Re: execute: /user/bin/checkpassword /user/libexec/dovecot/checkpassword-reply

> On 09/01/2024 17:45 EET Steve Button wrote: > > > Hi, > > > > I have recently moved a dovecot installation from 2.2.36 on RHEL7.9 onto > 2.3.20 on Amazon Linux 2023 and I'm now seeing the error message in the > title relating to /usr/bin/checkpass

execute: /user/bin/checkpassword /user/libexec/dovecot/checkpassword-reply

Hi,   I have recently moved a dovecot installation from 2.2.36 on RHEL7.9 onto 2.3.20 on Amazon Linux 2023 and I'm now seeing the error message in the title relating to /usr/bin/checkpassword (which doesn't exist on either). This is a project that I've inherited, and I'v

Re: Extracting CLIENTID information from checkpassword or postlogin scripting

he information is directly logged by Dovecot as > > such: > > ID sent: name=Thunderbird, version=91.5.0 > > > > My question is, Is it possible to export/set this information in a > > checkpassword script or a postlogin script? > > client_idIfimap_id_re

Re: Extracting CLIENTID information from checkpassword or postlogin scripting

t; > My question is, Is it possible to export/set this information in a > checkpassword script or a postlogin script? > > client_id > If imap_id_retain > <https://doc.dovecot.org/settings/core/#core_setting-imap_id_retain> is > enabled this variable is populated with th

Extracting CLIENTID information from checkpassword or postlogin scripting

Hello, When extracting client_id information from the client connection (i.e. setting imap_id_log = *) the information is directly logged by Dovecot as such: ID sent: name=Thunderbird, version=91.5.0 My question is, Is it possible to export/set this information in a checkpassword script or

Re: BDAT to DATA translation on submission service when checkpassword is involved

> On 23/07/2021 01:22 Dan Conway wrote: > > > Hello, > > I'm having issues with Dovecot translating "BDAT" commands (CHUNKING) > into "DATA" commands when the backend does not support it in the > submission service. I use "checkp

BDAT to DATA translation on submission service when checkpassword is involved

Hello, I'm having issues with Dovecot translating "BDAT" commands (CHUNKING) into "DATA" commands when the backend does not support it in the submission service. I use "checkpassword" to authenticate users and judging by older mailing list entries the pre

Auth Cache for checkpassword

Hello, I use the checkpassword driver for imap/pop authentication. To improve the performance I would like to enable authentication caching for it. However just adding the auth_cache_size and auth_cache_ttl doesn't work. No entries are cached. If I add a cache directive in the passdb, the

Re: Checkpassword.

Hello, Tuesday, March 19, 2019, 1:50:44 PM, I wrote: NHvd> I've run into the issue detailed at NHvd> https://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security Just for clarity this is djb's checkpassword -- Best regards, Niamhmailto:ni...@fullbore.co.uk

Checkpassword.

Hello, I've run into the issue detailed at https://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security Understandably I don't have the skills to modify checkpassword so if I do the suggested will it work? If you can't change the script, you can make Dovecot's checkp

Authenticating with checkpassword

I am trying to use the checkpassword authentication (https://wiki.dovecot.org/AuthDatabase/CheckPassword) I do have a working checkpassword program. The protocol expects to received on fd 3 the following: usernamepasswordoptionalstuff I find that this works properly and the program can

Re: dovecot passdb driver=checkpassword as external script for block ip

> On 17 Oct 2018, at 20.09, bes wrote: > > Refer to > https://dovecot.org/pipermail/dovecot/2015-March/099971.html > https://wiki.dovecot.org/PasswordDatabase > I tried to repeat the same thing. > Set these passdb: > > passdb { > args = /myscript.sh i

Re: dovecot passdb driver=checkpassword as external script for block ip

After some debuging i expain that this happens only when the client authentication method is CRAM-MD5 dovecot[5553]: auth: Debug: checkpassword(login,192.168.99.128,<5/TM6XN4QOrAqGOA>): execute: /myscript.sh ip=192.168.99.128 /usr/libexec/dovecot/checkpassword-reply dovecot[5553]: auth:

dovecot passdb driver=checkpassword as external script for block ip

Refer to https://dovecot.org/pipermail/dovecot/2015-March/099971.html https://wiki.dovecot.org/PasswordDatabase I tried to repeat the same thing. Set these passdb: passdb { args = /myscript.sh ip=%r driver = checkpassword result_failure = return-fail result_success = continue } passdb

Re: AuthDatabase CheckPassword broken?

