> On 09/01/2024 17:45 EET Steve Button wrote:
>
>
> Hi,
>
>
>
> I have recently moved a dovecot installation from 2.2.36 on RHEL7.9 onto
> 2.3.20 on Amazon Linux 2023 and I'm now seeing the error message in the
> title relating to /usr/bin/checkpass
Hi,
I have recently moved a dovecot installation from 2.2.36 on RHEL7.9 onto 2.3.20
on Amazon Linux 2023 and I'm now seeing the error message in the title relating
to /usr/bin/checkpassword (which doesn't exist on either). This is a project
that I've inherited, and I'v
he information is directly logged by Dovecot as
> > such:
> > ID sent: name=Thunderbird, version=91.5.0
> >
> > My question is, Is it possible to export/set this information in a
> > checkpassword script or a postlogin script?
> > client_idIfimap_id_re
t;
> My question is, Is it possible to export/set this information in a
> checkpassword script or a postlogin script?
>
> client_id
> If imap_id_retain
> <https://doc.dovecot.org/settings/core/#core_setting-imap_id_retain> is
> enabled this variable is populated with th
Hello,
When extracting client_id information from the client connection (i.e.
setting imap_id_log = *) the information is directly logged by Dovecot
as such:
ID sent: name=Thunderbird, version=91.5.0
My question is, Is it possible to export/set this information in a
checkpassword script or
> On 23/07/2021 01:22 Dan Conway wrote:
>
>
> Hello,
>
> I'm having issues with Dovecot translating "BDAT" commands (CHUNKING)
> into "DATA" commands when the backend does not support it in the
> submission service. I use "checkp
Hello,
I'm having issues with Dovecot translating "BDAT" commands (CHUNKING)
into "DATA" commands when the backend does not support it in the
submission service. I use "checkpassword" to authenticate users and
judging by older mailing list entries the pre
Hello,
I use the checkpassword driver for imap/pop authentication.
To improve the performance I would like to enable authentication caching
for it.
However just adding the auth_cache_size and auth_cache_ttl doesn't work.
No entries are cached.
If I add a cache directive in the passdb, the
Hello,
Tuesday, March 19, 2019, 1:50:44 PM, I wrote:
NHvd> I've run into the issue detailed at
NHvd> https://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security
Just for clarity this is djb's checkpassword
--
Best regards,
Niamhmailto:ni...@fullbore.co.uk
Hello,
I've run into the issue detailed at
https://wiki2.dovecot.org/AuthDatabase/CheckPassword#Security
Understandably I don't have the skills to modify checkpassword so if I do
the suggested will it work?
If you can't change the script, you can make Dovecot's checkp
I am trying to use the checkpassword authentication
(https://wiki.dovecot.org/AuthDatabase/CheckPassword)
I do have a working checkpassword program. The protocol expects to received on
fd 3 the
following:
usernamepasswordoptionalstuff
I find that this works properly and the program can
> On 17 Oct 2018, at 20.09, bes wrote:
>
> Refer to
> https://dovecot.org/pipermail/dovecot/2015-March/099971.html
> https://wiki.dovecot.org/PasswordDatabase
> I tried to repeat the same thing.
> Set these passdb:
>
> passdb {
> args = /myscript.sh i
After some debuging i expain that this happens only when the client
authentication method is CRAM-MD5
dovecot[5553]: auth: Debug:
checkpassword(login,192.168.99.128,<5/TM6XN4QOrAqGOA>): execute:
/myscript.sh ip=192.168.99.128
/usr/libexec/dovecot/checkpassword-reply
dovecot[5553]: auth:
Refer to
https://dovecot.org/pipermail/dovecot/2015-March/099971.html
https://wiki.dovecot.org/PasswordDatabase
I tried to repeat the same thing.
Set these passdb:
passdb {
args = /myscript.sh ip=%r
driver = checkpassword
result_failure = return-fail
result_success = continue
}
passdb
On 02/02/18 14:19, Mark Foley wrote:
> Script didn't run:
>
> File "/root/tmp/checkpwtest.py", line 8
> o?= with os.fdopen(DOVECOT_PW_FD, 'r') as s:
> ^
> SyntaxError: invalid syntax
Copy/paste error? The beginning of that line doesn't seem to be in the
original.
Richard
trol Retirement System
To: dovecot@dovecot.org
Subject: Re: AuthDatabase CheckPassword broken?
On Thu, 1 Feb 2018 10:02:10 +0200 Aki Tuomi wrote:
>
> On 01.02.2018 08:00, Mark Foley wrote:
> > I had been using the CheckPassword authentication interface with dovecot
> > 2.2.15,
On Thu, 1 Feb 2018 10:02:10 +0200 Aki Tuomi wrote:
>
> On 01.02.2018 08:00, Mark Foley wrote:
> > I had been using the CheckPassword authentication interface with dovecot
> > 2.2.15,
> > https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working.
&g
On 01.02.2018 08:00, Mark Foley wrote:
> I had been using the CheckPassword authentication interface with dovecot
> 2.2.15,
> https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working.
>
> After upgrading to 2.2.33.2 CheckPassword no longer works. The referenc
I had been using the CheckPassword authentication interface with dovecot
2.2.15,
https://wiki2.dovecot.org/AuthDatabase/CheckPassword, and it was working.
After upgrading to 2.2.33.2 CheckPassword no longer works. The referenced wiki
page says,
Checkpassword Interface
Read NUL NUL
ot;Migrate"
> to dovecot.
> I installed the package and configured the components necessary to me
> using as system autentication checkpassword.
> I have verified the checkpassword operation without the processor
> usage of Dovecot and is functioning.
> When you perfo
using as system autentication checkpassword.
I have verified the checkpassword operation without the processor
usage of Dovecot and is functioning.
When you perform the tests with dovecot from the logs out these errors:
auth: Error: checkpassword(plutos,127.0.0.1,): Child
15375 died with
I figured out how to make checkpassword work. There is a problem with the
documentation. http://wiki2.dovecot.org/AuthDatabase/CheckPassword, under
'Security' says, "a. If possible, change the checkpassword to return userdb_uid
and userdb_gid extra fields instead of using setu
Perhaps these problem are too
mundane
compared to CalDAV, sieve filtering and IPA to excite List interest? Come on
Dovecotters! Let's step up to the plate!
To follow up on my previous posting in this thread, I'm trying to get
checkpassword to work. I have confirmed that it is setting the
I'm experimenting with checkpassword as an auth method for usedb and passdb
(http://wiki2.dovecot.org/AuthDatabase/CheckPassword). I've set up the userdb
and passdb *exactly* as the wiki suggests as the "standard way":
passdb {
driver = checkpassword
args = /user/ut
On 2/2/2015 2:17 AM, Peter Hodur wrote:
> Hello,
>
> does anybody knows what managesieve addon sets in SERVICE env when
> autentificating to checkpassword?
For authentication purposes "sieve" is used.
Regards,
Stephan.
Hello,
does anybody knows what managesieve addon sets in SERVICE env when
autentificating to checkpassword?
thanks
Pete
m not a programmer, so I can't
"read" source codes. But if a programmer reads this, and have a spare few
minutes, please be so kind to look at the dovecot's source code, and if
finds out the memory limit of the checkpassword method (is it hard-coded, or it
could be changed i
Am 2014-06-05 19:33, schrieb a:
Hi. I am trying to authenticate dovecot from a wordpress database. I was thinking of using the checkpassword script to start a cli php script. That php script would then include the necessary wordpress functions, do the auth (find the wp username from user database
Hi. I am trying to authenticate dovecot from a wordpress database. I was
thinking of using the checkpassword script to start a cli php script. That php
script would then include the necessary wordpress functions, do the auth (find
the wp username from user database using the email address, and
OK, added: http://hg.dovecot.org/dovecot-2.2/rev/1e099feb1dea
On 3.5.2014, at 15.32, dovecot.pk...@dfgh.net wrote:
> Dear dovecot maintainers:
>
> I'm using SSL client certificates together with a checkpassword scripts
> to authenticate our users.
