Mailing List Archive

extract email from tls_peerdn ?
Hello,

Using Exim 4.75, I am looking for the best method to extract the
emailAddress field from tls_peerdn variable.

For example, with my certificate, the SSL peer debug shows:
/C=FR/ST=Ille-et-Vilaine/O=Home/OU=Computing/CN=Nicolas KOWALSKI/emailAddress=niko@petole.demisel.net

I currently extract the emailAddress using a double extract, first by
choosing the last field (separated by /), then a simple extract using
emailAddress as key.

${extract{emailAddress}{${extract{-1}{/}{${tls_peerdn}}}}}

Obviously, this will fail if the /-separated last field is not the
emailAddress.

Thanks,
--
Nicolas

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: extract email from tls_peerdn ? [ In reply to ]
On 2011-10-27 at 16:28 +0200, Nicolas KOWALSKI wrote:
> /C=FR/ST=Ille-et-Vilaine/O=Home/OU=Computing/CN=Nicolas KOWALSKI/emailAddress=niko@petole.demisel.net

> ${extract{emailAddress}{${extract{-1}{/}{${tls_peerdn}}}}}
>
> Obviously, this will fail if the /-separated last field is not the
> emailAddress.

How about:
${filter {</ $tls_peerdn}{eqi{${substr_0_13:$item}}{emailAddress=}}}

?

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: extract email from tls_peerdn ? [ In reply to ]
> From: Nicolas KOWALSKI

> For example, with my certificate, the SSL peer debug shows:
> /C=FR/ST=Ille-et-Vilaine/O=Home/OU=Computing/CN=Nicolas KOWALSKI/emailAddress=niko@petole.demisel.net
>
> I currently extract the emailAddress using a double extract, first by
> choosing the last field (separated by /), then a simple extract using
> emailAddress as key.
>
> ${extract{emailAddress}{${extract{-1}{/}{${tls_peerdn}}}}}
>
> Obviously, this will fail if the /-separated last field is not the
> emailAddress.

${extract{emailAddress}{$sg{$tls_peerdn}{/}{ }}}

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: extract email from tls_peerdn ? [ In reply to ]
On Fri, Oct 28, 2011 at 12:16:34AM -0400, Phil Pennock wrote:
> On 2011-10-27 at 16:28 +0200, Nicolas KOWALSKI wrote:
> > /C=FR/ST=Ille-et-Vilaine/O=Home/OU=Computing/CN=Nicolas KOWALSKI/emailAddress=niko@petole.demisel.net
>
> > ${extract{emailAddress}{${extract{-1}{/}{${tls_peerdn}}}}}
> >
> > Obviously, this will fail if the /-separated last field is not the
> > emailAddress.
>
> How about:
> ${filter {</ $tls_peerdn}{eqi{${substr_0_13:$item}}{emailAddress=}}}

Thanks for your reply.

I tried, but the 'emailAddress' string is not removed from the result.
Not sure why.

--
Nicolas

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: extract email from tls_peerdn ? [ In reply to ]
On Fri, Oct 28, 2011 at 8:27 AM, Nicolas KOWALSKI
<nicolas.kowalski@gmail.com> wrote:
>> > ${extract{emailAddress}{${extract{-1}{/}{${tls_peerdn}}}}}
>> How about:
>>   ${filter {</ $tls_peerdn}{eqi{${substr_0_13:$item}}{emailAddress=}}}
> I tried, but the 'emailAddress' string is not removed from the result.
> Not sure why.

Try Lena's method in the subsequent post. It allows for the order to
change and does the same type of extract command that you're used to.

Regards... Todd
--
If Americans could eliminate sugary beverages, potatoes, white bread,
pasta, white rice and sugary snacks, we would wipe out almost all the
problems we have with weight and diabetes and other metabolic
diseases. -- Dr. Walter Willett, Harvard School of Public Health

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: extract email from tls_peerdn ? [ In reply to ]
On Fri, Oct 28, 2011 at 03:14:12PM +0300, Lena@lena.kiev.ua wrote:
> > For example, with my certificate, the SSL peer debug shows:
> > /C=FR/ST=Ille-et-Vilaine/O=Home/OU=Computing/CN=Nicolas KOWALSKI/emailAddress=niko@petole.demisel.net
> >
> > I currently extract the emailAddress using a double extract, first by
> > choosing the last field (separated by /), then a simple extract using
> > emailAddress as key.
> >
> > ${extract{emailAddress}{${extract{-1}{/}{${tls_peerdn}}}}}
> >
> > Obviously, this will fail if the /-separated last field is not the
> > emailAddress.
>
> ${extract{emailAddress}{$sg{$tls_peerdn}{/}{ }}}

Thanks for your help Lena, I will try your solution.

--
Nicolas

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/