On Mon, 2010-04-26 at 10:07 +0200, Chris Wilson wrote:
> Hi Ron,
>
> On Fri, 23 Apr 2010, Ron White wrote:
>
> > Can I just focus on this to clear up some misunderstanding which is
> > probably really important to the logic of Exim as a whole?
> >
> > 'Chunking' that down and switching to a 'login' example I get:
> > login:
> > driver = plaintext
> > public_name = LOGIN
> > server_prompts = "Username:: : Password::"
> > server_condition = ${lookup mysql{SELECT 1 from mailusers
> > WHERE email='${quote_mysql:$2}' AND userpassword
> > = md5('${quote_mysql:$3}') and outbound = 1}}
> > server_set_id = $1
> >
> > So that I'm clear, if 'server_condition' fails/is false the
> > server_set_id = $1 will never execute? It will have the value a false
> > value?
>
> More or less. Exim executes conditions in order, and the first failing one
> causes the ACL/router/transport to be skipped.
>
> If the condition fails, because server_set_id is not executed, the server
> continues to use the original ID. I'm not sure what "It will have the
> value a false value" means here. server_set_id is an option, not a
> variable. It changes the behaviour of the server in a way that's not
> clearly documented in exim 4.x, even though it was for exim 3.x; the best
> I can find is this:
>
> http://www.exim.org/exim-html-current/doc/html/spec_html/ch07.html#SECTdefconfauth
>
> > Not that I need to use it, but I think I misunderstood the whole:
> > crypteq {$3} line. I'm not clear on if this syntax if I'm honest and
> > what actually happens.
>
> http://www.exim.org/exim-html-current/doc/html/spec_html/ch11.html#SECTexpcond
>
> > server_condition = ${if crypteq {$3}{\{whateva\}${lookup mysql{ SELECT
> > userpassword FROM mailusers WHERE some_condition.....\}}}{yes}{no}}
>
> I think you have some mismatched braces in there, or perhaps the final
> backslash-escaped closing brace \} should not be escaped.
>
> crypteq is a condition that encrypts a string and compares it to another
> string. It returns either a true or a false value. The if statement will
> return one or other of the arguments depending on whether crypteq returned
> true or false. The defaults for "if" are true and false, equivalent to yes
> and no, so they can both be omitted.
>
> > It's a touch confusing because I also see statements that terminate like
> > this: {1}fail}. My (warped) logic would say to me that means the same
> > thing? 1 is true whereas fail is false???? If I can get these clear in
> > my head it would be a big help.
>
> fail is not the same as false. fail causes a forced expansion failure,
> which might for example result in the email being rejected rather than the
> next router/transport/ACL being tried:
>
> http://www.exim.org/exim-html-current/doc/html/spec_html/ch11.html#SECTforexpfai
>
> Cheers, Chris.
> --
> _ ___ __ _
> / __/ / ,__(_)_ | Chris Wilson <0000 at qwirx.com> - Cambs UK |
> / (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Perl/SQL/HTML Developer |
> \ _/_/_/_//_/___/ | We are GNU-free your mind-and your software |
>
Thank you Chris. Appreciated.
Some of the terminology is giving me issues, but with those pointers
parts of the overall picture are coming together. The server_set_id
appears, thanks to your link to the V3 docs, to be usable like this: