Bug#406686: Re: Bug#406686: exim4: Client Auth Can't Handle Special Characters in Passwords

[Marc Haber]

reopen #406686
retitle #406686 issues with ^ and : in client authentication data
thanks

On Sat, Jan 13, 2007 at 11:43:08AM +0100, Andreas Metzler wrote:
> AUTH LOGIN and PLAIN will indeed fail with ^ since exim converts it to
> a binary zero. Doubling the ^ in /etc/exim4/passwd.client will disable
> this.

I think that the doubling should be done inside the authenticator, for
example as:
plain:
  driver = plaintext
  public_name = PLAIN
.ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
  client_send = "${if !eq{$tls_cipher}{}{\
                     ^${extract{1}{::}\
                        {${sg{\
                          ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
                          }\
                          {\\N[\\^]\\N}\
                          {^^}\
                        }}\
                       }\
                     ^${extract{2}{::}\
                        {${sg{\
                          ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
                          }\
                          {\\N[\\^]\\N}\
                          {^^}\
                        }}\
                       }\
                   }fail}"
.else
<snip>

The expressions are already horrible, so we do not lose badly here.
I'd prefer this over another part of documentation that's going to be
ignored by 99 % of users anyway.

Any idea about allowing colons in auth data?

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835