Bug#336979: exim4: Using courier_authdaemon authentication accepts wrong passwords

[Marc Haber]

On Wed, Nov 02, 2005 at 08:24:31AM +0100, Marc Haber wrote:
> This code works, and since the exim wiki is more "official" as some
> random web forum, I have modified the Debian package to now use this
> example.

http://svn.debian.org/wsvn/pkg-exim4/exim/trunk/debian/debconf/conf.d/auth/30_exim4-config_examples?op=file&rev=0&sc=0
has the fixed file, and the new courier authenticator is

# Authenticate against courier authdaemon

# This is now the (working!) example from
# http://www.exim.org/eximwiki/FAQ/Policy_controls/Q0730
# Possible pitfall: access rights on /var/run/courier/authdaemon/socket.
# plain_courier_authdaemon:
#   driver = plaintext
#   public_name = PLAIN
#   server_condition = \
#     ${extract {ADDRESS} \
#               {${readsocket{/var/run/courier/authdaemon/socket} \
#               {AUTH ${strlen:exim\nlogin\n$2\n$3\n}\nexim\nlogin\n$2\n$3\n} }} \
#               {yes} \
#               fail}
#   server_set_id = $2
#   .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
#   server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
#   .endif

# login_courier_authdaemon:
#   driver = plaintext
#   public_name = LOGIN
#   server_prompts = Username:: : Password::
#   server_condition = \
#     ${extract {ADDRESS} \
#               {${readsocket{/var/run/courier/authdaemon/socket} \
#               {AUTH ${strlen:exim\nlogin\n$1\n$2\n}\nexim\nlogin\n$1\n$2\n} }} \
#               {yes} \
#               fail}
#   server_set_id = $1
#   .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
#   server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
#   .endif

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835