Hello,
"doveadm auth user password" may be scripted without a glitch.
But this comes with the usual problem of a "ps" command showing the password,
which may be especially annoying in case of a single-letter typo: the almost
correct password is then visible for about two seconds...
Clearing the password argument (zeroing it) in doveadm-auth.c, in the hope to
reduce the window during which the password may be catched, didn't prove
successful.
"doveadm auth user" could be an alternative, but it imperatively requires a
tty, which may not always easily nor efficiently be available in a scripting
environment.
I thus ended with this very quick and dirty hack (I guess this should be named
that way):
--- askpass.original.c 2010-05-31 18:36:52.000000000 +0200
+++ askpass.c 2010-11-27 19:12:03.000000000 +0100
@@ -16,8 +16,24 @@
char ch;
int fd;
+ // A very crude attempt... this supposes that STDIN not being a tty
+ // may never happen outside of "doveadm auth", and that STDIN will
+ // always be clean.
+ //if (!isatty(STDIN_FILENO))
+ // i_fatal("stdin isn't a TTY");
if (!isatty(STDIN_FILENO))
- i_fatal("stdin isn't a TTY");
+ {
+ pos = 0;
+ while (read(STDIN_FILENO, &ch, 1) > 0) {
+ if (pos >= buf_size-1)
+ break;
+ if (ch == '\n' || ch == '\r')
+ break;
+ buf[pos++] = ch;
+ }
+ buf[pos] = '\0';
+ return;
+ }
fputs(prompt, stderr);
fflush(stderr);
but this for sure must overlook a lot of things.
What would be the best way to achieve a scriptable "doveadm auth", say through
php's proc_open(), without possibly compromise passwords?
TIA,
Axel
