------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
http://www.exim.org/bugzilla/show_bug.cgi?id=449
Summary: dovecot authenticator doesn's set $authenticated_id
Product: Exim
Version: 4.66
Platform: Other
OS/Version: All
Status: NEW
Severity: bug
Priority: medium
Component: SMTP Authentication
AssignedTo: ph10@???
ReportedBy: nigel@???
QAContact: exim-dev@???
Reporter: w@???
Here's another bug I've just found: the dovecot authenticator doesn't
set up the $authenticated_id variable properly. From the documentation
on:
http://www.exim.org/exim-html-4.66/doc/html/spec_html/ch37.html
.. one could think that the authenticated user data should be stored in
$auth1, which then can be passed to $authenticated_id by server_set_id
(BTW: the above configuration example has a typo in it - server_setid
instead of server_set_id). But - it isn't. Here's an example session
from "exim -bh someIP -d+all" with the relevant data:
(PLAIN_AUTH_DATA_STRING contains valid authentication string)
18:15:04 53704 250-SIZE 52428800
18:15:04 53704 250-ETRN
18:15:04 53704 250-PIPELINING
18:15:04 53704 250-AUTH PLAIN LOGIN CRAM-MD5 DIGEST-MD5
18:15:04 53704 250 HELP
auth plain PLAIN_AUTH_DATA_STRING
18:15:07 53704 SMTP<< auth plain PLAIN_AUTH_DATA_STRING
18:15:07 53704 using ACL "acl_check_auth"
18:15:07 53704 processing "accept"
18:15:07 53704 accept: condition test succeeded
18:15:07 53704 dovecot authentication
18:15:07 53704 received: MECH PLAIN plaintext
18:15:07 53704 received: MECH LOGIN plaintext
18:15:07 53704 received: MECH DIGEST-MD5 dictionary active
mutual-auth
18:15:07 53704 received: MECH CRAM-MD5 dictionary active
18:15:07 53704 received: VERSION 1 0
18:15:07 53704 received: SPID 99426
18:15:07 53704 received: CUID 7
18:15:07 53704 received: DONE
18:15:07 53704 sent: VERSION 1 0
18:15:07 53704 CPID 53704
18:15:07 53704 AUTH 7 PLAIN service=smtp rip=1.1.1.1
lip=NULL resp=PLAIN_AUTH_DATA_STRING
18:15:07 53704 received: OK 7 user=test.user.2@???
18:15:07 53704 dovecot_plain authenticator:
18:15:07 53704 $auth1 = test.user.2@???
18:15:07 53704 $1 = test.user.2@???
18:15:07 53704 expanding: $auth1
18:15:07 53704 result:
18:15:07 53704 SMTP>> 235 Authentication succeeded
235 Authentication succeeded
As you can see, the authenticator tries to expand $auth1, but the result
is empty, though a few lines abowe it just said that "$auth1 =
something". I tried to compare the result with the plaintext
authenticator - it clearly said that expanding $auth2 (plaintext users
$auth2) worked as it should, so, as far as I can tell, it's dovecot
authenticator's fault. I'm not familiar enough with exim internals to
propose a patch myself, though I tried to read through src/auths/deliver.c.
should
--
Jan Srzednicki :: http://wrzask.pl/
"Remember, remember, the fifth of November"
-- V for Vendetta
--
Configure bugmail:
http://www.exim.org/bugzilla/userprefs.cgi?tab=email