>
> My problem is: In t
Dear dovecot maintainers:
I'm using SSL client certificates together with a checkpassword scripts
to authenticate our users.
My problem is: In the checkpassword script the AUTH_USER environment
variable will either contain the username that was configured in the
mailclien
Hi everybody,
I'm using SSL client certificates or checkpassword scripts to authenticate
our users. If a user sent a client certificate from his smartcard my
checkpasswort will ignore the password, if he does not sent a client
certificate but uses his OTP-token then my checkwassword script
sername (in all Dovecot versions). It dows NOT
contain the Dovecot auth_user-variable. Comparing
AUTH_USER with the username makes no sense in
a checkpassword-script
So here's my next question: How do I find out the original
username from within a chackpassword script after it has
been replaced
mehow changed and now AUTH_USER always
contains the username. This has fatal consequences as now
every owner of a valid certificate can logon as any user.
Here are some more details of our setup:
We are using a checkpassword-Script that does the following:
1. Read Username and Password from file descr
On Mon, Nov 25, 2013 at 10:57 AM, Kai Hendry wrote:
> May I ask why you mount the user directory? Couldn't it just be already
> mounted and you simply use the PAM interface?
First of all, sorry about the double post. Yes I believe I could use
the PAM interface. It looks more suitable to this. I w
On Mon, Nov 25, 2013 at 09:36:39AM +0700, Jouko Nikula wrote:
> I'm trying to use the checkpassword interface to do a password check and if
> the check succeeds I mount the user home directory (including mail) using
> the users login password and uid.
May I ask why you mount the
Hi,
I'm trying to use the checkpassword interface to do a password check
and if the check succeeds I mount the user home directory (including
mail) using the users login password and uid.
Things work well if I do the mount manually, but when I add the home
directory mounting to checkpas
Hi,
I'm trying to use the checkpassword interface to do a password check and if
the check succeeds I mount the user home directory (including mail) using
the users login password and uid.
My password check seems to work, but when I add the home directory mounting
things seem to stop. Do
Hello,
Seeing as there are not too many Dovecot CheckPassword driver usage
examples on the Internet, I wrote one using Shell script.
You can see post about it here:
http://devblog.plesk.com/2013/11/shell-checkpassword-authentication-in-dovecot/.
The post also has a link to Mercurial repository
On 8.4.2013, at 13.42, Heiko Schlichting wrote:
> The checkpassword interface is used in many different ways:
>
> I found checkpassword the easiest way to implement authentication against
> FreeRADIUS. Using a perl script with
>
>$input = IO::Handle->new_from
Timo wrote:
> All the OSes made the environment private 10-15 years ago. I think it's
> pretty safe to assume that older multiuser systems won't be running
> Dovecot with checkpassword backend.
The checkpassword interface is used in many different ways:
I found checkpassword
t; environment variables were readable to all users in the system, but
>> I doubt there exist such systems anymore (at least where people would
>> want to run Dovecot).
>
> Very optimistic assumption. Wouldn't it be safer to remove the password
> from the environment? Anyo
t
> I doubt there exist such systems anymore (at least where people would
> want to run Dovecot).
