Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#66894 - [exim] Exim 4.94 needs patch to work with PAM
Attached to Project:
Community Packages
Opened by Caleb Maclennan (alerque) - Thursday, 04 June 2020, 11:10 GMT
Last edited by Felix Yan (felixonmars) - Sunday, 14 June 2020, 10:32 GMT
Opened by Caleb Maclennan (alerque) - Thursday, 04 June 2020, 11:10 GMT
Last edited by Felix Yan (felixonmars) - Sunday, 14 June 2020, 10:32 GMT
|
DetailsThe recent update to Exim 4.94 brought with it a nasty upstream bug: https://bugs.exim.org/show_bug.cgi?id=2587
The short version is that PLAIN authentication can no longer use PAM authentication at all. A normal use case (copied from Arch's default config plus the exim documented method of using PAM: ``` PLAIN: driver = plaintext server_set_id = $auth2 server_prompts = : server_condition = ${if pam{$auth2:${sg{$auth3}{:}{::}}}} server_advertise_condition = ${if def:tls_in_cipher } ``` This will fail to authenticate anybody. The syslog will just have entries like this: > Jun 04 11:08:45 iguana exim[434535]: 2020-06-04 11:08:45 Taint mismatch, string_nextinlist: auth_call_pam 158 A partial mitigation is that LOGIN authentication works (with the adjusted variable numbering of course). The upstream bug report has a patch, but exim is not quick to get releases out. I suggest applying this patch to the arch packaging right away. |
This task depends upon
Closed by Felix Yan (felixonmars)
Sunday, 14 June 2020, 10:32 GMT
Reason for closing: Implemented
Additional comments about closing: 4.94-2
Sunday, 14 June 2020, 10:32 GMT
Reason for closing: Implemented
Additional comments about closing: 4.94-2
Comment by Caleb Maclennan (alerque) -
Thursday, 04 June 2020, 11:30 GMT
Here is a direct link to the patch that is needed: https://github.com/Exim/exim/commit/f7f933a199be8bb7362c715e0040545b514cddca.patch