Re: [Dovecot] Combination of default domain and username character translation problem in POP3 server configuration
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thu, 19 Nov 2009, Javier Vico Egea wrote:
In that case it works perfect but my problem are all the users using the old
vm-pop3 configuration with XXX!mysecondarydomain.es
Yep, I just wanted confirmation :)
There is currently no way to change this behaviour by configuration, but
src/auth/auth-request.c
contains function auth_request_fix_username():
The default domain is appended, before the character translation takes
place.
if (strchr(username, '@') == NULL &&
request->auth->default_realm != NULL) {
user = p_strconcat(request->pool, username, "@",
request->auth->default_realm, NULL);
} else {
user = p_strdup(request->pool, username);
}
for (p = (unsigned char *)user; *p != '\0'; p++) {
if (request->auth->username_translation[*p & 0xff] != 0)
*p = request->auth->username_translation[*p &
0xff];
if (request->auth->username_chars[*p & 0xff] == 0) {
*error_r = t_strdup_printf(
"Username contains disallowed character: "
"0x%02x", *p);
return NULL;
}
}
=
I would change the first if() into:
=
if (strchr(username, '@') == NULL &&
strchr(username, '!') == NULL &&
request->auth->default_realm != NULL) {
=
Note the strchr() in the second line. The default domain is
not appended, if either an Ad sign or exclamation mark is
present in the username.
Maybe, you ask Timo to have a way to conditionally let replace
a set of characters into '@' before this check.
Regards,
- --
Steffen Kaiser
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBSwVYSnWSIuGy1ktrAQI/4gf/TFGCcTnIaxWsZiRFi/P0iSr0uyPdFP8+
dQMgAVkYYt/sP7PH28vZbMHHtiBtIb7T3FTiuNclXXZcLrfj3NX3zf8XfNFknd4j
BzcghW+wE+2I9v4O5/WmKRD79herBCGOTnswOMcRk9zPrIL2lEjuDhOFsePQXjTI
IYBybQx+EebAYRUwtVgUc1leQtaD02QtFLLM2EbIbIbNhnYLaOr6+YQs2Ghi6LpL
MAbfsRh00L/AmY5NNXZUPK2UKpTyppBxVMwwv+K12FqABzs6PAdQz8LpdwqrRDOX
7Raze+KD4U9M9imLVgcD8dgdRnl6wGQJnTFiA0kgb0fyEqk/pL/tpg==
=KieQ
-END PGP SIGNATURE-
Re: [Dovecot] Combination of default domain and username character translation problem in POP3 server configuration
In that case it works perfect but my problem are all the users using the old vm-pop3 configuration with XXX!mysecondarydomain.es Thank you for your interest. -Mensaje original- De: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] Enviado el: jueves, 19 de noviembre de 2009 14:47 Para: dovecot@dovecot.org CC: dovecot@dovecot.org Asunto: Re: [Dovecot] Combination of default domain and username character translation problem in POP3 server configuration -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 19 Nov 2009, Javier Vico Egea wrote: > auth default: > default_realm: myprincipaldomain.es > username_chars: > abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz01234567890...@! > username_translation: !@ > passdb: >driver: passwd-file >args: /etc/virtual/%d/passwd Hmm, what happens, if you login with: pru...@mysecondarydomain.es ? Note the @ Does it work? > userdb: >driver: static >args: uid=500 gid=500 home=/var/spool/virtual/%d Each use should have an unique home dir, I think. Regards, - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSwVMWXWSIuGy1ktrAQIRiggArndG34u+zfOU41LXb8Nj6A5UMQ8o1cMv P8Ax+uKXyo9b7kae5N+ZeMkiVVMiALmMr6e7HJeKbTUdl6CFVc+Wa0TBdlpNVEJ0 d49A4IetnfVSWlfu21VR5hpenpsNE2E8JRHQ5Mb0eBaEFneT/VEk2YB7WfsmsvbF pS2gXhnBl1q8x+VtC/y5fyYB/P8urQU8wwdVTb809fLxUuMVDEUC77bHtXBtRHYT C0mF3ZyRmh3vFLwBb6e7VwhWkttbKlAzO7lsfNujEqA0dpjzeA+qOw+A2JmyH6sl ZTFpDWc/jv12+7m+AJB46CsPeKZ8/cfFVITni6G7aBrmGPseIVF3+w== =il6+ -END PGP SIGNATURE-
Re: [Dovecot] Combination of default domain and username character translation problem in POP3 server configuration
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 19 Nov 2009, Javier Vico Egea wrote: auth default: default_realm: myprincipaldomain.es username_chars: abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz01234567890...@! username_translation: !@ passdb: driver: passwd-file args: /etc/virtual/%d/passwd Hmm, what happens, if you login with: pru...@mysecondarydomain.es ? Note the @ Does it work? userdb: driver: static args: uid=500 gid=500 home=/var/spool/virtual/%d Each use should have an unique home dir, I think. Regards, - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSwVMWXWSIuGy1ktrAQIRiggArndG34u+zfOU41LXb8Nj6A5UMQ8o1cMv P8Ax+uKXyo9b7kae5N+ZeMkiVVMiALmMr6e7HJeKbTUdl6CFVc+Wa0TBdlpNVEJ0 d49A4IetnfVSWlfu21VR5hpenpsNE2E8JRHQ5Mb0eBaEFneT/VEk2YB7WfsmsvbF pS2gXhnBl1q8x+VtC/y5fyYB/P8urQU8wwdVTb809fLxUuMVDEUC77bHtXBtRHYT C0mF3ZyRmh3vFLwBb6e7VwhWkttbKlAzO7lsfNujEqA0dpjzeA+qOw+A2JmyH6sl ZTFpDWc/jv12+7m+AJB46CsPeKZ8/cfFVITni6G7aBrmGPseIVF3+w== =il6+ -END PGP SIGNATURE-
Re: [Dovecot] Combination of default domain and username character translation problem in POP3 server configuration
On 11/19/2009, Javier Vico Egea (j.v...@dipualba.es) wrote: > # 1.0.7: /etc/dovecot.conf Not that this is the cause of your problem, but you do need to upgrade...
