Re: [exim] A question on SMTP AUTH MySQL and Conditional Syn…

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Chris Wilson
Date:  
À: Ron White
CC: exim-users
Sujet: Re: [exim] A question on SMTP AUTH MySQL and Conditional Syntax
Hi Ron,

On Fri, 23 Apr 2010, Ron White wrote:

> Can I just focus on this to clear up some misunderstanding which is
> probably really important to the logic of Exim as a whole?
>
> 'Chunking' that down and switching to a 'login' example I get:
> login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = "Username:: : Password::"
> server_condition = ${lookup mysql{SELECT 1 from mailusers
> WHERE email='${quote_mysql:$2}' AND userpassword
> = md5('${quote_mysql:$3}') and outbound = 1}}
> server_set_id = $1
>
> So that I'm clear, if 'server_condition' fails/is false the
> server_set_id = $1 will never execute? It will have the value a false
> value?


More or less. Exim executes conditions in order, and the first failing one
causes the ACL/router/transport to be skipped.

If the condition fails, because server_set_id is not executed, the server
continues to use the original ID. I'm not sure what "It will have the
value a false value" means here. server_set_id is an option, not a
variable. It changes the behaviour of the server in a way that's not
clearly documented in exim 4.x, even though it was for exim 3.x; the best
I can find is this:

http://www.exim.org/exim-html-current/doc/html/spec_html/ch07.html#SECTdefconfauth

> Not that I need to use it, but I think I misunderstood the whole:
> crypteq {$3} line. I'm not clear on if this syntax if I'm honest and
> what actually happens.


http://www.exim.org/exim-html-current/doc/html/spec_html/ch11.html#SECTexpcond

> server_condition = ${if crypteq {$3}{\{whateva\}${lookup mysql{ SELECT
> userpassword FROM mailusers WHERE some_condition.....\}}}{yes}{no}}


I think you have some mismatched braces in there, or perhaps the final
backslash-escaped closing brace \} should not be escaped.

crypteq is a condition that encrypts a string and compares it to another
string. It returns either a true or a false value. The if statement will
return one or other of the arguments depending on whether crypteq returned
true or false. The defaults for "if" are true and false, equivalent to yes
and no, so they can both be omitted.

> It's a touch confusing because I also see statements that terminate like
> this: {1}fail}. My (warped) logic would say to me that means the same
> thing? 1 is true whereas fail is false???? If I can get these clear in
> my head it would be a big help.


fail is not the same as false. fail causes a forced expansion failure,
which might for example result in the email being rejected rather than the
next router/transport/ACL being tried:

http://www.exim.org/exim-html-current/doc/html/spec_html/ch11.html#SECTforexpfai

Cheers, Chris.
-- 
_ ___ __     _
  / __/ / ,__(_)_  | Chris Wilson <0000 at qwirx.com> - Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Perl/SQL/HTML Developer |
\ _/_/_/_//_/___/ | We are GNU-free your mind-and your software |