On 02/02/18 14:19, Mark Foley wrote: > Script didn't run: > > File "/root/tmp/checkpwtest.py", line 8 > o?= with os.fdopen(DOVECOT_PW_FD, 'r') as s: > ^ > SyntaxError: invalid syntax Copy/paste error? The beginning of that line doesn't seem to be in the original. Richard

Re: AuthDatabase CheckPassword broken?

trol Retirement System To: dovecot@dovecot.org Subject: Re: AuthDatabase CheckPassword broken? On Thu, 1 Feb 2018 10:02:10 +0200 Aki Tuomi wrote: > > On 01.02.2018 08:00, Mark Foley wrote: > > I had been using the CheckPassword authentication interface with dovecot > > 2.2.15,

Re: AuthDatabase CheckPassword broken?

On Thu, 1 Feb 2018 10:02:10 +0200 Aki Tuomi wrote: > > On 01.02.2018 08:00, Mark Foley wrote: > > I had been using the CheckPassword authentication interface with dovecot > > 2.2.15, > > https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working. &g

Re: AuthDatabase CheckPassword broken?

On 01.02.2018 08:00, Mark Foley wrote: > I had been using the CheckPassword authentication interface with dovecot > 2.2.15, > https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working. > > After upgrading to 2.2.33.2 CheckPassword no longer works. The referenc

AuthDatabase CheckPassword broken?

I had been using the CheckPassword authentication interface with dovecot 2.2.15, https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working. After upgrading to 2.2.33.2 CheckPassword no longer works. The referenced wiki page says, Checkpassword Interface Read NUL NUL

Re: Dovecot con Autentication Checkpassword error signal 111

ot;Migrate" > to dovecot. > I installed the package and configured the components necessary to me > using as system autentication checkpassword. > I have verified the checkpassword operation without the processor > usage of Dovecot and is functioning. > When you perfo

Dovecot con Autentication Checkpassword error signal 111

using as system autentication checkpassword. I have verified the checkpassword operation without the processor usage of Dovecot and is functioning. When you perform the tests with dovecot from the logs out these errors: auth: Error: checkpassword(plutos,127.0.0.1,): Child 15375 died with

Re: Need help on checkpassword userdb/passdb

I figured out how to make checkpassword work. There is a problem with the documentation. http://wiki2.dovecot.org/AuthDatabase/CheckPassword, under 'Security' says, "a. If possible, change the checkpassword to return userdb_uid and userdb_gid extra fields instead of using setu

Re: Need help on checkpassword userdb/passdb

Perhaps these problem are too mundane compared to CalDAV, sieve filtering and IPA to excite List interest? Come on Dovecotters! Let's step up to the plate! To follow up on my previous posting in this thread, I'm trying to get checkpassword to work. I have confirmed that it is setting the

Need help on checkpassword userdb/passdb

I'm experimenting with checkpassword as an auth method for usedb and passdb (http://wiki2.dovecot.org/AuthDatabase/CheckPassword). I've set up the userdb and passdb *exactly* as the wiki suggests as the "standard way": passdb { driver = checkpassword args = /user/ut

Re: managesieve & checkpassword authdb interface

On 2/2/2015 2:17 AM, Peter Hodur wrote: > Hello, > > does anybody knows what managesieve addon sets in SERVICE env when > autentificating to checkpassword? For authentication purposes "sieve" is used. Regards, Stephan.

managesieve & checkpassword authdb interface

Hello, does anybody knows what managesieve addon sets in SERVICE env when autentificating to checkpassword? thanks Pete

Re: [Dovecot] checkpassword memory limit

m not a programmer, so I can't "read" source codes. But if a programmer reads this, and have a spare few minutes, please be so kind to look at the dovecot's source code, and if finds out the memory limit of the checkpassword method (is it hard-coded, or it could be changed i

