Re: The use of %w in password_query leads to "Failed to expand plugin setting" error
On 16 Jan 2021, at 01:19, f...@fili.nl wrote: > No :) I'm converting the password scheme at the moment of login, please read > the link https://wiki.dovecot.org/HowTo/ConvertPasswordSchemes for more info. Yes, I did that a while ago, but you said "When the user has % in their password" which seemed odd. Glad it's sorted! -- MY MOM IS NOT DATING JERRY SIENFELD Bart chalkboard Ep. AABF06
Re: The use of %w in password_query leads to "Failed to expand plugin setting" error
No :) I'm converting the password scheme at the moment of login, please read the link https://wiki.dovecot.org/HowTo/ConvertPasswordSchemes for more info.Btw, the base64 encoding tip worked! Thanks again AkiOn 16 Jan 2021 03:25, "@lbutlr" wrote:On 14 Jan 2021, at 08:30, Filidor Wiese wrote: > When a user has a % sign in their password, the following error occurs: Were you storing PLAIN TEXT passwords? -- Some humans would do anything to see if it was possible to do it. If you put a large switch in some cave somewhere, with a sign on it saying "End-of-the-World Switch. PLEASE DO NOT TOUCH," the paint wouldn't even have time to dry.
Re: The use of %w in password_query leads to "Failed to expand plugin setting" error
On 14 Jan 2021, at 08:30, Filidor Wiese wrote: > When a user has a % sign in their password, the following error occurs: Were you storing PLAIN TEXT passwords? -- Some humans would do anything to see if it was possible to do it. If you put a large switch in some cave somewhere, with a sign on it saying "End-of-the-World Switch. PLEASE DO NOT TOUCH," the paint wouldn't even have time to dry.
Re: The use of %w in password_query leads to "Failed to expand plugin setting" error
Thanks Aki, that sounds like a good solution. So you're suggesting? password_query = \ SELECT domain, password, TO_BASE64('%w') AS userdb_plain_pass, \ domain as userdb_domain, concat('*:storage=', quota) AS userdb_quota_rule, 5000 as userdb_uid, 5000 as userdb_gid, '/home/%d/%n' as userdb_home \ FROM users WHERE (catch='%n' AND domain='%d') I'll give it a go when our users are asleep! Regards, Filidor On 14-01-2021 16:34, Aki Tuomi wrote: >> On 14/01/2021 17:30 Filidor Wiese wrote: >> >> >> Hi, >> I'm trying to convert my existing users to a more modern password scheme by >> following the how-to at >> https://wiki.dovecot.org/HowTo/ConvertPasswordSchemes. >> One of the steps is to include the use of '%w' in the password_query, like >> so: >>> password_query = \ >>> SELECT domain, password, '%w' AS userdb_plain_pass, \ >>> domain as userdb_domain, concat('*:storage=', quota) AS userdb_quota_rule, >>> 5000 as userdb_uid, 5000 as userdb_gid, '/home/%d/%n' as userdb_home \ >>> FROM users WHERE (catch='%n' AND domain='%d') >> and also to configure: >>> userdb { >>> driver = prefetch >>> } >> in order to combine the user/password_query into one. Now that all seemed to >> work well, except for one thing. >> When a user has a % sign in their password, the following error occurs: >>> Error: Failed to expand plugin setting plain_pass = 'Tfew3322gYEp$%5Qjk0': >>> Unknown variable '%Q' >>> >> Which indicates that dovecot is trying to expand variables in the password. >> As a consequence, the login process fails. >> Is there some way around this behavior? >> Thanks in advance, >> Filidor Wiese >> > You might get better results with, say, base64 encoding the password. > TO_BASE64() should work from 5.6 mysql. You can also try HEX encoding it. > > Aki
Re: The use of %w in password_query leads to "Failed to expand plugin setting" error
> On 14/01/2021 17:30 Filidor Wiese wrote: > > > Hi, > I'm trying to convert my existing users to a more modern password scheme by > following the how-to at https://wiki.dovecot.org/HowTo/ConvertPasswordSchemes. > One of the steps is to include the use of '%w' in the password_query, like so: > > password_query = \ > > SELECT domain, password, '%w' AS userdb_plain_pass, \ > > domain as userdb_domain, concat('*:storage=', quota) AS userdb_quota_rule, > > 5000 as userdb_uid, 5000 as userdb_gid, '/home/%d/%n' as userdb_home \ > > FROM users WHERE (catch='%n' AND domain='%d') > and also to configure: > > userdb { > > driver = prefetch > > } > in order to combine the user/password_query into one. Now that all seemed to > work well, except for one thing. > When a user has a % sign in their password, the following error occurs: > > Error: Failed to expand plugin setting plain_pass = 'Tfew3322gYEp$%5Qjk0': > > Unknown variable '%Q' > > > Which indicates that dovecot is trying to expand variables in the password. > As a consequence, the login process fails. > Is there some way around this behavior? > Thanks in advance, > Filidor Wiese > You might get better results with, say, base64 encoding the password. TO_BASE64() should work from 5.6 mysql. You can also try HEX encoding it. Aki