[exim] mysql authentication problem...

Page principale
Supprimer ce message
Répondre à ce message
Auteur: John Doe
Date:  
À: exim-users
Sujet: [exim] mysql authentication problem...
Hi,

I am quite new to exim and I am trying to setup encryption + mysql authentication...
While the encryption seems to work, the authentication fails.
Here's what I added to my exim.conf (exim 4.63):

USERCHECK_PLAIN_QUERY = ${lookup mysql {SELECT password FROM emails WHERE login = '$2'} {$value}fail}}{1}{0}"
USERCHECK_LOGIN_QUERY = ${lookup mysql {SELECT password FROM emails WHERE login = '$1'} {$value}fail}}{1}{0}"
...
hide mysql_servers = localhost/accounts/exim/pass
...
tls_advertise_hosts = *
tls_certificate = /etc/pki/tls/certs/exim.pem 
tls_privatekey = /etc/pki/tls/private/exim.pem
...
daemon_smtp_ports = 465
tls_on_connect_ports = 465
...
PLAIN:
  driver                     = plaintext
  server_set_id              = $auth2
  server_prompts             = :
  server_condition           = ${if match{$3}{USERCHECK_PLAIN_QUERY}{1}{0}}
  server_advertise_condition = ${if def:tls_cipher }
LOGIN: 
  driver                     = plaintext
  server_set_id              = $auth1
  server_prompts             = <| Username: | Password: 
  server_condition           = ${if match{$2}{USERCHECK_LOGIN_QUERY}{1}{0}}
  server_advertise_condition = ${if def:tls_cipher }


In my mysql 'emails' table, I have login='test' and password='pass'
And I get:
...
28487 search_open: mysql "NULL"
28487 cached open
28487 search_find: file="NULL"
28487 key="SELECT password FROM emails where login = 'test'" partial=-1 affix=NULL starflags=0
28487 LRU list:
28487 internal_search_find: file="NULL"
28487 type=mysql key="SELECT password FROM emails where login = 'test'"
28487 cached data used for lookup of SELECT password FROM emails where login = 'test'
28487 lookup yielded: pass
28487 LOGIN authenticator:
28487 $auth1 = test
28487 $auth2 = pass
28487 $1 = test
28487 $2 = pass
28487 expanded string: 0
28487 SMTP>> 535 Incorrect authentication data
28487 tls_do_write(830d528, 35)
28487 SSL_write(SSL, 830d528, 35)
28487 outbytes=35 error=0
28487 LOG: MAIN REJECT
28487 LOGIN authenticator failed for (pc-03.test) [127.0.0.1]: 535 Incorrect authentication data (set_id=test)

I also tested the cram-md5 driver (with an md5ed password) but it failed too, even with a correct 'lookup yielded: 1a1dc91c907325c69271ddf0c944bc72'...
Any idea/advice on how to fix it or make it better?
Also, if I select TLS in Thunderbird, it only allows port 25... is this normal?

Thx,
JD