Re: [Dovecot] checkpassword memory limit

Am 2014-06-05 19:33, schrieb a: Hi. I am trying to authenticate dovecot from a wordpress database. I was thinking of using the checkpassword script to start a cli php script. That php script would then include the necessary wordpress functions, do the auth (find the wp username from user database

[Dovecot] checkpassword memory limit

Hi. I am trying to authenticate dovecot from a wordpress database. I was thinking of using the checkpassword script to start a cli php script. That php script would then include the necessary wordpress functions, do the auth (find the wp username from user database using the email address, and

Re: [Dovecot] %{orig_user} missing in checkpassword-Script

OK, added: http://hg.dovecot.org/dovecot-2.2/rev/1e099feb1dea On 3.5.2014, at 15.32, dovecot.pk...@dfgh.net wrote: > Dear dovecot maintainers: > > I'm using SSL client certificates together with a checkpassword scripts > to authenticate our users. > > My problem is: In t

[Dovecot] %{orig_user} missing in checkpassword-Script

Dear dovecot maintainers: I'm using SSL client certificates together with a checkpassword scripts to authenticate our users. My problem is: In the checkpassword script the AUTH_USER environment variable will either contain the username that was configured in the mailclien

[Dovecot] %{orig_user} missing in checkpassword-Script

Hi everybody, I'm using SSL client certificates or checkpassword scripts to authenticate our users. If a user sent a client certificate from his smartcard my checkpasswort will ignore the password, if he does not sent a client certificate but uses his OTP-token then my checkwassword script

Re: [Dovecot] AUTH_USER variable has invalid value in checkpassword Script

sername (in all Dovecot versions). It dows NOT contain the Dovecot auth_user-variable. Comparing AUTH_USER with the username makes no sense in a checkpassword-script So here's my next question: How do I find out the original username from within a chackpassword script after it has been replaced

[Dovecot] AUTH_USER variable has invalid value in checkpassword Script

mehow changed and now AUTH_USER always contains the username. This has fatal consequences as now every owner of a valid certificate can logon as any user. Here are some more details of our setup: We are using a checkpassword-Script that does the following: 1. Read Username and Password from file descr

Re: [Dovecot] Checkpassword interface for custom password check and home mounting

On Mon, Nov 25, 2013 at 10:57 AM, Kai Hendry wrote: > May I ask why you mount the user directory? Couldn't it just be already > mounted and you simply use the PAM interface? First of all, sorry about the double post. Yes I believe I could use the PAM interface. It looks more suitable to this. I w

Re: [Dovecot] Checkpassword interface for custom password check and home mounting

On Mon, Nov 25, 2013 at 09:36:39AM +0700, Jouko Nikula wrote: > I'm trying to use the checkpassword interface to do a password check and if > the check succeeds I mount the user home directory (including mail) using > the users login password and uid. May I ask why you mount the

[Dovecot] Checkpassword interface for custom password check and home mounting

Hi, I'm trying to use the checkpassword interface to do a password check and if the check succeeds I mount the user home directory (including mail) using the users login password and uid. Things work well if I do the mount manually, but when I add the home directory mounting to checkpas

[Dovecot] Checkpassword interface for custom password check and home mounting

Hi, I'm trying to use the checkpassword interface to do a password check and if the check succeeds I mount the user home directory (including mail) using the users login password and uid. My password check seems to work, but when I add the home directory mounting things seem to stop. Do

[Dovecot] I wrote CheckPassword Shell example for Dovecot

Hello, Seeing as there are not too many Dovecot CheckPassword driver usage examples on the Internet, I wrote one using Shell script. You can see post about it here: http://devblog.plesk.com/2013/11/shell-checkpassword-authentication-in-dovecot/. The post also has a link to Mercurial repository

Re: [Dovecot] checkpassword protocol

On 8.4.2013, at 13.42, Heiko Schlichting wrote: > The checkpassword interface is used in many different ways: > > I found checkpassword the easiest way to implement authentication against > FreeRADIUS. Using a perl script with > >$input = IO::Handle->new_from

