2008/3/21, Phil Pennock <exim-users@???>:
>
> On 2008-03-21 at 08:45 +0100, Olivier wrote:
> > Here http://www.exim.org/exim-html-current/doc/html/spec_html/ch33.html,
> > you can read :
> >
> > If you have the *mimencode* command installed, another way to do produce
> > base64-encoded strings is to run the command
> >
> > echo -e -n `\0user\0password' | mimencode
> >
> > The *-e* option of *echo* enables the interpretation of backslash
> escapes in
> > the argument, and the *-n* option specifies no newline at the end of its
> > output. However, not all versions of *echo* recognize these options, so
> you
> > should check your version before relying on this suggestion.
> >
> > Would it be possible to add a small example, so that readers can be
> certain
> > their version of echo recognize these options ?
> > I was thinking of :
>
>
> I believe that the printf(1) command is fairly portable. POSIX.2 at
> least. This should provide the most certainty instead of digressing
> into a discussion of different implementations of echo.
I'm not fluent in POSIX or Linux in general but I fully agree about avoiding
digressing
into a discussion of different implementations.
When I tried myself, I kept on wondering "did I used the right encoding
command ? Shall I escape this character or not ?"
If documentation could be more directive on this point, it would help.
Just don't push the \0 in as a parameter, keep it in the format string.
>
> That then leads, though, into whether or not mimencode is spelt mmencode
> on your system. Especially since these days the commands more likely to
> exist on modern OSes are the generic character set manipulation
> commands such as recode(1).
>
> Perhaps it should just list 3 or 4 alternatives to try until one works?
>
> printf '\0%s\0%s' user password | mmencode
> printf '\0%s\0%s' user password | recode ascii../Base64
> perl -MMIME::Base64 -e 'print encode_base64("\0user\0password")'
> python -c 'import base64; print base64.b64encode("\0user\0password")'
Yes and my suggestion is to include both the command line AND its result, so
that, readers can be 100% sure.
I would add, for instance, the following lines :
$ echo -e -n 'user' | mimencode
dXNlcg==
or
$ printf '%s' user | mimencode
dXNlcg==
Maybe this user password could be chosen a bit more complex to help people
having usernames or passwords that include strange characters.
And information answering to "shall I append password to user name and
prefix each with a 0" could be kept separate from encoding examples.
To sum it up, I would structure this chapter data into :
1. how to encode and check encoding
2. how to encode complex passwords or user names
3. how to test authentication
Olivier
/me grumbles at newer systems that don't include Perl, only Python
>
>
> -Phil
