> On 09/01/2024 17:45 EET Steve Button wrote:
>
>
> Hi,
>
>
>
> I have recently moved a dovecot installation from 2.2.36 on RHEL7.9 onto
> 2.3.20 on Amazon Linux 2023 and I'm now seeing the error message in the
> title relating to /usr/bin/checkpassword
Hi,
I have recently moved a dovecot installation from 2.2.36 on RHEL7.9 onto 2.3.20
on Amazon Linux 2023 and I'm now seeing the error message in the title relating
to /usr/bin/checkpassword (which doesn't exist on either). This is a project
that I've inherited, and I've never used dovecot
id_log = *) the information is directly logged by Dovecot as
> > such:
> > ID sent: name=Thunderbird, version=91.5.0
> >
> > My question is, Is it possible to export/set this information in a
> > checkpassword script or a postlogin script?
> > client_idIfimap_id_re
=91.5.0
>
> My question is, Is it possible to export/set this information in a
> checkpassword script or a postlogin script?
>
> client_id
> If imap_id_retain
> <https://doc.dovecot.org/settings/core/#core_setting-imap_id_retain> is
> enabled this variable is populated with th
Hello,
When extracting client_id information from the client connection (i.e.
setting imap_id_log = *) the information is directly logged by Dovecot
as such:
ID sent: name=Thunderbird, version=91.5.0
My question is, Is it possible to export/set this information in a
checkpassword script
> On 23/07/2021 01:22 Dan Conway wrote:
>
>
> Hello,
>
> I'm having issues with Dovecot translating "BDAT" commands (CHUNKING)
> into "DATA" commands when the backend does not support it in the
> submission service. I use "checkpasswo
Hello,
I'm having issues with Dovecot translating "BDAT" commands (CHUNKING)
into "DATA" commands when the backend does not support it in the
submission service. I use "checkpassword" to authenticate users and
judging by older mailing list entries the presence
Hello,
I use the checkpassword driver for imap/pop authentication.
To improve the performance I would like to enable authentication caching
for it.
However just adding the auth_cache_size and auth_cache_ttl doesn't work.
No entries are cached.
If I add a cache directive in the passdb
Hello,
Tuesday, March 19, 2019, 1:50:44 PM, I wrote:
NHvd> I've run into the issue detailed at
NHvd> https://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security
Just for clarity this is djb's checkpassword
--
Best regards,
Niamhmailto:ni...@fullbore.co.uk
Hello,
I've run into the issue detailed at
https://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security
Understandably I don't have the skills to modify checkpassword so if I do
the suggested will it work?
If you can't change the script, you can make Dovecot's checkpassword-reply
binary
I am trying to use the checkpassword authentication
(https://wiki.dovecot.org/AuthDatabase/CheckPassword)
I do have a working checkpassword program. The protocol expects to received on
fd 3 the
following:
usernamepasswordoptionalstuff
I find that this works properly and the program can
> On 17 Oct 2018, at 20.09, bes wrote:
>
> Refer to
> https://dovecot.org/pipermail/dovecot/2015-March/099971.html
> https://wiki.dovecot.org/PasswordDatabase
> I tried to repeat the same thing.
> Set these passdb:
>
> passdb {
> args = /myscript.sh i
After some debuging i expain that this happens only when the client
authentication method is CRAM-MD5
dovecot[5553]: auth: Debug:
checkpassword(login,192.168.99.128,<5/TM6XN4QOrAqGOA>): execute:
/myscript.sh ip=192.168.99.128
/usr/libexec/dovecot/checkpassword-reply
dovecot[5553]: auth:
Refer to
https://dovecot.org/pipermail/dovecot/2015-March/099971.html
https://wiki.dovecot.org/PasswordDatabase
I tried to repeat the same thing.
Set these passdb:
passdb {
args = /myscript.sh ip=%r
driver = checkpassword
result_failure = return-fail
result_success = continue
}
passdb
On 02/02/18 14:19, Mark Foley wrote:
> Script didn't run:
>
> File "/root/tmp/checkpwtest.py", line 8
> o?= with os.fdopen(DOVECOT_PW_FD, 'r') as s:
> ^
> SyntaxError: invalid syntax
Copy/paste error? The beginning of that line doesn't seem to be in the
original.
