the DB_UNKNOWN option. This enables it to handle any of the types of database
that the library supports, and can be useful for accessing DBM files created by
other applications. (For earlier DB versions, DB_HASH is always used.)
+.new
+.next
+.cindex "lookup" "dbmjz"
+.cindex "lookup" "dbm &-- embedded NULs"
+.cindex "sasldb2"
+.cindex "dbmjz lookup type"
+&(dbmjz)&: This is the same as &(dbm)&, except that the lookup key is
+interpreted as an Exim list; the elements of the list are joined together with
+ASCII NUL characters to form the lookup key. An example usage would be to
+authenticate incoming SMTP calls using the passwords from Cyrus SASL's
+&_/etc/sasldb2_& file with the &(gsasl)& authenticator or Exim's own
+&(cram_md5)& authenticator.
+.wen
.next
.cindex "lookup" "dbmnz"
.cindex "lookup" "dbm &-- terminating zero"
.cindex "binary zero" "in lookup key"
.cindex "Courier"
.cindex "&_/etc/userdbshadow.dat_&"
-.cindex "dmbnz lookup type"
+.cindex "dbmnz lookup type"
&(dbmnz)&: This is the same as &(dbm)&, except that a terminating binary zero
is not included in the key that is passed to the DBM library. You may need this
if you want to look up data in files that are created by or shared with some
Note that this expansion explicitly forces failure if the lookup fails
because &$auth1$& contains an unknown user name.
+.new
+As another example, if you wish to re-use a Cyrus SASL sasldb2 file without
+using the relevant libraries, you need to know the realm to specify in the
+lookup and then ask for the &"userPassword"& attribute for that user in that
+realm, with:
+.code
+cyrusless_crammd5:
+ driver = cram_md5
+ public_name = CRAM-MD5
+ server_secret = ${lookup{$auth1:mail.example.org:userPassword}\
+ dbmjz{/etc/sasldb2}}
+ server_set_id = $auth1
+.endd
+.wen
.section "Using cram_md5 as a client" "SECID177"
.cindex "options" "&(cram_md5)& authenticator (client)"
identifier; this is analogous to FTP anonymous authentication passing an
email address, or software-identifier@, as the "password".
+
+An example showing the password having the realm specified in the callback
+and demonstrating a Cyrus SASL to GSASL migration approach is:
+.code
+gsasl_cyrusless_crammd5:
+ driver = gsasl
+ public_name = CRAM-MD5
+ server_realm = imap.example.org
+ server_password = ${lookup{$auth1:$auth3:userPassword}\
+ dbmjz{/etc/sasldb2}{$value}fail}
+ server_set_id = ${quote:$auth1}
+ server_condition = yes
+.endd
+
.wen
. ////////////////////////////////////////////////////////////////////////////
static void *
dbmdb_open(uschar *filename, uschar **errmsg)
{
-EXIM_DB *yield;
+EXIM_DB *yield = NULL;
EXIM_DBOPEN(filename, O_RDONLY, 0, &yield);
if (yield == NULL)
{
+/*************************************************
+* Find entry point - zero-joined list key *
+*************************************************/
+
+/*
+ * The parameter passed as a key is a list in normal Exim list syntax.
+ * The elements of that list are joined together on NUL, with no trailing
+ * NUL, to form the key.
+ */
+
+static int
+dbmjz_find(void *handle, uschar *filename, uschar *keystring, int length,
+ uschar **result, uschar **errmsg, BOOL *do_cache)
+{
+uschar *key_item, *key_buffer, *key_p;
+uschar *key_elems = keystring;
+int buflen, bufleft, key_item_len, sep = 0;
+
+/* To a first approximation, the size of the lookup key needs to be about,
+or less than, the length of the delimited list passed in + 1. */
+
+buflen = length + 3;
+key_buffer = store_get(buflen);
+
+key_buffer[0] = '\0';
+
+key_p = key_buffer;
+bufleft = buflen;
+
+/* In all cases of an empty list item, we can set 1 and advance by 1 and then
+pick up the trailing NUL from the previous list item, EXCEPT when at the
+beginning of the output string, in which case we need to supply that NUL
+ourselves. */
+while ((key_item = string_nextinlist(&key_elems, &sep, key_p, bufleft)) != NULL)
+ {
+ key_item_len = Ustrlen(key_item) + 1;
+ if (key_item_len == 1)
+ {
+ key_p[0] = '\0';
+ if (key_p == key_buffer)
+ {
+ key_p[1] = '\0';
+ key_item_len += 1;
+ }
+ }
+
+ bufleft -= key_item_len;
+ if (bufleft <= 0)
+ {
+ /* The string_nextinlist() will stop at buffer size, but we should always
+ have at least 1 character extra, so some assumption has failed. */
+ *errmsg = string_copy(US"Ran out of buffer space for joining elements");
+ return DEFER;
+ }
+ key_p += key_item_len;
+ }
+
+if (key_p == key_buffer)
+ {
+ *errmsg = string_copy(US"empty list key");
+ return FAIL;
+ }
+
+/* We do not pass in the final NULL; if needed, the list should include an
+empty element to put one in. Boundary: key length 1, is a NULL */
+key_item_len = key_p - key_buffer - 1;
+
+DEBUG(D_lookup) debug_printf("NUL-joined key length: %d\n", key_item_len);
+
+/* beware that dbmdb_find() adds 1 to length to get back terminating NUL, so
+because we've calculated the real length, we need to subtract one more here */
+return dbmdb_find(handle, filename,
+ key_buffer, key_item_len - 1,
+ result, errmsg, do_cache);
+}
+
+
+
/*************************************************
* Close entry point *
*************************************************/
NULL /* no version reporting (redundant) */
};
+lookup_info dbmjz_lookup_info = {
+ US"dbmjz", /* lookup name */
+ lookup_absfile, /* uses absolute file name */
+ dbmdb_open, /* sic */ /* open function */
+ dbmdb_check, /* sic */ /* check function */
+ dbmjz_find, /* find function */
+ dbmdb_close, /* sic */ /* close function */
+ NULL, /* no tidy function */
+ NULL, /* no quoting function */
+ NULL /* no version reporting (redundant) */
+};
+
#ifdef DYNLOOKUP
#define dbmdb_lookup_module_info _lookup_module_info
#endif
-static lookup_info *_lookup_list[] = { &dbm_lookup_info, &dbmz_lookup_info };
-lookup_module_info dbmdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 2 };
+static lookup_info *_lookup_list[] = { &dbm_lookup_info, &dbmz_lookup_info, &dbmjz_lookup_info };
+lookup_module_info dbmdb_lookup_module_info = { LOOKUP_MODULE_INFO_MAGIC, _lookup_list, 3 };
/* End of lookups/dbmdb.c */
git://git.exim.org / users / heiko / exim.git / commitdiff