Re: [Dovecot] checkpassword protocol

Timo wrote: > All the OSes made the environment private 10-15 years ago. I think it's > pretty safe to assume that older multiuser systems won't be running > Dovecot with checkpassword backend. The checkpassword interface is used in many different ways: I found checkpassword

Re: [Dovecot] checkpassword protocol

t; environment variables were readable to all users in the system, but >> I doubt there exist such systems anymore (at least where people would >> want to run Dovecot). > > Very optimistic assumption. Wouldn't it be safer to remove the password > from the environment? Anyo

Re: [Dovecot] checkpassword protocol

t > I doubt there exist such systems anymore (at least where people would > want to run Dovecot). Very optimistic assumption. Wouldn't it be safer to remove the password from the environment? Anyone using checkpassword should use FD 3 and 4 for this purpose. Environment variables and co

Re: [Dovecot] checkpassword protocol

On 7.4.2013, at 14.30, dovecot.pk...@dfgh.net wrote: > I'm writing a checkpassword script in order to support our OTP token > as a fallback for client certificate authentication. Here are two > questions: > > 1) It seems to me that the username and the password will be >

[Dovecot] checkpassword protocol

Hi, I'm writing a checkpassword script in order to support our OTP token as a fallback for client certificate authentication. Here are two questions: 1) It seems to me that the username and the password will be delivered to my script both on file descriptor 3 and via the environment vari

Re: [Dovecot] Errors with doveadm when using checkpassword

On 5.2.2013, at 14.53, Andy Dills wrote: > On Tue, 5 Feb 2013, Timo Sirainen wrote: > >> I think you need to remove doveadm_proxy_port from the backend >> dovecot.conf. Then it doesn't perform the PASS lookup. But you also >> should run doveadm via the proxy instance so that it gets run in the >

Re: [Dovecot] Errors with doveadm when using checkpassword

On Tue, 5 Feb 2013, Timo Sirainen wrote: > I think you need to remove doveadm_proxy_port from the backend > dovecot.conf. Then it doesn't perform the PASS lookup. But you also > should run doveadm via the proxy instance so that it gets run in the > correct server (doveadm -c /etc/dovecot/proxy.con

Re: [Dovecot] Errors with doveadm when using checkpassword

On Tue, 5 Feb 2013, Timo Sirainen wrote: > > So, I guess what you're saying is doveadm should be talking to the > > proxy instance rather than the backend instance? I assume I need to > > move the backend to a differently named config and make my proxy > > instances live in dovecot.conf, so tha

Re: [Dovecot] Errors with doveadm when using checkpassword

On Mon, 2013-02-04 at 21:16 -0500, Andy Dills wrote: > On Feb 4, 2013, at 8:56 PM, Timo Sirainen wrote: > > > On Mon, 2013-02-04 at 12:08 -0500, Andy Dills wrote: > >> We have a checkpassword authentication with mysql pre-fetch for the > >> userdb lookups

Re: [Dovecot] Errors with doveadm when using checkpassword

On Feb 4, 2013, at 8:56 PM, Timo Sirainen wrote: > On Mon, 2013-02-04 at 12:08 -0500, Andy Dills wrote: >> We have a checkpassword authentication with mysql pre-fetch for the >> userdb lookups. >> >> When trying to do: >> >> doveadm search -u andyt...@

Re: [Dovecot] Errors with doveadm when using checkpassword

On Mon, 2013-02-04 at 12:08 -0500, Andy Dills wrote: > We have a checkpassword authentication with mysql pre-fetch for the > userdb lookups. > > When trying to do: > > doveadm search -u andyt...@xecu.net mailbox Trash DELETED > > I get: > > doveadm(andyt..