Richard
o Highway Patrol Retirement System
To: dovecot@dovecot.org
Subject: Re: AuthDatabase CheckPassword broken?
On Thu, 1 Feb 2018 10:02:10 +0200 Aki Tuomi <aki.tu...@dovecot.fi> wrote:
>
> On 01.02.2018 08:00, Mark Foley wrote:
> > I had been using the CheckPassword authentication interface wi
On Thu, 1 Feb 2018 10:02:10 +0200 Aki Tuomi <aki.tu...@dovecot.fi> wrote:
>
> On 01.02.2018 08:00, Mark Foley wrote:
> > I had been using the CheckPassword authentication interface with dovecot
> > 2.2.15,
> > https://wiki2.dovecot.org/AuthDatabase/Che
On 01.02.2018 08:00, Mark Foley wrote:
> I had been using the CheckPassword authentication interface with dovecot
> 2.2.15,
> https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working.
>
> After upgrading to 2.2.33.2 CheckPassword no longer works. The referenc
I had been using the CheckPassword authentication interface with dovecot
2.2.15,
https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working.
After upgrading to 2.2.33.2 CheckPassword no longer works. The referenced wiki
page says,
Checkpassword Interface
Read NUL NUL
ot;Migrate"
> to dovecot.
> I installed the package and configured the components necessary to me
> using as system autentication checkpassword.
> I have verified the checkpassword operation without the processor
> usage of Dovecot and is functioning.
> When you
me
using as system autentication checkpassword.
I have verified the checkpassword operation without the processor
usage of Dovecot and is functioning.
When you perform the tests with dovecot from the logs out these errors:
auth: Error: checkpassword(plutos,127.0.0.1,): Child
15375 died with
I figured out how to make checkpassword work. There is a problem with the
documentation. http://wiki2.dovecot.org/AuthDatabase/CheckPassword, under
'Security' says, "a. If possible, change the checkpassword to return userdb_uid
and userdb_gid extra fields instead of using setuid() and s
these problem are too
mundane
compared to CalDAV, sieve filtering and IPA to excite List interest? Come on
Dovecotters! Let's step up to the plate!
To follow up on my previous posting in this thread, I'm trying to get
checkpassword to work. I have confirmed that it is setting the environment
variables
I'm experimenting with checkpassword as an auth method for usedb and passdb
(http://wiki2.dovecot.org/AuthDatabase/CheckPassword). I've set up the userdb
and passdb *exactly* as the wiki suggests as the "standard way":
passdb {
driver = checkpassword
args = /user/util/bin/che
Hello,
does anybody knows what managesieve addon sets in SERVICE env when
autentificating to checkpassword?
thanks
Pete
On 2/2/2015 2:17 AM, Peter Hodur wrote:
Hello,
does anybody knows what managesieve addon sets in SERVICE env when
autentificating to checkpassword?
For authentication purposes sieve is used.
Regards,
Stephan.
I can#39;t
read source codes. But if a programmer reads this, and have a spare few
minutes, please be so kind to look at the dovecot#39;s source code, and if
finds out the memory limit of the checkpassword method (is it hard-coded, or it
could be changed in the config), please drop a few lines
Am 2014-06-05 19:33, schrieb a:
Hi. I am trying to authenticate dovecot from a wordpress database. I was thinking of using the checkpassword script to start a cli php script. That php script would then include the necessary wordpress functions, do the auth (find the wp username from user database
Hi. I am trying to authenticate dovecot from a wordpress database. I was
thinking of using the checkpassword script to start a cli php script. That php
script would then include the necessary wordpress functions, do the auth (find
the wp username from user database using the email address
OK, added: http://hg.dovecot.org/dovecot-2.2/rev/1e099feb1dea
On 3.5.2014, at 15.32, dovecot.pk...@dfgh.net wrote:
Dear dovecot maintainers:
I'm using SSL client certificates together with a checkpassword scripts
to authenticate our users.
