I've been fighting w/ courier and mysql for the day and a half, MySQL
authentication is not working. A few questions/comments:
1) I can not figure out how to enable any sort of reasonable debugging
within the auth daemon. Logging in via pop3 gives user failed errors;
I'm watching the MySQL log, the queries look perfectly valid (and work
when entered manually). I've tried all different kinds of queries, such
as:
795 Query SELECT user, "", password, '65534',
'65534', CONCAT('/var/spool/postfix/mailboxes/',
maildir), "", '10000', NULL FROM users
WHERE user = "[EMAIL PROTECTED]" AND (enabled=1)
720 Query SELECT user,password, '65534',
'65534', 'foo',
CONCAT('/var/spool/postfix/mailboxes/', maildir),
'', '1000', 'Courier User' FROM users
WHERE user = '[EMAIL PROTECTED]' AND enabled = '1'
They return values such as:
| [EMAIL PROTECTED] | | foo | 65534 | 65534 |
/var/spool/postfix/mailboxes/voxel.net/dilinger/Maildir/ |
| 10000 | NULL |
voxel@zero:/usr/lib/courier$ sudo ls -la
/var/spool/postfix/mailboxes/voxel.net/dilinger/Maildir
total 20
drwx------ 5 nobody nogroup 4096 Mar 16 20:18 .
drwx------ 3 nobody nogroup 4096 Mar 16 20:18 ..
drwx------ 2 nobody nogroup 4096 Mar 16 20:18 cur
drwx------ 2 nobody nogroup 4096 Mar 17 03:30 new
drwx------ 2 nobody nogroup 4096 Mar 17 03:30 tmp
voxel@zero:/usr/lib/courier$ nc localhost 110
+OK Hello there.
user [EMAIL PROTECTED]
+OK Password required.
pass foo
-ERR Login failed.
I've tried using plaintext; I've tried using mysql's PASSWORD() (I wrote
a patch which I'll describe later); I've tried stracing, I've tried
adding debugging fprintf's to the package source (I'm using debian
testing), rebuilding, and not getting any output other than the initial
"making connection to db". Does anyone have any ideas where I might
start looking, in an attempt to figure this out?
2) Is there any reason why the authlib/authmysql stuff uses its own
mechanisms for stripping, basically skipping over chars like "'",
instead of using mysql_escape_string (and therefore making it so
anything inserting usernames/passwords into the db needs to add the same
code)? Furthermore, was it a conscious design decision to make
read_env() reparse the config file over and over?
3) Would folks me interested in a patch to make authmysql support
mysql's PASSWORD() as an alternative to crypt(3)? Basically, the
authmysqlrc file that I have now differs in 2 parts:
##NAME: MYSQL_CRYPT_TYPE:0
#
# If using MYSQL_CRYPT_PWFIELD above, you must decide whether to use
# your system's crypt(3) function, or mysql's PASSWORD() function to
# encrypt passwords. Set MYSQL_CRYPT_TYPE to either 'system' or
# 'mysql'. By default, 'system' will be used.
MYSQL_CRYPT_TYPE mysql
##NAME: MYSQL_SELECT_CLAUSE:0
...
# There are three variables, which you can use. Substitution will be
# made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. These variables are:
# $(local_part) , $(domain) , and $(password)
#
...
# AND popbox.domain_name = '$(domain)' \
# AND popbox.domain_name = domain.domain_name \
# AND popbox.password_hash = PASSWORD('$(password)')
#
4) Is there a courier development list somewhere?
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