Very optimistic assumption. Wouldn't it be safer to remove the password
from the environment? Anyone using checkpassword should use FD 3 and 4 for
this purpose. Environment variables and co
On 7.4.2013, at 14.30, dovecot.pk...@dfgh.net wrote:
> I'm writing a checkpassword script in order to support our OTP token
> as a fallback for client certificate authentication. Here are two
> questions:
>
> 1) It seems to me that the username and the password will be
>
Hi,
I'm writing a checkpassword script in order to support our OTP token
as a fallback for client certificate authentication. Here are two
questions:
1) It seems to me that the username and the password will be
delivered to my script both on file descriptor 3 and via the
environment vari
On 5.2.2013, at 14.53, Andy Dills wrote:
> On Tue, 5 Feb 2013, Timo Sirainen wrote:
>
>> I think you need to remove doveadm_proxy_port from the backend
>> dovecot.conf. Then it doesn't perform the PASS lookup. But you also
>> should run doveadm via the proxy instance so that it gets run in the
>
On Tue, 5 Feb 2013, Timo Sirainen wrote:
> I think you need to remove doveadm_proxy_port from the backend
> dovecot.conf. Then it doesn't perform the PASS lookup. But you also
> should run doveadm via the proxy instance so that it gets run in the
> correct server (doveadm -c /etc/dovecot/proxy.con
On Tue, 5 Feb 2013, Timo Sirainen wrote:
> > So, I guess what you're saying is doveadm should be talking to the
> > proxy instance rather than the backend instance? I assume I need to
> > move the backend to a differently named config and make my proxy
> > instances live in dovecot.conf, so tha
On Mon, 2013-02-04 at 21:16 -0500, Andy Dills wrote:
> On Feb 4, 2013, at 8:56 PM, Timo Sirainen wrote:
>
> > On Mon, 2013-02-04 at 12:08 -0500, Andy Dills wrote:
> >> We have a checkpassword authentication with mysql pre-fetch for the
> >> userdb lookups
On Feb 4, 2013, at 8:56 PM, Timo Sirainen wrote:
> On Mon, 2013-02-04 at 12:08 -0500, Andy Dills wrote:
>> We have a checkpassword authentication with mysql pre-fetch for the
>> userdb lookups.
>>
>> When trying to do:
>>
>> doveadm search -u andyt...@
On Mon, 2013-02-04 at 12:08 -0500, Andy Dills wrote:
> We have a checkpassword authentication with mysql pre-fetch for the
> userdb lookups.
>
> When trying to do:
>
> doveadm search -u andyt...@xecu.net mailbox Trash DELETED
>
> I get:
>
> doveadm(andyt..
We have a checkpassword authentication with mysql pre-fetch for the
userdb lookups.
When trying to do:
doveadm search -u andyt...@xecu.net mailbox Trash DELETED
I get:
doveadm(andyt...@xecu.net): Error: user andyt...@xecu.net: Auth PASS
lookup failed
doveadm(andyt...@xecu.net): Fatal: /var
A few years back I hacked up a perl chkpassldap.pl script to
authenticate against ldap, and optionally authorize against groups
and/or ldap attributes. This works with both qmail and Dovecot, and it
also supports a somewhat generic method to alter the environment
suitable to use for Dovecot as
On 2011-01-27 14:04, Peter Mogensen wrote:
So I thought of having to different checkpassword scripts:
passdb checkpassword {
args = /usr/bin/checkpassword-%s
}
Arh.. .sorry.
I missed the SERVICE env variable.
/Peter
Hi,
I'm trying to do a setup where IMAP and POP users see different INBOX'
Like described on the virtual folder wiki page:
http://wiki.dovecot.org/Plugins/Virtual
However, for now, I'm stuck with the checkpassword passdb and prefetch
userdb
So I can't parameterize the r
Nobody ?
This can be a dovecot bug ?
--
Emerson Pinter
Picture Internet
55 11 5089-8130
http://www.picture.com.br/
On Mon, 19 Apr 2010 14:27:22 -0300, Emerson Pinter
wrote:
> Hi.
>
> I'm trying to use checkpassword for simple auth and masteruser auth.
> I have two pro
Hi.
I'm trying to use checkpassword for simple auth and masteruser auth.
I have two programs, one called checkpassword-master (for masteruser
lookup) and another called checkpassword for normal passdb and userdb
lookup).
All works fine for non-masteruser authentication (in this case dovecot
Roberts
Sent: 27 November 2009 10:36
To: dovecot@dovecot.org
Subject: [Dovecot] Proxy, using checkpassword
Hi all,
I think I may be doing something wrong but, is it possible to proxy POP
and IMAP users when using a checkpassword script as the passdb?