My problem is: In the checkpassword script
Dear dovecot maintainers:
I'm using SSL client certificates together with a checkpassword scripts
to authenticate our users.
My problem is: In the checkpassword script the AUTH_USER environment
variable will either contain the username that was configured in the
mailclient
Hi everybody,
I'm using SSL client certificates or checkpassword scripts to authenticate
our users. If a user sent a client certificate from his smartcard my
checkpasswort will ignore the password, if he does not sent a client
certificate but uses his OTP-token then my checkwassword script
changed and now AUTH_USER always
contains the username. This has fatal consequences as now
every owner of a valid certificate can logon as any user.
Here are some more details of our setup:
We are using a checkpassword-Script that does the following:
1. Read Username and Password from file descriptor
versions). It dows NOT
contain the Dovecot auth_user-variable. Comparing
AUTH_USER with the username makes no sense in
a checkpassword-script
So here's my next question: How do I find out the original
username from within a chackpassword script after it has
been replaced by the x500UniqueIdentifier value
Hi,
I'm trying to use the checkpassword interface to do a password check and if
the check succeeds I mount the user home directory (including mail) using
the users login password and uid.
My password check seems to work, but when I add the home directory mounting
things seem to stop. Dovecot
Hi,
I'm trying to use the checkpassword interface to do a password check
and if the check succeeds I mount the user home directory (including
mail) using the users login password and uid.
Things work well if I do the mount manually, but when I add the home
directory mounting to checkpassword
On Mon, Nov 25, 2013 at 09:36:39AM +0700, Jouko Nikula wrote:
I'm trying to use the checkpassword interface to do a password check and if
the check succeeds I mount the user home directory (including mail) using
the users login password and uid.
May I ask why you mount the user directory
On Mon, Nov 25, 2013 at 10:57 AM, Kai Hendry hen...@dabase.com wrote:
May I ask why you mount the user directory? Couldn't it just be already
mounted and you simply use the PAM interface?
First of all, sorry about the double post. Yes I believe I could use
the PAM interface. It looks more
Hello,
Seeing as there are not too many Dovecot CheckPassword driver usage
examples on the Internet, I wrote one using Shell script.
You can see post about it here:
http://devblog.plesk.com/2013/11/shell-checkpassword-authentication-in-dovecot/.
The post also has a link to Mercurial repository
such systems anymore (at least where people would
want to run Dovecot).
Very optimistic assumption. Wouldn't it be safer to remove the password
from the environment? Anyone using checkpassword should use FD 3 and 4 for
this purpose. Environment variables and command line arguments are not safe
variables were readable to all users in the system, but
I doubt there exist such systems anymore (at least where people would
want to run Dovecot).
Very optimistic assumption. Wouldn't it be safer to remove the password
from the environment? Anyone using checkpassword should use FD 3 and 4
Timo wrote:
All the OSes made the environment private 10-15 years ago. I think it's
pretty safe to assume that older multiuser systems won't be running
Dovecot with checkpassword backend.
The checkpassword interface is used in many different ways:
I found checkpassword the easiest way
On 8.4.2013, at 13.42, Heiko Schlichting doveco...@fu-berlin.de wrote:
The checkpassword interface is used in many different ways:
I found checkpassword the easiest way to implement authentication against
FreeRADIUS. Using a perl script with
$input = IO::Handle-new_from_fd(3, r
Hi,
I'm writing a checkpassword script in order to support our OTP token
as a fallback for client certificate authentication. Here are two
questions:
1) It seems to me that the username and the password will be
delivered to my script both on file descriptor 3 and via the
environment variables
On 7.4.2013, at 14.30, dovecot.pk...@dfgh.net wrote:
I'm writing a checkpassword script in order to support our OTP token
as a fallback for client certificate authentication. Here are two
questions:
1) It seems to me that the username and the password will be
delivered to my script both
On 5.2.2013, at 14.53, Andy Dills a...@xecu.net wrote:
On Tue, 5 Feb 2013, Timo Sirainen wrote:
I think you need to remove doveadm_proxy_port from the backend
dovecot.conf. Then it doesn't perform the PASS lookup. But you also
should run doveadm via the proxy instance so that it gets run in
On Tue, 5 Feb 2013, Timo Sirainen wrote:
I think you need to remove doveadm_proxy_port from the backend
dovecot.conf. Then it doesn't perform the PASS lookup. But you also
should run doveadm via the proxy instance so that it gets run in the
correct server (doveadm -c /etc/dovecot/proxy.conf
We have a checkpassword authentication with mysql pre-fetch for the
userdb lookups.