Re: [Dovecot] Combination of default domain and username character translation problem in POP3 server configuration
Here is the configuration: # 1.0.7: /etc/dovecot.conf protocols: pop3 listen: *:10100 login_dir: /var/run/dovecot/login login_executable: /usr/libexec/dovecot/pop3-login login_greeting: Bienvenido al servidor de correo. login_log_format_elements: user=<%u> method=%m rip=%r lip=%l %c domain=%d nombre=%d mail_location: mbox:~/mail:INBOX=/var/spool/virtual/%d/%n mail_debug: yes mail_executable: /usr/libexec/dovecot/pop3 mail_plugin_dir: /usr/lib/dovecot/pop3 auth default: default_realm: myprincipaldomain.es username_chars: abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz01234567890...@! username_translation: !@ verbose: yes debug: yes debug_passwords: yes passdb: driver: passwd-file args: /etc/virtual/%d/passwd userdb: driver: static args: uid=500 gid=500 home=/var/spool/virtual/%d -Mensaje original- De: Steffen Kaiser [mailto:skdove...@smail.inf.fh-brs.de] Enviado el: jueves, 19 de noviembre de 2009 11:35 Para: dovecot@dovecot.org CC: dovecot@dovecot.org Asunto: Re: [Dovecot] Combination of default domain and username character translation problem in POP3 server configuration -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 19 Nov 2009, Vico wrote: What's your configuration, dovecot -n ? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSwUfPXWSIuGy1ktrAQJQdwgAgDXYD2a6/z/UERJDe77DFUVswu2/IEnv v5beC9I+/zXbSQxotLV1EWTXnOcmV/3OjHvqGzYcjWgOZauUCoq5s/kAhQPfptTA bPIvfyUE1I9SrsANzfkse5LfmzE8vXPqVkszSIRBY9sWDZCXL3VuWHufnWb+fRIz /y4nLz6/mo6ETMEK5kwI7B54pXcXINzo55dNJMIQXnl9w40cFTqkhKfCCYXHgx+o f03f/Qpz4DLo7Ap45/xaSWRj1Ve+6APxdhMicVt1rRx2DhrEbaDnNmd8z0tk9wsV 4UxUUyrNjQwYPj/0usu+069/dhzqGUiNshsop+2tYqogdWT6wlfBeQ== =zF+V -END PGP SIGNATURE-
Re: [Dovecot] Combination of default domain and username character translation problem in POP3 server configuration
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thu, 19 Nov 2009, Vico wrote: What's your configuration, dovecot -n ? - -- Steffen Kaiser -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSwUfPXWSIuGy1ktrAQJQdwgAgDXYD2a6/z/UERJDe77DFUVswu2/IEnv v5beC9I+/zXbSQxotLV1EWTXnOcmV/3OjHvqGzYcjWgOZauUCoq5s/kAhQPfptTA bPIvfyUE1I9SrsANzfkse5LfmzE8vXPqVkszSIRBY9sWDZCXL3VuWHufnWb+fRIz /y4nLz6/mo6ETMEK5kwI7B54pXcXINzo55dNJMIQXnl9w40cFTqkhKfCCYXHgx+o f03f/Qpz4DLo7Ap45/xaSWRj1Ve+6APxdhMicVt1rRx2DhrEbaDnNmd8z0tk9wsV 4UxUUyrNjQwYPj/0usu+069/dhzqGUiNshsop+2tYqogdWT6wlfBeQ== =zF+V -END PGP SIGNATURE-
[Dovecot] Combination of default domain and username character translation problem in POP3 server configuration
Hello, I have a mail server running vm-pop3 and I am migrating it to Dovecot. I have a problem configuring Dovecot as a POP3 server only (I'm not interested in IMAP for now). I have two types of domains: one principal domain, whose users don't include the domain in the login process; and secondary domains, whose users include the domain part with the ! separator, instead of @ (i.e. prueba!mysecondarydomain.es). Because of that, I have set the following options in the configuration file: auth_default_realm = myprincipaldomain.es auth_username_translation = !@ The combination of these two parameters produces the following effect when I login with an user of a secondary domain (I have no problem with principal domain authentication): +OK Bienvenido al servidor de correo. user prueba!mysecondarydomain.es +OK pass prueba. -ERR Authentication failed. quit +OK Logging out This is the resulting log: Nov 19 09:58:51 prueba dovecot: auth(default): new auth connection: pid=21953 Nov 19 09:59:04 prueba dovecot: auth(default): client in: AUTH 1 PLAIN service=POP3lip=192.168.1.84rip=192.168.17.13 resp=AHBydWViYSF0b2JhcnJhLmVzAHBydWViYS4= Nov 19 09:59:04 prueba dovecot: auth(default): passwd-file(pru...@mysecondarydomain.es@myprincipaldomain.es,192.168.17. 13): no passwd file: /etc/virtual/mysecondarydomain...@myprincipaldomain.es/passwd Nov 19 09:59:05 prueba dovecot: auth(default): client out: FAIL 1 user=pru...@mysecondarydomain.es@myprincipaldomain.es So, I think the problem is Dovecot tests if the default domain is needed before the character translation is done, so the character ! is not detected as a domain separator, so the default domain is always appended. The question is how I could resolve this problem. I need these two operations to be done because there is a lot of users already working with this configuration. Thank you in advance.
