Re: [exim] Using saslauthd with exim.

Fri, 25 Feb 2011 12:45:40 -0800 

On 25 Feb 2011, at 20:40, Dominic Benson wrote:

> 
> On 25 Feb 2011, at 19:33, Alexander Kitaev wrote:
> 
>> Hello,
>> 
>> There are the following defaults in the Exim configuration:
>> 
>> plain_saslauthd_server:
>>  driver = plaintext
>>  public_name = PLAIN
>>  server_condition = ${if saslauthd{{$auth2}{$auth3}}{0}{1}}
>>  server_set_id = $auth2
>>  server_prompts = :
>>  .ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
>>  server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
>>  .endif
>> 
>> 
>> In particulary, there is a line:
>> 
>> server_condition = ${if saslauthd{{$auth2}{$auth3}}{0}{1}}
>> 
>> As I can see from the auth.log, saslauthd is called with the following
>> parameters:
>> 
>> [[email protected]] [service=] [realm=] [mech=sasldb] ...
>> 
>> However, I'd like saslauthd to be called as:
>> 
>> [user=name] [service=exim] [realm=domain.com] [mech=sasldb]...
>> 
>> In other words, I'd like exim to parse auth2 and split it into the
>> name and realm parts and also would like exim to use service name
>> "exim", so that corresponding record in the sasldb could be located.
>> 
>> How could I do that? I tried, for instance, replacing {0} with {exim}
>> and {1} with {domain.com}, but it broke authentication.
> 
> 
> This goes direct to saslauthd, with whatever mechanism it is configured to 
> use. You need to used an authenticator with the cyrus_sasl driver to get the 
> extra options.
> 
> plain_sasl_server is the sample example in Debian's exim4-config. It uses 
> "exim" as the application name by default, and /usr/lib/sasl2/exim.conf is 
> the first path checked. I thought that /etc/sasl2 was also checked, but I 
> didn't have any luck with that. I think it depends on the sasl library 
> configure options.
> 
> See http://www.exim.org/exim-html-current/doc/html/spec_html/ch36.html for 
> the options that are accepted. server_realm and server_service are two that I 
> think you are referring to.
> 
> 


Ignore this. Do what Phil said! I thought you also wanted to vary the 
mechanism...



-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to