When trying to do:
doveadm search -u andyt...@xecu.net mailbox Trash DELETED
I get:
doveadm(andyt...@xecu.net): Error: user andyt...@xecu.net: Auth PASS
lookup failed
doveadm(andyt...@xecu.net): Fatal: /var
On Mon, 2013-02-04 at 12:08 -0500, Andy Dills wrote:
We have a checkpassword authentication with mysql pre-fetch for the
userdb lookups.
When trying to do:
doveadm search -u andyt...@xecu.net mailbox Trash DELETED
I get:
doveadm(andyt...@xecu.net): Error: user andyt...@xecu.net
On Feb 4, 2013, at 8:56 PM, Timo Sirainen t...@iki.fi wrote:
On Mon, 2013-02-04 at 12:08 -0500, Andy Dills wrote:
We have a checkpassword authentication with mysql pre-fetch for the
userdb lookups.
When trying to do:
doveadm search -u andyt...@xecu.net mailbox Trash DELETED
I get
On Mon, 2013-02-04 at 21:16 -0500, Andy Dills wrote:
On Feb 4, 2013, at 8:56 PM, Timo Sirainen t...@iki.fi wrote:
On Mon, 2013-02-04 at 12:08 -0500, Andy Dills wrote:
We have a checkpassword authentication with mysql pre-fetch for the
userdb lookups.
When trying to do:
doveadm
On Tue, 5 Feb 2013, Timo Sirainen wrote:
So, I guess what you're saying is doveadm should be talking to the
proxy instance rather than the backend instance? I assume I need to
move the backend to a differently named config and make my proxy
instances live in dovecot.conf, so that
A few years back I hacked up a perl chkpassldap.pl script to
authenticate against ldap, and optionally authorize against groups
and/or ldap attributes. This works with both qmail and Dovecot, and it
also supports a somewhat generic method to alter the environment
suitable to use for Dovecot
Hi,
I'm trying to do a setup where IMAP and POP users see different INBOX'
Like described on the virtual folder wiki page:
http://wiki.dovecot.org/Plugins/Virtual
However, for now, I'm stuck with the checkpassword passdb and prefetch
userdb
So I can't parameterize the result on %s like
On 2011-01-27 14:04, Peter Mogensen wrote:
So I thought of having to different checkpassword scripts:
passdb checkpassword {
args = /usr/bin/checkpassword-%s
}
Arh.. .sorry.
I missed the SERVICE env variable.
/Peter
Nobody ?
This can be a dovecot bug ?
--
Emerson Pinter
Picture Internet
55 11 5089-8130
http://www.picture.com.br/
On Mon, 19 Apr 2010 14:27:22 -0300, Emerson Pinter
epin...@picturecorp.com.br wrote:
Hi.
I'm trying to use checkpassword for simple auth and masteruser auth.
I have two
Hi all,
I think I may be doing something wrong but, is it possible to proxy POP
and IMAP users when using a checkpassword script as the passdb?
I'm trying to write a perl script to handle authentication to a mix of SQL and
POP3 sources whilst logging user passwords at the same time
Roberts
Sent: 27 November 2009 10:36
To: dovecot@dovecot.org
Subject: [Dovecot] Proxy, using checkpassword
Hi all,
I think I may be doing something wrong but, is it possible to proxy POP
and IMAP users when using a checkpassword script as the passdb?
I'm trying to write a perl script
Hi,
im using a bash shell script for checkpassword and if i write:
exit 0
checkpassword doesnt authentificate the user. Ive also set the
environment variables USER and SHELL. What should i do?
