Re: [exim] Unable to authenticate at present (set_id=username): missing or misplaced { or }

Fri, 08 Jan 2016 08:35:17 -0800 

On 2016-01-04 19:16, Thomas Stein wrote:

On Monday 04 January 2016 16:04:48 Jeremy Harris wrote:

On 04/01/16 12:53, Thomas Stein wrote:
> Am 04.01.16 um 13:40 schrieb Jeremy Harris:
>> On 02/01/16 12:14, Thomas Stein wrote:
>>> Wrong user:
>>>
>>> exim # exim -be '${if exists{/etc/exim/passwd}
>>> {${lookup{eitadmin}lsearch{/etc/exim/paur sswd} {${if crypteq{test}
>>> {\{md5\}${extract{1}{:}{$value}{$value}fail}} {true}{false} }} {${if
>>> pam{eitadmin:${sg{MyPassw0rd}{:}{::}} } {true}{false}} } }} {${if
>>> pam{eitadmin:${sg{MyPassw0rdaaa}{:}{::}} } {true}{false}} }}'
>>> Failed: missing or misplaced { or }
>>
>> Try laying out that with all the matching brackets carefully
>> vertically aligned.  Does the layout match the syntax
>> and semantics of each component?
>
> Well, it has to because if i use a user which exists in /etc/exim/passwd
> everything works as expected. But i tried your suggestion anyway. Looks
> good to me.
OK, next add a debug option "-d-all+expand+lookup". This will show the 
processing flow of the expansion.  Where does it first see a problem?


Hi Jeremy.
Thanks for your help. Here the output with "-d-all+expand+lookup". Don't really know what it means. I shortend the construct a little bit. Skipped the 
pam section.

With existing user:

serve ~ # exim -d-all+expand+lookup -be '${if exists{/etc/exim/passwd}
{${lookup{testuser}lsearch{/etc/exim/passwd} {${if crypteq{test}
{\{md5\}${extract{1}{:}{$value}{$value}fail}} {true}{false} }} }}}'
Exim version 4.87_RC2 uid=0 gid=0 pid=15854 D=10100
Berkeley DB: Berkeley DB 6.0.30: (January 23, 2014)
Support for: crypteq iconv() PAM Perl TCPwrappers OpenSSL Content_Scanning 
Old_Demime DKIM DNSSEC Event OCSP PRDR Experimental_SPF
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz 
dbmnz dnsdb dsearch passwd
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply pipe smtp
Fixed never_users: 0
Size of off_t: 8
Compiler: GCC [5.3.0]
Library version: OpenSSL: Compile: OpenSSL 1.0.2d 9 Jul 2015
                          Runtime: OpenSSL 1.0.2e 3 Dec 2015
                                 : built on: reproducible build, date
unspecified
Library version: PCRE: Compile: 8.35
                       Runtime: 8.35 2014-04-04
Total 12 lookups
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
configuration file is /etc/exim/exim.conf
log selectors = 00000ffc 10332001
trusted user
admin user
expanding: /etc/exim/passwd
   result: /etc/exim/passwd
condition: exists{/etc/exim/passwd}
   result: true
expanding: testuser
   result: testuser
expanding: /etc/exim/passwd
   result: /etc/exim/passwd
search_open: lsearch "/etc/exim/passwd"
search_find: file="/etc/exim/passwd"
  key="testuser" partial=-1 affix=NULL starflags=0
LRU list:
  7/etc/exim/passwd
  End
internal_search_find: file="/etc/exim/passwd"
  type=lsearch key="testuser"
file lookup required for testuser
  in /etc/exim/passwd
lookup yielded: 098f6bcd4621d373cade4e832627b4f6:test
expanding: test
   result: test
expanding: 1
   result: 1
expanding: :
   result: :
expanding: $value
   result: 098f6bcd4621d373cade4e832627b4f6:test
expanding: $value
   result: 098f6bcd4621d373cade4e832627b4f6
expanding: \{md5\}${extract{1}{:}{$value}{$value}fail}
   result: {md5}098f6bcd4621d373cade4e832627b4f6
condition: crypteq{test}{\{md5\}${extract{1}{:}{$value}{$value}fail}}
   result: true
expanding: true
   result: true
expanding: false
   result: false
skipping: result is not used
expanding: ${if crypteq{test}{\{md5\}${extract{1}{:}{$value}{$value}fail}} 
{true}{false} }
   result: true
expanding: ${lookup{testuser}lsearch{/etc/exim/passwd} {${if crypteq{test} 
{\{md5\}${extract{1}{:}{$value}{$value}fail}} {true}{false} }} }
   result: true
expanding: ${if exists{/etc/exim/passwd}
{${lookup{testuser}lsearch{/etc/exim/passwd} {${if crypteq{test}
{\{md5\}${extract{1}{:}{$value}{$value}fail}} {true}{false} }} }}}
   result: true
true
search_tidyup called