[Dovecot] Errors with doveadm when using checkpassword

We have a checkpassword authentication with mysql pre-fetch for the userdb lookups. When trying to do: doveadm search -u andyt...@xecu.net mailbox Trash DELETED I get: doveadm(andyt...@xecu.net): Error: user andyt...@xecu.net: Auth PASS lookup failed doveadm(andyt...@xecu.net): Fatal: /var

[Dovecot] Checkpassword Perl LDAP Implementation

A few years back I hacked up a perl chkpassldap.pl script to authenticate against ldap, and optionally authorize against groups and/or ldap attributes. This works with both qmail and Dovecot, and it also supports a somewhat generic method to alter the environment suitable to use for Dovecot as

Re: [Dovecot] Differenft INBOX for IMAP/POP with checkpassword passdb

On 2011-01-27 14:04, Peter Mogensen wrote: So I thought of having to different checkpassword scripts: passdb checkpassword { args = /usr/bin/checkpassword-%s } Arh.. .sorry. I missed the SERVICE env variable. /Peter

[Dovecot] Differenft INBOX for IMAP/POP with checkpassword passdb

Hi, I'm trying to do a setup where IMAP and POP users see different INBOX' Like described on the virtual folder wiki page: http://wiki.dovecot.org/Plugins/Virtual However, for now, I'm stuck with the checkpassword passdb and prefetch userdb So I can't parameterize the r

Re: [Dovecot] Checkpassword/prefetch/master_user and prob lems

Nobody ? This can be a dovecot bug ? -- Emerson Pinter Picture Internet 55 11 5089-8130 http://www.picture.com.br/ On Mon, 19 Apr 2010 14:27:22 -0300, Emerson Pinter wrote: > Hi. > > I'm trying to use checkpassword for simple auth and masteruser auth. > I have two pro

[Dovecot] Checkpassword/prefetch/master_user and prob lems

Hi. I'm trying to use checkpassword for simple auth and masteruser auth. I have two programs, one called checkpassword-master (for masteruser lookup) and another called checkpassword for normal passdb and userdb lookup). All works fine for non-masteruser authentication (in this case dovecot

Re: [Dovecot] Proxy, using checkpassword

Roberts Sent: 27 November 2009 10:36 To: dovecot@dovecot.org Subject: [Dovecot] Proxy, using checkpassword Hi all, I think I may be doing something wrong but, is it possible to proxy POP and IMAP users when using a checkpassword script as the passdb? I'm trying to write a perl scri

[Dovecot] Proxy, using checkpassword

Hi all, I think I may be doing something wrong but, is it possible to proxy POP and IMAP users when using a checkpassword script as the passdb? I'm trying to write a perl script to handle authentication to a mix of SQL and POP3 sources whilst logging user passwords at the same tim

Re: [Dovecot] Checkpassword doesnt succeed

On Thu, 2009-03-26 at 01:11 +0100, Muhammed Alat wrote: > Hi, > > im using a bash shell script for checkpassword and if i write: > exit 0 > checkpassword doesnt authentificate the user. Ive also set the > environment variables USER and SHELL. What should i do? exit 0 is not t

[Dovecot] Checkpassword doesnt succeed

Hi, im using a bash shell script for checkpassword and if i write: exit 0 checkpassword doesnt authentificate the user. Ive also set the environment variables USER and SHELL. What should i do?

[Dovecot] Using Checkpassword with a PHP script

Hi, im a newbee using dovecot. I want to use checkpassword, but i've no idea how to use it. Can somebody post a script where i can see how to include a PHP file to verify the password and user. Im useing Dovecot 1.0.15 and somebody have canfigure for me Checkpassword. There is an

[Dovecot] How to use DoveCot with checkpassword

Hi, im a newbee using dovecot. I want to use checkpassword, but i've no idea how to use it. DoveCot is running and checking the passwords with a ldap server. But in future we want to use a sql database, where the password and userinformation is stored. I want to use checkpasswor

Re: [Dovecot] checkpassword auth issues

On Mon, 2009-01-19 at 14:51 -0800, Tim Traver wrote: > Timo Sirainen wrote: > > On Mon, 2009-01-19 at 12:17 -0800, Tim Traver wrote: > > > >> Is it possible that checks for the return code from calling the > >> checkpassword script have changed between the vers

Re: [Dovecot] checkpassword auth issues

Timo Sirainen wrote: > On Mon, 2009-01-19 at 12:17 -0800, Tim Traver wrote: > >> Is it possible that checks for the return code from calling the >> checkpassword script have changed between the versions??? I currently >> exit the checkpassword script with _exit(0); t

