Bug#244724: exim4: passwd.client is better to use wildlsearch and documentation updates

Sat Nov 4 10:11:46 CET 2006

Hi Osamu,

On Fri, Nov 03, 2006 at 11:19:55PM +0900, Osamu Aoki wrote:
> My ISP put back AUTH for SMTP so I hit this bug again :-)
> 
> It took me a while to realize the confofuration needs to use canonical
> name or just *.  I think Debian provided configuration is better to use
> wildsearch than plain lsearch to enable wildcard in the hostname field 
> here.

That's a rather neat idea and I'm going to implement this soon. I am
wondering, however, that we shuold probably use nwildlsearch instead
of the wildlsearch* you have been suggesting. We do not need string
expansion there, and wildlsearch* strikes me as redundant. Can you
please verify?

> Also, since I can not call the current /etc/exim4/passwd.client
> explanation as verbose and it may be overlooked if it was user modified,
> I updated README.Debian to point to the manpage which is not so easy to
> find for novice:
> 
>  $ man -k passwd.client
>  exim4_passwd_client (5) - Files in use by the Debian exim4 packages

That is a good idea as well since the current /etc/exim4/passwd.client
docs do little more than pointing the user to the manpage.

> diff -Nru exim4-4.63-orig/debian/debconf/conf.d/auth/30_exim4-config_examples exim4-4.63/debian/debconf/conf.d/auth/30_exim4-config_examples
> --- exim4-4.63-orig/debian/debconf/conf.d/auth/30_exim4-config_examples	2006-11-03 21:18:55.000000000 +0900
> +++ exim4-4.63/debian/debconf/conf.d/auth/30_exim4-config_examples	2006-11-03 21:43:26.000000000 +0900
> @@ -48,7 +48,7 @@
>  #   driver = plaintext
>  #   public_name = LOGIN
>  #   server_prompts = "Username:: : Password::"
> -#   server_condition = "${if crypteq{$auth2}{${extract{1}{:}{${lookup{$auth1}lsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
> +#   server_condition = "${if crypteq{$auth2}{${extract{1}{:}{${lookup{$auth1}wildlsearch{CONFDIR/passwd}{$value}{*:*}}}}}{1}{0}}"
>  #   server_set_id = $auth1
>  #   .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
>  #   server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
> @@ -57,7 +57,7 @@
>  # cram_md5_server:
>  #   driver = cram_md5
>  #   public_name = CRAM-MD5
> -#   server_secret = ${extract{2}{:}{${lookup{$auth1}lsearch{CONFDIR/passwd}{$value}fail}}}
> +#   server_secret = ${extract{2}{:}{${lookup{$auth1}wildlsearch{CONFDIR/passwd}{$value}fail}}}
>  #   server_set_id = $auth1

I do not understand this part of the patch. Server authentication does
not use passwd.client, and your change is going to introduce wildcards
for _user names_, which does not sound desireable. Any chance that
this part of the patch is result of a search-and-replace call?

Without better arguments, I'm not going to take this part of the patch.

The other instances of lsearch* have been replaced by nwildlsearch in
svn, and pending successful testing, I'm going to upload soon.

> diff -Nru exim4-4.63-orig/debian/manpages/exim4-config_files.5 exim4-4.63/debian/manpages/exim4-config_files.5
> --- exim4-4.63-orig/debian/manpages/exim4-config_files.5	2006-11-03 21:18:55.000000000 +0900
> +++ exim4-4.63/debian/manpages/exim4-config_files.5	2006-11-03 23:18:33.000000000 +0900
> diff -Nru exim4-4.63-orig/debian/README.Debian.xml exim4-4.63/debian/README.Debian.xml
> --- exim4-4.63-orig/debian/README.Debian.xml	2006-11-03 21:18:55.000000000 +0900
> +++ exim4-4.63/debian/README.Debian.xml	2006-11-03 22:37:58.000000000 +0900

These are very good patches, modulo some Japanisms in the English
wording, which I have replaced by appropriate Germanisms ;)

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835