From 1bc70e549938fe8e3c4c33230726ac6cdacd575e Mon Sep 17 00:00:00 2001
From: root
Date: Tue, 28 Mar 2017 14:11:45 +0200
Subject: Configure local authenticator

---
 conf.d/070_authenticators.conf | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

(limited to 'conf.d')

diff --git a/conf.d/070_authenticators.conf b/conf.d/070_authenticators.conf
index 0d7bc9c..adc08c2 100644
--- a/conf.d/070_authenticators.conf
+++ b/conf.d/070_authenticators.conf
@@ -27,12 +27,13 @@ begin authenticators
 # use $auth2 as a lookup key, and compare $auth3 against the result of the
 # lookup, perhaps using the crypteq{}{} condition.
 
-#PLAIN:
-#  driver                     = plaintext
-#  server_set_id              = $auth2
-#  server_prompts             = :
-#  server_condition           = Authentication is not yet configured
-#  server_advertise_condition = ${if def:tls_in_cipher }
+PLAIN:
+  driver                     = plaintext
+  public_name                = PLAIN
+  server_prompts             = :
+  server_set_id              = $auth2
+  server_condition           = ${if crypteq{$auth3}{${lookup{$auth2}lsearch{USERLIST}}} {yes}{no}}
+  server_advertise_condition = ${if ={587}{$interface_port} {yes}{no}}
 
 # LOGIN authentication has traditional prompts and responses. There is no
 # authorization ID in this mechanism, so unlike PLAIN the username and
-- 
cgit v1.2.3