This is probably the more appropriate place for this email... -----Original Message----- From: Andrew Johnson [mailto:[EMAIL PROTECTED] Sent: 05 December 2005 18:46 To: 'exim-users@exim.org' Subject: Legacy EHLO AUTH responses (patch) 4.52
Having spent the last week dealing with lots of old broken servers connecting to my relay, I have discovered that in the main, our issues related to the AUTH= line (which seems to be deprecated now ?!). With help from this list last week, I managed to fix most of my broken users by adding a bogus authenticator to do the AUTH=LOGIN line I needed. This broke some other servers. It seems I need to put the AUTH=LOGIN line BEFORE my AUTH PLAIN LOGIN line - harder to do with the bogus authenticator because the source code inserts a " " before each authenticator so I couldn't get the "=" in there.. hmm... I thought... this is now what I've managed to do :- [EMAIL PROTECTED] exim-4.52-test]# telnet localhost 25 Trying 127.0.0.1... Connected to localhost.localdomain (127.0.0.1). Escape character is '^]'. 220 relay.mydomain.uk (0) ESMTP (Inbound) ehlo me 250-relay.mydomain.uk Hello me [127.0.0.1] 250-SIZE 140247040 250-8BITMIME 250-PIPELINING 250-AUTH=LOGIN 250-AUTH LOGIN PLAIN 250 HELP I added a couple of new exim config keywords :- auth_legacy_position (before/after/none) auth_legacy_detail (can be auto to replicate the list of authenticators or any other string - such as just login) position defaults to none detail defaults to auto. The code is only active when the normal auth conditions are met. Here is the patch incase anyone is interested :- diff -urN exim-4.52-orig/src/globals.c exim-4.52-orig-auth/src/globals.c --- exim-4.52-orig/src/globals.c 2005-07-01 12:09:15.000000000 +0100 +++ exim-4.52-orig-auth/src/globals.c 2005-12-05 18:28:33.000000000 +0000 @@ -305,6 +305,8 @@ BOOL authentication_failed = FALSE; auth_instance *auths = NULL; uschar *auth_advertise_hosts = US"*"; +uschar *auth_legacy_position = US"none"; +uschar *auth_legacy_detail = US"auto"; auth_instance auth_defaults = { NULL, /* chain pointer */ NULL, /* name */ diff -urN exim-4.52-orig/src/globals.h exim-4.52-orig-auth/src/globals.h --- exim-4.52-orig/src/globals.h 2005-07-01 12:09:15.000000000 +0100 +++ exim-4.52-orig-auth/src/globals.h 2005-12-05 18:48:02.000000000 +0000 @@ -148,6 +148,8 @@ extern uschar *authenticated_sender; /* From AUTH on MAIL */ extern BOOL authentication_failed; /* TRUE if AUTH was tried and failed */ extern uschar *auth_advertise_hosts; /* Only advertise to these */ +extern uschar *auth_legacy_position; /* Advertise AUTH= (BEFORE_AFTER_NONE) */ +extern uschar *auth_legacy_detail; /* Advertise AUTH= (AUTO_STRING) */ extern auth_info auths_available[]; /* Vector of available auth mechanisms */ extern auth_instance *auths; /* Chain of instantiated auths */ extern auth_instance auth_defaults; /* Default values */ diff -urN exim-4.52-orig/src/readconf.c exim-4.52-orig-auth/src/readconf.c --- exim-4.52-orig/src/readconf.c 2005-07-01 12:09:15.000000000 +0100 +++ exim-4.52-orig-auth/src/readconf.c 2005-12-05 18:28:33.000000000 +++ +0000 @@ -161,6 +161,8 @@ { "allow_mx_to_ip", opt_bool, &allow_mx_to_ip }, { "allow_utf8_domains", opt_bool, &allow_utf8_domains }, { "auth_advertise_hosts", opt_stringptr, &auth_advertise_hosts }, + { "auth_legacy_detail", opt_stringptr, &auth_legacy_detail }, + { "auth_legacy_position", opt_stringptr, &auth_legacy_position }, { "auto_thaw", opt_time, &auto_thaw }, #ifdef WITH_CONTENT_SCAN { "av_scanner", opt_stringptr, &av_scanner }, @@ -3005,6 +3007,15 @@ "errors_reply_to (%s) does not contain a domain", errors_reply_to); } +/* Make sure legacy definition is ok +*/ + if (Ustrcmp(auth_legacy_position,"before")!