Variable expansion in password eval can be useful to have a single
script accessing the keyring entry for the account / username+host.
password is still treated as a raw string. Using variables there
would only be useful if the password is a fixed string varying some
account detail (which is a bad practise), but would annoy (requiring
escaping) people with a % character on their password.
---
src/mpop.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/mpop.c b/src/mpop.c
index ce76b1e..51d90d6 100644
--- a/src/mpop.c
+++ b/src/mpop.c
@@ -2493,6 +2493,7 @@ int main(int argc, char *argv[])
account = lp->data;
if (!account->password && account->passwordeval)
{
+ account->passwordeval =
replace_account_variables(account->passwordeval, account);
if (get_password_eval(account->passwordeval,
&account->password, &errstr) != CONF_EOK)
{
--
2.1.1
------------------------------------------------------------------------------
Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer
Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports
Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper
Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer
http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk
_______________________________________________
mpop-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mpop-users