Exim pid=15854 terminating with rc=0 >>>>>>>>>>>>>>>>


With not existing user:

serve ~ # exim -d-all+expand+lookup -be '${if exists{/etc/exim/passwd}
{${lookup{test}lsearch{/etc/exim/passwd} {${if crypteq{test}
{\{md5\}${extract{1}{:}{$value}{$value}fail}} {true}{false} }} }}}'
Exim version 4.87_RC2 uid=0 gid=0 pid=15952 D=10100
Berkeley DB: Berkeley DB 6.0.30: (January 23, 2014)
Support for: crypteq iconv() PAM Perl TCPwrappers OpenSSL Content_Scanning 
Old_Demime DKIM DNSSEC Event OCSP PRDR Experimental_SPF
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz 
dbmnz dnsdb dsearch passwd
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply pipe smtp
Fixed never_users: 0
Size of off_t: 8
Compiler: GCC [5.3.0]
Library version: OpenSSL: Compile: OpenSSL 1.0.2d 9 Jul 2015
                          Runtime: OpenSSL 1.0.2e 3 Dec 2015
                                 : built on: reproducible build, date
unspecified
Library version: PCRE: Compile: 8.35
                       Runtime: 8.35 2014-04-04
Total 12 lookups
WHITELIST_D_MACROS unset
TRUSTED_CONFIG_LIST unset
configuration file is /etc/exim/exim.conf
log selectors = 00000ffc 10332001
trusted user
admin user
expanding: /etc/exim/passwd
   result: /etc/exim/passwd
condition: exists{/etc/exim/passwd}
   result: true
expanding: test
   result: test
expanding: /etc/exim/passwd
   result: /etc/exim/passwd
search_open: lsearch "/etc/exim/passwd"
search_find: file="/etc/exim/passwd"
  key="test" partial=-1 affix=NULL starflags=0
LRU list:
  7/etc/exim/passwd
  End
internal_search_find: file="/etc/exim/passwd"
  type=lsearch key="test"
file lookup required for test
  in /etc/exim/passwd
lookup failed
expanding: test
   result: test
skipping: result is not used
expanding: 1
   result: 1
skipping: result is not used
expanding: :
   result: :
skipping: result is not used
expanding: $value
   result:
skipping: result is not used
expanding: $value
   result:
skipping: result is not used
failed to expand: \{md5\}${extract{1}{:}{$value}{$value}fail}} {true}{false} 
}} }}}
   error message: missing or misplaced { or }
failed to expand: ${if crypteq{test}{\{md5\}${extract{1}{:}{$value}
{$value}fail}} {true}{false} }} }}}
   error message: missing or misplaced { or }
failed to expand: ${lookup{test}lsearch{/etc/exim/passwd} {${if crypteq{test} 
{\{md5\}${extract{1}{:}{$value}{$value}fail}} {true}{false} }} }}}
   error message: missing or misplaced { or }
failed to expand: ${if exists{/etc/exim/passwd}
{${lookup{test}lsearch{/etc/exim/passwd} {${if crypteq{test}
{\{md5\}${extract{1}{:}{$value}{$value}fail}} {true}{false} }} }}}
   error message: missing or misplaced { or }
Failed: missing or misplaced { or }
search_tidyup called

Exim pid=15952 terminating with rc=0 >>>>>>>>>>>>>>>>
It seems to me that "\{md5\}${extract{1}" does not expand if the user does not 
exist in /etc/exim/passwd.

(fyi, i changed the password already)

cheers
t.


Any chance of getting this sorted out?

thanks and best regards
t.

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/

Reply via email to