On Thu, 2009-03-26 at 01:11 +0100, Muhammed Alat wrote:
Hi,
im using a bash shell script for checkpassword and if i write:
exit 0
checkpassword doesnt authentificate the user. Ive also set the
environment variables USER and SHELL. What should i do?
exit 0 is not the right way. Read how
Hi,
im a newbee using dovecot. I want to use checkpassword, but i've no idea
how to use it.
Can somebody post a script where i can see how to include a PHP file to
verify the password and user.
Im useing Dovecot 1.0.15 and somebody have canfigure for me
Checkpassword. There is an empty
Hi,
im a newbee using dovecot. I want to use checkpassword, but i've no idea
how to use it.
DoveCot is running and checking the passwords with a ldap server. But in
future we want to use a sql database, where the password and
userinformation is stored.
I want to use checkpassword
Hi,
ok, I'm am developing a new solution that includes dovecot, and will be
wanting to use the latest sieve implementation, so I have chosen to
start with 1.2 as the base.
I had a working install of 1.1.8 installed, and got a checkpassword
setup working properly with it to authenticate a user. I
On Mon, 2009-01-19 at 12:17 -0800, Tim Traver wrote:
Is it possible that checks for the return code from calling the
checkpassword script have changed between the versions??? I currently
exit the checkpassword script with _exit(0); to make the status 0 when
it is successful, and I also set
Timo Sirainen wrote:
On Mon, 2009-01-19 at 12:17 -0800, Tim Traver wrote:
Is it possible that checks for the return code from calling the
checkpassword script have changed between the versions??? I currently
exit the checkpassword script with _exit(0); to make the status 0 when
On Mon, 2009-01-19 at 14:51 -0800, Tim Traver wrote:
Timo Sirainen wrote:
On Mon, 2009-01-19 at 12:17 -0800, Tim Traver wrote:
Is it possible that checks for the return code from calling the
checkpassword script have changed between the versions??? I currently
exit the checkpassword
Durk Strooisma wrote:
Okay, thanks for verifying. What kind of scripting language would you
suggest for checkpassword instead?
Perl works for me. Extract from such script:
use constant CHECKPASSWORD_MAX_LEN = 512;
[...]
my $input = IO::Handle-new_from_fd(3, r);
if (not defined
read -d '\0' -r -u 3
You are missing the correct syntax to interpret backslash escapes here:
read -d $'\0' -r -u 3
will work.
Thanks a lot!! I was indeed missing the $ sign! And it is nicely documented
here:
http://www.gnu.org/software/bash/manual/bashref.html#ANSI_002dC-Quoting
I never
Thanks for the example and your info about fd4.
Durk
Durk Strooisma wrote:
Okay, thanks for verifying. What kind of scripting language would you
suggest for checkpassword instead?
Perl works for me. Extract from such script:
use constant CHECKPASSWORD_MAX_LEN = 512;
[...]
my
Hi all,
I'm trying to implement checkpassword authentication with a simple bash
script. In some way I can't get the password from file descriptor 3.
The start of script looks like this:
#!/bin/bash
read -d '\0' -r -u 3
USERNAME=${REPLY}
read -d '\0' -r -u 3
PASSWORD=${REPLY}
if [ -z
On Mon, 2009-01-12 at 18:31 +0100, Durk Strooisma wrote:
#!/bin/bash
read -d '\0' -r -u 3
Are you sure this is supposed to work? \0 character is an end-of-string
character in C language, and I wouldn't be surprised if read simply
didn't support it as delimiter.
signature.asc
Description:
On Mon, 2009-01-12 at 18:31 +0100, Durk Strooisma wrote:
#!/bin/bash
read -d '\0' -r -u 3
Are you sure this is supposed to work? \0 character is an end-of-string
character in C language, and I wouldn't be surprised if read simply
didn't support it as delimiter.
Well if I try to read
On Mon, 2009-01-12 at 20:54 +0100, Durk Strooisma wrote:
On Mon, 2009-01-12 at 18:31 +0100, Durk Strooisma wrote:
#!/bin/bash
read -d '\0' -r -u 3
Are you sure this is supposed to work? \0 character is an end-of-string
character in C language, and I wouldn't be surprised if read
sure Dovecot works right, and the problem is just that you
can't do with shell scripting what you're trying to (at least not this
way).