=0 && Ustrcmp(auth_legacy_position,"after")!=0 && + Ustrcmp(auth_legacy_position,"none")!=0) + { + log_write(0, LOG_PANIC_DIE|LOG_CONFIG, + "error in auth_legacy_position (before/after/none): %s", auth_legacy_position); + } + /* If smtp_accept_queue or smtp_accept_max_per_host is set, then smtp_accept_max must also be set. */ diff -urN exim-4.52-orig/src/smtp_in.c exim-4.52-orig-auth/src/smtp_in.c --- exim-4.52-orig/src/smtp_in.c 2005-07-01 12:09:15.000000000 +0100 +++ exim-4.52-orig-auth/src/smtp_in.c 2005-12-05 18:28:33.000000000 +0000 @@ -2539,6 +2539,50 @@ { auth_instance *au; BOOL first = TRUE; + DEBUG(D_receive) debug_printf("Legacy Auth :%s-%s:\n", auth_legacy_position, auth_legacy_detail); + if (Ustrcmp(auth_legacy_position,"before")==0) + { + if (Ustrcmp(auth_legacy_detail,"auto")==0) + { + for (au = auths; au != NULL; au = au->next) + { + if (au->server && (au->advertise_condition == NULL || + expand_check_condition(au->advertise_condition, au->name, + US"authenticator"))) + { + int saveptr; + if (first) + { + s = string_cat(s, &size, &ptr, US"250-AUTH=", 9); + auth_advertised = TRUE; + } + saveptr = ptr; + if (!first) + { + s = string_cat(s, &size, &ptr, US" ", 1); + } + first = FALSE; + s = string_cat(s, &size, &ptr, au->public_name, + Ustrlen(au->public_name)); + while (++saveptr < ptr) s[saveptr] = toupper(s[saveptr]); + au->advertised = TRUE; + } + else au->advertised = FALSE; + } + if (!first) s = string_cat(s, &size, &ptr, US"\r\n", 2); + } + else + { + int saveptr; + s = string_cat(s, &size, &ptr, US"250-AUTH=", 9); + saveptr = ptr; + saveptr--; + s = string_cat(s, &size, &ptr, auth_legacy_detail, Ustrlen(auth_legacy_detail)); + while (++saveptr < ptr) s[saveptr] = toupper(s[saveptr]); + s = string_cat(s, &size, &ptr, US"\r\n", 2); + } + } + first = TRUE; for (au = auths; au != NULL; au = au->next) { if (au->server && (au->advertise_condition == NULL || @@ -2562,6 +2606,49 @@ else au->advertised = FALSE; } if (!first) s = string_cat(s, &size, &ptr, US"\r\n", 2); + first = TRUE; + if (Ustrcmp(auth_legacy_position,"after")==0) + { + if (Ustrcmp(auth_legacy_detail,"auto")==0) + { + for (au = auths; au != NULL; au = au->next) + { + if (au->server && (au->advertise_condition == NULL || + expand_check_condition(au->advertise_condition, au->name, + US"authenticator"))) + { + int saveptr; + if (first) + { + s = string_cat(s, &size, &ptr, US"250-AUTH=", 9); + auth_advertised = TRUE; + } + saveptr = ptr; + if (!first) + { + s = string_cat(s, &size, &ptr, US" ", 1); + } + first = FALSE; + s = string_cat(s, &size, &ptr, au->public_name, + Ustrlen(au->public_name)); + while (++saveptr < ptr) s[saveptr] = toupper(s[saveptr]); + au->advertised = TRUE; + } + else au->advertised = FALSE; + } + if (!first) s = string_cat(s, &size, &ptr, US"\r\n", 2); + } + else + { + int saveptr; + s = string_cat(s, &size, &ptr, US"250-AUTH=", 9); + saveptr = ptr; + saveptr--; + s = string_cat(s, &size, &ptr, auth_legacy_detail, Ustrlen(auth_legacy_detail)); + while (++saveptr < ptr) s[saveptr] = toupper(s[saveptr]); + s = string_cat(s, &size, &ptr, US"\r\n", 2); + } + } } } -Andy- -- ## List details at http://www.exim.org/mailman/listinfo/exim-dev Exim details at http://www.exim.org/ ##