Re: [Dovecot] checkpassword auth issues

On Mon, 2009-01-19 at 12:17 -0800, Tim Traver wrote: > Is it possible that checks for the return code from calling the > checkpassword script have changed between the versions??? I currently > exit the checkpassword script with _exit(0); to make the status 0 when > it is successful, an

[Dovecot] checkpassword auth issues

Hi, ok, I'm am developing a new solution that includes dovecot, and will be wanting to use the latest sieve implementation, so I have chosen to start with 1.2 as the base. I had a working install of 1.1.8 installed, and got a checkpassword setup working properly with it to authenticate a us

Re: [Dovecot] [checkpassword] I can't get a password from fd3

Thanks for the example and your info about fd4. Durk > Durk Strooisma wrote: >> Okay, thanks for verifying. What kind of scripting language would you >> suggest for checkpassword instead? > > Perl works for me. Extract from such script: > >use constant C

Re: [Dovecot] [checkpassword] I can't get a password from fd3

>> read -d '\0' -r -u 3 > You are missing the correct syntax to interpret backslash escapes here: > > read -d $'\0' -r -u 3 > > will work. Thanks a lot!! I was indeed missing the $ sign! And it is nicely documented here: http://www.gnu.org/software/bash/manual/bashref.html#ANSI_002dC-Quoting I n

Re: [Dovecot] [checkpassword] I can't get a password from fd3

Durk Strooisma wrote: > Okay, thanks for verifying. What kind of scripting language would you > suggest for checkpassword instead? Perl works for me. Extract from such script: use constant CHECKPASSWORD_MAX_LEN => 512; [...] my $input = IO::Handle->new_from_fd(3, "

Re: [Dovecot] [checkpassword] I can't get a password from fd3

Hello Durk, Am Montag, 12. Januar 2009 schrieb Durk Strooisma: > I'm trying to implement checkpassword authentication with a simple bash > script. In some way I can't get the password from file descriptor 3. > > The start of script looks like this: > > #!/bin/bash &

Re: [Dovecot] [checkpassword] I can't get a password from fd3

Again the same reason: maybe read just doesn't support it. I actually > tried and couldn't really get it to work with zsh. With bash it worked > even worse. > > Anyway I'm sure Dovecot works right, and the problem is just that you > can't do with shell scriptin

Re: [Dovecot] [checkpassword] I can't get a password from fd3

On Mon, 2009-01-12 at 20:54 +0100, Durk Strooisma wrote: > > On Mon, 2009-01-12 at 18:31 +0100, Durk Strooisma wrote: > >> #!/bin/bash > >> > >> read -d '\0' -r -u 3 > > > > Are you sure this is supposed to work? \0 character is an end-of-string > > character in C language, and I wouldn't be surpri

Re: [Dovecot] [checkpassword] I can't get a password from fd3

> On Mon, 2009-01-12 at 18:31 +0100, Durk Strooisma wrote: >> #!/bin/bash >> >> read -d '\0' -r -u 3 > > Are you sure this is supposed to work? \0 character is an end-of-string > character in C language, and I wouldn't be surprised if read simply > didn't support it as delimiter. Well if I try to

Re: [Dovecot] [checkpassword] I can't get a password from fd3

On Mon, 2009-01-12 at 18:31 +0100, Durk Strooisma wrote: > #!/bin/bash > > read -d '\0' -r -u 3 Are you sure this is supposed to work? \0 character is an end-of-string character in C language, and I wouldn't be surprised if read simply didn't support it as delimiter. signature.asc Description:

[Dovecot] [checkpassword] I can't get a password from fd3

Hi all, I'm trying to implement checkpassword authentication with a simple bash script. In some way I can't get the password from file descriptor 3. The start of script looks like this: #!/bin/bash read -d '\0' -r -u 3 USERNAME="${REPLY}" read -d '\0

Re: [Dovecot] New generic userdb lookup api (was: New userdb backend for checkpassword like programs)

Timo Sirainen <[EMAIL PROTECTED]> writes: > Hmm. auth-client.c is about performing authentication as a > client. What you're doing is about doing a userdb lookup and > connecting to dovecot-auth as a master. So different file, but I'm > not really sure about the name. Perhaps auth-master.c and >