Okay, thanks for verifying. What kind of scripting language would you
suggest for checkpassword instead? Or should I just move on to C?
Durk
Hello Durk,
Am Montag, 12. Januar 2009 schrieb Durk Strooisma:
I'm trying to implement checkpassword authentication with a simple bash
script. In some way I can't get the password from file descriptor 3.
The start of script looks like this:
#!/bin/bash
read -d '\0' -r -u 3
You
Timo Sirainen [EMAIL PROTECTED] writes:
Hmm. auth-client.c is about performing authentication as a
client. What you're doing is about doing a userdb lookup and
connecting to dovecot-auth as a master. So different file, but I'm
not really sure about the name. Perhaps auth-master.c and
Timo Sirainen [EMAIL PROTECTED] writes:
On Wed, 2008-10-22 at 16:15 +0200, Sascha Wilde wrote:
Timo Sirainen [EMAIL PROTECTED] writes:
On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
Sascha Wilde [EMAIL PROTECTED] writes:
[userdb-checkpassword]
The code is now in dovecot-1.2 tree
Timo Sirainen [EMAIL PROTECTED] writes:
On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
Sascha Wilde [EMAIL PROTECTED] writes:
[userdb-checkpassword]
[...]
The code is now in dovecot-1.2 tree.
Unfortunately there is one tiny, but essential change missing:
diff -r afdc27e0b665 src/auth
Sascha Wilde [EMAIL PROTECTED] writes:
Timo Sirainen [EMAIL PROTECTED] writes:
On Wed, 2008-10-22 at 16:15 +0200, Sascha Wilde wrote:
There are more than 250LOC in deliver/auth-client.c and I wonder if
there is already a higher level api for auth clients? I would have
expected something like
On Thu, 2008-10-23 at 13:13 +0200, Sascha Wilde wrote:
Timo Sirainen [EMAIL PROTECTED] writes:
On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
Sascha Wilde [EMAIL PROTECTED] writes:
[userdb-checkpassword]
[...]
The code is now in dovecot-1.2 tree.
Unfortunately there is one tiny
On Thu, 2008-10-23 at 16:18 +0200, Sascha Wilde wrote:
1.) It seems that some code in deliver/auth-client.c has been revised
after it was copied to expire/auth-client.c, this is a small problem
as I would expect simply using the newer code to be the right
thing[tm].
Yes, I haven't
Timo Sirainen [EMAIL PROTECTED] writes:
On Thu, 2008-10-23 at 13:13 +0200, Sascha Wilde wrote:
Timo Sirainen [EMAIL PROTECTED] writes:
On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
Sascha Wilde [EMAIL PROTECTED] writes:
[userdb-checkpassword]
[...]
The code is now in dovecot-1.2 tree
Timo Sirainen [EMAIL PROTECTED] writes:
On Thu, 2008-10-23 at 16:18 +0200, Sascha Wilde wrote:
[...]
2.) The exported interface in the respective auth-client.h files is
different. The solution would be to figure out what the right
interface would be
[...]
Perhaps something like:
[api
:
[userdb-checkpassword]
[...]
The code is now in dovecot-1.2 tree.
Unfortunately there is one tiny, but essential change missing:
Oh. I guess I should have bothered to test it. :) I added the code to
main.c now instead. I'll try merging changes differently the next time.
Thanks
Sascha Wilde [EMAIL PROTECTED] writes:
Timo Sirainen [EMAIL PROTECTED] writes:
On Thu, 2008-10-23 at 16:18 +0200, Sascha Wilde wrote:
[...]
2.) The exported interface in the respective auth-client.h files is
different. The solution would be to figure out what the right
interface
On Oct 23, 2008, at 9:15 PM, Sascha Wilde wrote:
as lib-auth/auth-client.c already exists. Would it be a good idea to
put the new stuff in the same file? And in case not, any suggestions
what a new file could be named?
Hmm. auth-client.c is about performing authentication as a client.
