On Sat, Jun 07, 2014 at 12:22:35AM -0700, Clint Pachl wrote: > Jason McIntyre wrote, On 05/15/14 13:54: > >>the man page sates that: > >>> > >>> Both auth and auth-optional accept an optional table as a > >>> parameter. When provided, credentials are looked up in this > >>> table. > >>> > >>>but reading the new smtpd.conf(5) gives the impression that authtable is > >>>mandatory. I haven't checked the code but the following passes a check > >>>with smtpd -n > >>> > >>> listen on iwn0 tls auth > >>> listen on em0 tls auth-optional > >>> > >>>so it seems to be a valid syntax. > >>> > >it's why i added the word "optional" to the description. the syntax > >[<table>] is really ugly, and is hard to understand. > > > >we could do it, but i don;t want to. sometimes it's better to sacrifice > >being a million percent correct for clarity. > > The syntax may be ugly, but the vagueness for a novice such as myself is > confusing. I wasted an hour with this exact issue the other day. I was > looking for the problem in all the wrong places. I thought my certs were > bad, my "pki" declaration was wrong, my email client was misconfigured. > Finally, I decided to try "<>" around my table name. Voil?! >
but that is not down to my not wrapping <authtable> in [], right? > The documentation is inconsistent and that's what threw me off. > > In smtpd.conf(5) on OpenBSD 5.5 for example, the "listen on" directive has > the option "auth authtable" where the angle brackets are implied. But the > "accept | reject" directive has the option "for [!] domain <domains> [alias > <aliases>]" where the angle brackets are explicit. > i don;t know how it looked in 5.5., but it is explicit now. > It should be exclusively one way or the other. If [<table>] is too ugly, > then suffix all table place holders with "table". So for example, the > "accept | reject" directive I mentioned above would become "for [!] domain > domaintable [alias aliastable]". Then make a note that all place > holders/variables must be encloded by angle brackets. > > Personally, I don't like that solution. I think being explicit with the > syntax is the correct solution. It doesn't matter if it is ugly; it's the > syntax that smtpd uses so it should be documented as such. > > ok, here's what's there now: [auth | auth-optional <authtable>] ... Both auth and auth-optional accept an optional table as a parameter. i really don;t see the problem. still, i will add [] just now, ok? jmc