Bug#291205: exim4-4.34-10 fails to authenticate via AUTH LOGIN
Package: exim4 Version: 4.34-10 Severity: important exim4-4.34-10 can not handle authentication via AUTH LOGIN because it sends a wrong server reply. I have tested it with LOGIN via PAM and LOGIN via saslauthd from sasl2-bin. Trying 62.75.160.127... Connected to vs160127.vserver.de. Escape character is '^]'. 220 vs160127.vserver.de ESMTP Exim 4.34 Wed, 19 Jan 2005 12:54:16 +0100 EHLO bla 250-vs160127.vserver.de Hello bla [62.75.200.125] 250-SIZE 52428800 250-PIPELINING 250-AUTH PLAIN LOGIN 250-STARTTLS 250 HELP AUTH LOGIN 535 Incorrect authentication data That is the wrong reply, the correct one have to be: Trying 217.172.176.57... Connected to isis45.plusserver.de. Escape character is '^]'. 220 isis45.plusserver.de ESMTP Exim 4.34 Wed, 19 Jan 2005 13:01:08 +0100 EHLO bla 250-isis45.plusserver.de Hello bla [62.75.200.125] 250-SIZE 52428800 250-PIPELINING 250-AUTH PLAIN LOGIN 250-STARTTLS 250 HELP AUTH LOGIN 334 VXNlcm5hbWU6 In exim4-4.34-8 this problem does not exist. -- Package-specific info: Exim version 4.34 #1 built 05-Jan-2005 11:07:49 Copyright (c) University of Cambridge 2004 Berkeley DB: Sleepycat Software: Berkeley DB 3.2.9: (May 26, 2004) Support for: iconv() IPv6 PAM Perl GnuTLS Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql Authenticators: cram_md5 plaintext spa Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0 Contains exiscan-acl patch revision 21 (c) Tom Kistner [http://duncanthrax.net/exiscan/] Configuration file is /var/lib/exim4/config.autogenerated -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.20-021stab026.5.777-smp Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages exim4 depends on: ii exim4-base4.34-10EXperimental Internal Mailer -- a ii exim4-daemon-heavy4.34-10Exim (v4) with extended features, -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#291205: exim4: fix for the AUTH LOGIN problem
Package: exim4
Version: 4.34-4
Followup-For: Bug #291205
The problem with the AUTH LOGIN can be solved by adding the following
line to /etc/exim4/conf.d/auth/30_exim4-config_examples
Original configuration file:
login_saslauthd:
driver = plaintext
public_name = LOGIN
# don't send system passwords over unencrypted connections
server_advertise_condition = ${if eq{$tls_cipher}{}{0}{1}}
server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
server_set_id = $1
The changed version to get AUTH LOGIN working.
login_saslauthd:
driver = plaintext
public_name = LOGIN
# don't send system passwords over unencrypted connections
server_advertise_condition = ${if eq{$tls_cipher}{}{0}{1}}
server_prompts = Username:: : Password::
server_condition = ${if saslauthd{{$1}{$2}}{1}{0}}
server_set_id = $1
I guess this should be added to default configuration.
-- Package-specific info:
Exim version 4.34 #1 built 27-Jul-2004 18:08:18
Copyright (c) University of Cambridge 2004
Berkeley DB: Sleepycat Software: Berkeley DB 3.2.9: (May 26, 2004)
Support for: iconv() IPv6 PAM Perl GnuTLS
Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch
ldap ldapdn ldapm mysql nis nis0 passwd pgsql
Authenticators: cram_md5 plaintext spa
Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp
Fixed never_users: 0
Contains exiscan-acl patch revision 21 (c) Tom Kistner
[http://duncanthrax.net/exiscan/]
Configuration file is /var/lib/exim4/config.autogenerated
# /etc/exim4/update-exim4.conf.conf
#
# Edit this file and /etc/mailname by hand and execute update-exim4.conf
# yourself or use 'dpkg-reconfigure exim4-config'
dc_eximconfig_configtype='internet'
dc_other_hostnames='/etc/exim4/confixx/confixx-domains:vs160127.vserver.de:vs160127:vs160127.vserver.de'
dc_local_interfaces='127.0.0.1:62.75.160.127'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='true'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='true'
dc_hide_mailname=''
dc_mailname_in_oh='true'
mailname:vs160127.vserver.de
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.4.20-021stab026.5.777-smp
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages exim4 depends on:
ii exim4-base4.34-4 EXperimental Internal Mailer -- a
ii exim4-daemon-heavy4.34-4 Exim (v4) with extended features,
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