Re: [Dovecot] New userdb backend for checkpassword like programs

On Oct 23, 2008, at 9:15 PM, Sascha Wilde wrote: as lib-auth/auth-client.c already exists. Would it be a good idea to put the new stuff in the same file? And in case not, any suggestions what a new file could be named? Hmm. auth-client.c is about performing authentication as a client. What

Re: [Dovecot] New userdb backend for checkpassword like programs

Sascha Wilde <[EMAIL PROTECTED]> writes: > Timo Sirainen <[EMAIL PROTECTED]> writes: >> On Thu, 2008-10-23 at 16:18 +0200, Sascha Wilde wrote: > [...] >>> 2.) The exported interface in the respective auth-client.h files is >>> different. The solution would be to figure out what the right >>>

Re: [Dovecot] New userdb backend for checkpassword like programs

tes: >> >> > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote: >> >> >> Sascha Wilde <[EMAIL PROTECTED]> writes: >> >> >>> [userdb-checkpassword] >> >> [...] >> >> > The code is now in dovecot-1.2 tree. >> >

Re: [Dovecot] New userdb backend for checkpassword like programs

Wilde wrote: > >> >> Sascha Wilde <[EMAIL PROTECTED]> writes: > >> >>> [userdb-checkpassword] > >> [...] > >> > The code is now in dovecot-1.2 tree. > >> > >> Unfortunately there is one tiny, but essential change missing: > &

Re: [Dovecot] New userdb backend for checkpassword like programs

Timo Sirainen <[EMAIL PROTECTED]> writes: > On Thu, 2008-10-23 at 16:18 +0200, Sascha Wilde wrote: [...] >> 2.) The exported interface in the respective auth-client.h files is >> different. The solution would be to figure out what the right >> interface would be [...] > Perhaps something l

Re: [Dovecot] New userdb backend for checkpassword like programs

Timo Sirainen <[EMAIL PROTECTED]> writes: > On Thu, 2008-10-23 at 13:13 +0200, Sascha Wilde wrote: >> Timo Sirainen <[EMAIL PROTECTED]> writes: >> > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote: >> >> Sascha Wilde <[EMAIL PROTECTED]> writes: >

Re: [Dovecot] New userdb backend for checkpassword like programs

On Thu, 2008-10-23 at 16:18 +0200, Sascha Wilde wrote: > 1.) It seems that some code in deliver/auth-client.c has been revised > after it was copied to expire/auth-client.c, this is a small problem > as I would expect simply using the newer code to be the right > thing[tm]. Yes, I have

Re: [Dovecot] New userdb backend for checkpassword like programs

On Thu, 2008-10-23 at 13:13 +0200, Sascha Wilde wrote: > Timo Sirainen <[EMAIL PROTECTED]> writes: > > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote: > >> Sascha Wilde <[EMAIL PROTECTED]> writes: > >>> [userdb-checkpassword] > [...] > > The

Re: [Dovecot] New userdb backend for checkpassword like programs

Sascha Wilde <[EMAIL PROTECTED]> writes: > Timo Sirainen <[EMAIL PROTECTED]> writes: >> On Wed, 2008-10-22 at 16:15 +0200, Sascha Wilde wrote: >>> There are more than 250LOC in deliver/auth-client.c and I wonder if >>> there is already a higher level api for auth clients? I would have >>> expected

Re: [Dovecot] New userdb backend for checkpassword like programs

Timo Sirainen <[EMAIL PROTECTED]> writes: > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote: >> Sascha Wilde <[EMAIL PROTECTED]> writes: >>> [userdb-checkpassword] [...] > The code is now in dovecot-1.2 tree. Unfortunately there is one tiny, but essential change m

Re: [Dovecot] New userdb backend for checkpassword like programs

Timo Sirainen <[EMAIL PROTECTED]> writes: > On Wed, 2008-10-22 at 16:15 +0200, Sascha Wilde wrote: >> Timo Sirainen <[EMAIL PROTECTED]> writes: >> > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote: >> >> Sascha Wilde <[EMAIL PROTECTED]> writes: &g

