).
  +</quote>
  +*/


-
-/* Recursively called function */
-
-static uschar *expand_string_internal(uschar *, BOOL, uschar **, BOOL);