Dani Crisan wrote:
>> > Hello,
>> > Jul 18 16:02:35 mail authdaemond: authmysql: trying this module
>> > Jul 18 16:02:35 mail authdaemond: SQL query: SELECT id, crypt, "", uid,
>> > gid, home, concat(home,'/',maildir), "", name, "" FROM users WHERE id =
>> > "[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>" AND (enabled=1)
>>
>> Does that query work correctly from, say, `mysql --batch
>> --user=the-value-configured-in-authmysqlrc --database=ditto
>> --execute='SELECT id, crypt, "", [...] AND (enabled=1)'`?
>>
>> > Jul 18 16:02:35 mail authdaemond: supplied password 'THIS PASSWORD IS
>> > CLEAR TEXT AND IT IS CORRECT' does not match encrypted password
>> > 'sdtrusfX0Jj66'
>>
>> Eh? I don't think that text is stored as your cleartext password.
>> Where is it from?
>
> The text 'THIS PASSWORD IS CLEAR TEXT AND IT IS CORRECT' I modified when
> writing the email...It was actually the password I was trying to
> authenticate as user [EMAIL PROTECTED] in clear text and it was correct.
Ooops, sorry. I got the qui pro quo after I posted. Sometimes I'm
pretty thick :-( (BTW, mind that posting the crypted form may enable
brute force attempts -a.k.a. dictionary attacks- of breaking that
password.)
Anyway, your query doesn't select a cleartext password field. Where
does it come from?
> Regarding the second issue:
> - first i did:
> # mysql --batch [EMAIL PROTECTED] --database=maildb --execute='SELECT
> id, crypt, "", uid,gid, home, concat(home,'/',maildir), "", name, ""
> FROM users WHERE id ="[EMAIL PROTECTED]"'
> ERROR 1044 (42000): Access denied for user ''@'localhost' to database
> 'maildb'
That's correct, MySQL server should not be accessed by the end user.
> - and then:
> # mysql --batch --user=mail --database=maildb --execute='SELECT id,
> crypt, "", uid,gid, home, concat(home,'/',maildir), "", name, "" FROM
> users WHERE id ="[EMAIL PROTECTED]"' -p
> ERROR 1064 (42000) at line 1: You have an error in your SQL syntax;
> check the manual that corresponds to your MySQL server version for the
> right syntax to use near '/,maildir), "", name, "" FROM users WHERE id
> ="[EMAIL PROTECTED]"' at line 1
That is a quote mismatch. Try replacing the concat part with
concat(home,"/",maildir) -the single quote was used by the shell.
Hello again,
First a successful login:
Jul 18 20:12:30 mail authdaemond: received auth request, service=imap,
authtype=login
Jul 18 20:12:30 mail authdaemond: authmysql: trying this module
Jul 18 20:12:30 mail authdaemond: SQL query: SELECT id, crypt, "", uid, gid,
home, concat(home,"/",maildir), "", name, "" FROM users WHERE id = "[EMAIL
PROTECTED]" AND (enabled=1)
Jul 18 20:12:30 mail authdaemond: password matches successfully
And this is a failed login:
Jul 18 20:11:00 mail authdaemond: received auth request, service=imap,
authtype=login
Jul 18 20:11:00 mail authdaemond: authmysql: trying this module
Jul 18 20:11:00 mail authdaemond: SQL query: SELECT id, crypt, "", uid, gid,
home, concat(home,"/",maildir), "", name, "" FROM users WHERE id = "[EMAIL
PROTECTED]" AND (enabled=1)
Jul 18 20:11:00 mail authdaemond: supplied password 'asd' does not match
encrypted password 'sdtrusfX0Jj66'
Both users were created the same in mysql then both have correct maildir
folders with permissions.
The failed login user is not a system user but this has nothing related since
they are virtual users.
Here is the output of the "select * from users":
id | name | uid | gid | home |
maildir | enabled | change_password | clear | crypt | quota |
procmailrc |spamassassinrc
[EMAIL PROTECTED] | dani crisan | 5000 | 5000 |
/var/spool/mail/virtual | dani/ | 1 | 1 | ChangeMe
| XdbSsa7ofFDNA
[EMAIL PROTECTED] | John Doe | 5000 | 5000 | /var/spool/mail/virtual |
john/ | 1 | 1 | VP4yejlipQDrQ | sdtrusfX0Jj66
I can see a difference in the "clear" field ....one is ChangeMe and one
VP4yejlipQDrQ
Any ideas?
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
