Re: AuthDatabase CheckPassword broken?

2018-02-01 Thread Richard Hector 
On 02/02/18 14:19, Mark Foley wrote:
> Script didn't run:
> 
>   File "/root/tmp/checkpwtest.py", line 8
> o?= with os.fdopen(DOVECOT_PW_FD, 'r') as s:
> ^
> SyntaxError: invalid syntax

Copy/paste error? The beginning of that line doesn't seem to be in the
original.

Richard

Re: AuthDatabase CheckPassword broken?

2018-02-01 Thread Mark Foley 
Script didn't run:

  File "/root/tmp/checkpwtest.py", line 8
o?= with os.fdopen(DOVECOT_PW_FD, 'r') as s:
^
SyntaxError: invalid syntax

--Mark

-Original Message-
From: Mark Foley <mfo...@ohprs.org>
Date: Thu, 01 Feb 2018 15:34:15 -0500
Organization: Ohio Highway Patrol Retirement System
To: dovecot@dovecot.org
Subject: Re: AuthDatabase CheckPassword broken?

On Thu, 1 Feb 2018 10:02:10 +0200 Aki Tuomi <aki.tu...@dovecot.fi> wrote:
>
> On 01.02.2018 08:00, Mark Foley wrote:
> > I had been using the CheckPassword authentication interface with dovecot 
> > 2.2.15, 
> > https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working.
> >
> > After upgrading to 2.2.33.2 CheckPassword no longer works. The referenced 
> > wiki page says, 
> >
> > Checkpassword Interface
> >
> > Read  NUL  NUL from fd 3. 
> >
> > I've checked the information read from fd 3 with 2.2.33.2 and I get 
> >  followed by 3
> > nulls. I'm guessing the 2nd null is supposed to be the password.
> >
> > Why is this no longer working? How can I fix it?
> >
> > THX --Mark
> Our CI has test
>
> #!/usr/bin/env python
> # -*- coding: utf-8 -*-
> import os, sys
>
> DOVECOT_PW_FD = 3
>
> def checkPassword():
>   with os.fdopen(DOVECOT_PW_FD, 'r') as s:
>     data = s.read().split("\0")
>     if data[0] != "testuser" or data[1] != "pass":
>   return False
>     os.environ["USER"] = data[0]
>     os.environ["EXTRA"] = "userdb_uid=vmail userdb_gid=vmail"
>   return True
>
> if __name__ == "__main__":
>   if not checkPassword():
>     sys.exit(1)
>   os.execv(sys.argv[1], sys.argv[1:])
>
> And it seems to work.
>
> Aki

Thanks for the script. I'm testing this on a production system, so I'll have to 
wait until
after business hours to test. Meanwhile, not being a python wizard, I have a 
couple of
questions.

I have to run this script as my passdb { args } parameter, right?

On the line where it is checking for "testuser" and password "test", I assume 
that if I want to
use a configured user I can just change these, right?

Likewise with "userdb_uid=vmail userdb_gid=vmail", what are these? UID/GID of 
the user?

Is there a way in python to output the values in data[0] and data[1] to a file 
so I can see
what's actually received? If after the 'split' line I added:

f = open("/tmp/checkpassword.log","a")
f.write("Name: " + data[0] + ", PW: " + data[1])
f.close()

Would that work?

--THX Mark

Re: AuthDatabase CheckPassword broken?

2018-02-01 Thread Mark Foley 
On Thu, 1 Feb 2018 10:02:10 +0200 Aki Tuomi  wrote:
>
> On 01.02.2018 08:00, Mark Foley wrote:
> > I had been using the CheckPassword authentication interface with dovecot 
> > 2.2.15, 
> > https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working.
> >
> > After upgrading to 2.2.33.2 CheckPassword no longer works. The referenced 
> > wiki page says, 
> >
> > Checkpassword Interface
> >
> > Read  NUL  NUL from fd 3. 
> >
> > I've checked the information read from fd 3 with 2.2.33.2 and I get 
> >  followed by 3
> > nulls. I'm guessing the 2nd null is supposed to be the password.
> >
> > Why is this no longer working? How can I fix it?
> >
> > THX --Mark
> Our CI has test
>
> #!/usr/bin/env python
> # -*- coding: utf-8 -*-
> import os, sys
>
> DOVECOT_PW_FD = 3
>
> def checkPassword():
>   with os.fdopen(DOVECOT_PW_FD, 'r') as s:
>     data = s.read().split("\0")
>     if data[0] != "testuser" or data[1] != "pass":
>   return False
>     os.environ["USER"] = data[0]
>     os.environ["EXTRA"] = "userdb_uid=vmail userdb_gid=vmail"
>   return True
>
> if __name__ == "__main__":
>   if not checkPassword():
>     sys.exit(1)
>   os.execv(sys.argv[1], sys.argv[1:])
>
> And it seems to work.
>
> Aki

Thanks for the script. I'm testing this on a production system, so I'll have to 
wait until
after business hours to test. Meanwhile, not being a python wizard, I have a 
couple of
questions.

I have to run this script as my passdb { args } parameter, right?

On the line where it is checking for "testuser" and password "test", I assume 
that if I want to
use a configured user I can just change these, right?

Likewise with "userdb_uid=vmail userdb_gid=vmail", what are these? UID/GID of 
the user?

Is there a way in python to output the values in data[0] and data[1] to a file 
so I can see
what's actually received? If after the 'split' line I added:

f = open("/tmp/checkpassword.log","a")
f.write("Name: " + data[0] + ", PW: " + data[1])
f.close()

Would that work?

--THX Mark

Re: AuthDatabase CheckPassword broken?

2018-02-01 Thread Aki Tuomi 


On 01.02.2018 08:00, Mark Foley wrote:
> I had been using the CheckPassword authentication interface with dovecot 
> 2.2.15, 
> https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working.
>
> After upgrading to 2.2.33.2 CheckPassword no longer works. The referenced 
> wiki page says, 
>
> Checkpassword Interface
>
> Read  NUL  NUL from fd 3. 
>
> I've checked the information read from fd 3 with 2.2.33.2 and I get 
>  followed by 3
> nulls. I'm guessing the 2nd null is supposed to be the password.
>
> Why is this no longer working? How can I fix it?
>
> THX --Mark
Our CI has test

#!/usr/bin/env python
# -*- coding: utf-8 -*-
import os, sys

DOVECOT_PW_FD = 3

def checkPassword():
  with os.fdopen(DOVECOT_PW_FD, 'r') as s:
    data = s.read().split("\0")
    if data[0] != "testuser" or data[1] != "pass":
  return False
    os.environ["USER"] = data[0]
    os.environ["EXTRA"] = "userdb_uid=vmail userdb_gid=vmail"
  return True

if __name__ == "__main__":
  if not checkPassword():
    sys.exit(1)
  os.execv(sys.argv[1], sys.argv[1:])

And it seems to work.

Aki

AuthDatabase CheckPassword broken?

2018-01-31 Thread Mark Foley 
I had been using the CheckPassword authentication interface with dovecot 
2.2.15, 
https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working.

After upgrading to 2.2.33.2 CheckPassword no longer works. The referenced wiki 
page says, 

Checkpassword Interface

Read  NUL  NUL from fd 3. 

I've checked the information read from fd 3 with 2.2.33.2 and I get  
followed by 3
nulls. I'm guessing the 2nd null is supposed to be the password.

Why is this no longer working? How can I fix it?

THX --Mark