On Wed, 2008-10-22 at 16:15 +0200, Sascha Wilde wrote:
Timo Sirainen [EMAIL PROTECTED] writes:
On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
Sascha Wilde [EMAIL PROTECTED] writes:
[userdb-checkpassword]
The code is now in dovecot-1.2 tree.
Thank you, that's great! The only thing
On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
Sascha Wilde [EMAIL PROTECTED] writes:
Timo Sirainen [EMAIL PROTECTED] writes:
[...]
All of this forces that the checkpassword script developer either
handles the AUTHORIZED environment correctly or it doesn't work at
all. And it prevents
Timo Sirainen [EMAIL PROTECTED] writes:
On Fri, 2008-10-17 at 19:04 +0200, Sascha Wilde wrote:
http://hg.intevation.org/kolab/dovecot-1.2_kolab-branch/
Timo, what would be needed to get the new back end upstream?
Some small things:
- rename checkpassword-common.c to db-checkpassword.c so
On Mon, 2008-10-20 at 17:26 +0200, Sascha Wilde wrote:
Currently the code handles only two cases: success and (any kind of)
error. The passdb-checkpassword stuff seems not to handle user
doesn't exist in any special way, so I don't see why the userdb
backend should
Timo Sirainen [EMAIL PROTECTED] writes:
On Mon, 2008-10-20 at 17:26 +0200, Sascha Wilde wrote:
Currently the code handles only two cases: success and (any kind of)
error. The passdb-checkpassword stuff seems not to handle user
doesn't exist in any special way, so I don't see why
On Oct 20, 2008, at 7:08 PM, Sascha Wilde wrote:
I understand the idea now, but see above: we need the (userdb only)
checkpassword script to follow our rules anyway, so instead of doing
magic to the environment and checking for this in checkpassword-
reply it
should be sufficient
Timo Sirainen [EMAIL PROTECTED] writes:
On Oct 20, 2008, at 7:08 PM, Sascha Wilde wrote:
I understand the idea now, but see above: we need the (userdb only)
checkpassword script to follow our rules anyway, so instead of doing
magic to the environment and checking for this in checkpassword
On Oct 20, 2008, at 8:00 PM, Sascha Wilde wrote:
My solution:
1. The userdb-only checkpassword script sees no AUTHORIZED in the
environment and returns with an exit code != 0[0]
You assume that the script actually checks this. There's no
requirement that a userdb-only script needs
Timo Sirainen [EMAIL PROTECTED] writes:
On Oct 20, 2008, at 8:00 PM, Sascha Wilde wrote:
My solution:
1. The userdb-only checkpassword script sees no AUTHORIZED in the
environment and returns with an exit code != 0[0]
You assume that the script actually checks this.
More than
On Oct 20, 2008, at 8:57 PM, Sascha Wilde wrote:
Timo Sirainen [EMAIL PROTECTED] writes:
On Oct 20, 2008, at 8:00 PM, Sascha Wilde wrote:
My solution:
1. The userdb-only checkpassword script sees no AUTHORIZED in the
environment and returns with an exit code != 0[0]
You assume
On Oct 20, 2008, at 10:40 PM, Timo Sirainen wrote:
Ever since I took these Human-Computer-Interfacing classes I've
started thinking about ways to make things more easier (and
foolproof). There was this one example about how difficult it was to
design a web page (about 10 years ago) that
As announced in MID [EMAIL PROTECTED] I wrote[0] a new
userdb back end, which uses a checkpassword like program to retrieve
user data.
This is needed to get computed user data without authentication for the
LDA or the yet to be implemented %%h variable in shared user folder
name spaces
On Fri, 2008-10-17 at 19:04 +0200, Sascha Wilde wrote:
The back end needs a special checkpassword program which follows the
qmail semantics but additionally provides the user data without password
verification when the environment variable AUTHORIZED is set.[1]
I have done some code cleanup
the stuff here:
http://hg.intevation.org/kolab/dovecot-1.2_kolab-branch/
The addition of child_wait and changes to passdb-checkpassword are in
changeset 53b57b123f74, the new userdb back end is in a4d3ea1e52bc.
Next steps will be cleaning up and documentation (at least in the sample
config).
cheers
1 - 100 of 120 matches
Mail list logo