Re: [Dovecot] New userdb backend for checkpassword like programs

On Wed, 2008-10-22 at 16:15 +0200, Sascha Wilde wrote: > Timo Sirainen <[EMAIL PROTECTED]> writes: > > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote: > >> Sascha Wilde <[EMAIL PROTECTED]> writes: > >>> [userdb-checkpassword] > > > The code

Re: [Dovecot] New userdb backend for checkpassword like programs

Timo Sirainen <[EMAIL PROTECTED]> writes: > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote: >> Sascha Wilde <[EMAIL PROTECTED]> writes: >>> [userdb-checkpassword] > The code is now in dovecot-1.2 tree. Thank you, that's great! The only thing I'm mi

Re: [Dovecot] New userdb backend for checkpassword like programs

On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote: Sascha Wilde <[EMAIL PROTECTED]> writes: Timo Sirainen <[EMAIL PROTECTED]> writes: [...] All of this forces that the checkpassword script developer either handles the AUTHORIZED environment correctly or it doesn't work at all

Re: [Dovecot] New userdb backend for checkpassword like programs

Sascha Wilde <[EMAIL PROTECTED]> writes: > Timo Sirainen <[EMAIL PROTECTED]> writes: > [...] >> All of this forces that the checkpassword script developer either >> handles the AUTHORIZED environment correctly or it doesn't work at >> all. And it prevents

Re: [Dovecot] New userdb backend for checkpassword like programs

On Oct 20, 2008, at 10:40 PM, Timo Sirainen wrote: Ever since I took these Human-Computer-Interfacing classes I've started thinking about ways to make things more easier (and foolproof). There was this one example about how difficult it was to design a web page (about 10 years ago) that tol

Re: [Dovecot] New userdb backend for checkpassword like programs

On Oct 20, 2008, at 10:19 PM, Sascha Wilde wrote: Ok, you convinced me that your concept has the advantage of forcing the checkpassword script author to try to implement all aspects of the spec. .. After all, nothing is foolproof to a sufficiently talented fool. ;-) Sure, but I like it

Re: [Dovecot] New userdb backend for checkpassword like programs

Timo Sirainen <[EMAIL PROTECTED]> writes: [...] > All of this forces that the checkpassword script developer either > handles the AUTHORIZED environment correctly or it doesn't work at > all. And it prevents admin from accidentally using the script wrong. Ok, you convinced

Re: [Dovecot] New userdb backend for checkpassword like programs

On Oct 20, 2008, at 8:57 PM, Sascha Wilde wrote: Timo Sirainen <[EMAIL PROTECTED]> writes: On Oct 20, 2008, at 8:00 PM, Sascha Wilde wrote: My solution: 1. The userdb-only checkpassword script sees no AUTHORIZED in the environment and returns with an exit code != 0[0] You

Re: [Dovecot] New userdb backend for checkpassword like programs

Timo Sirainen <[EMAIL PROTECTED]> writes: > On Oct 20, 2008, at 8:00 PM, Sascha Wilde wrote: > >> My solution: >> >>1. The userdb-only checkpassword script sees no AUTHORIZED in the >> environment and returns with an exit code != 0[0] > > You a

Re: [Dovecot] New userdb backend for checkpassword like programs

On Oct 20, 2008, at 8:00 PM, Sascha Wilde wrote: My solution: 1. The userdb-only checkpassword script sees no AUTHORIZED in the environment and returns with an exit code != 0[0] You assume that the script actually checks this. There's no requirement that a userdb-only script

Re: [Dovecot] New userdb backend for checkpassword like programs

Timo Sirainen <[EMAIL PROTECTED]> writes: > On Oct 20, 2008, at 7:08 PM, Sascha Wilde wrote: > >> I understand the idea now, but see above: we need the (userdb only) >> checkpassword script to follow our rules anyway, so instead of doing >> magic to the enviro

Re: [Dovecot] New userdb backend for checkpassword like programs

On Oct 20, 2008, at 7:08 PM, Sascha Wilde wrote: I understand the idea now, but see above: we need the (userdb only) checkpassword script to follow our rules anyway, so instead of doing magic to the environment and checking for this in checkpassword- reply it should be sufficient for the

  1   2   >