I'm trying to write a perl scri
Hi all,
I think I may be doing something wrong but, is it possible to proxy POP
and IMAP users when using a checkpassword script as the passdb?
I'm trying to write a perl script to handle authentication to a mix of SQL and
POP3 sources whilst logging user passwords at the same tim
On Thu, 2009-03-26 at 01:11 +0100, Muhammed Alat wrote:
> Hi,
>
> im using a bash shell script for checkpassword and if i write:
> exit 0
> checkpassword doesnt authentificate the user. Ive also set the
> environment variables USER and SHELL. What should i do?
exit 0 is not t
Hi,
im using a bash shell script for checkpassword and if i write:
exit 0
checkpassword doesnt authentificate the user. Ive also set the
environment variables USER and SHELL. What should i do?
Hi,
im a newbee using dovecot. I want to use checkpassword, but i've no idea
how to use it.
Can somebody post a script where i can see how to include a PHP file to
verify the password and user.
Im useing Dovecot 1.0.15 and somebody have canfigure for me
Checkpassword. There is an
Hi,
im a newbee using dovecot. I want to use checkpassword, but i've no idea
how to use it.
DoveCot is running and checking the passwords with a ldap server. But in
future we want to use a sql database, where the password and
userinformation is stored.
I want to use checkpasswor
On Mon, 2009-01-19 at 14:51 -0800, Tim Traver wrote:
> Timo Sirainen wrote:
> > On Mon, 2009-01-19 at 12:17 -0800, Tim Traver wrote:
> >
> >> Is it possible that checks for the return code from calling the
> >> checkpassword script have changed between the vers
Timo Sirainen wrote:
> On Mon, 2009-01-19 at 12:17 -0800, Tim Traver wrote:
>
>> Is it possible that checks for the return code from calling the
>> checkpassword script have changed between the versions??? I currently
>> exit the checkpassword script with _exit(0); t
On Mon, 2009-01-19 at 12:17 -0800, Tim Traver wrote:
> Is it possible that checks for the return code from calling the
> checkpassword script have changed between the versions??? I currently
> exit the checkpassword script with _exit(0); to make the status 0 when
> it is successful, an
Hi,
ok, I'm am developing a new solution that includes dovecot, and will be
wanting to use the latest sieve implementation, so I have chosen to
start with 1.2 as the base.
I had a working install of 1.1.8 installed, and got a checkpassword
setup working properly with it to authenticate a us
Thanks for the example and your info about fd4.
Durk
> Durk Strooisma wrote:
>> Okay, thanks for verifying. What kind of scripting language would you
>> suggest for checkpassword instead?
>
> Perl works for me. Extract from such script:
>
>use constant C
>> read -d '\0' -r -u 3
> You are missing the correct syntax to interpret backslash escapes here:
>
> read -d $'\0' -r -u 3
>
> will work.
Thanks a lot!! I was indeed missing the $ sign! And it is nicely documented
here:
http://www.gnu.org/software/bash/manual/bashref.html#ANSI_002dC-Quoting
I n
Durk Strooisma wrote:
> Okay, thanks for verifying. What kind of scripting language would you
> suggest for checkpassword instead?
Perl works for me. Extract from such script:
use constant CHECKPASSWORD_MAX_LEN => 512;
[...]
my $input = IO::Handle->new_from_fd(3, "
Hello Durk,
Am Montag, 12. Januar 2009 schrieb Durk Strooisma:
> I'm trying to implement checkpassword authentication with a simple bash
> script. In some way I can't get the password from file descriptor 3.
>
> The start of script looks like this:
>
> #!/bin/bash
&
Again the same reason: maybe read just doesn't support it. I actually
> tried and couldn't really get it to work with zsh. With bash it worked
> even worse.
>
> Anyway I'm sure Dovecot works right, and the problem is just that you
> can't do with shell scriptin
On Mon, 2009-01-12 at 20:54 +0100, Durk Strooisma wrote:
> > On Mon, 2009-01-12 at 18:31 +0100, Durk Strooisma wrote:
> >> #!/bin/bash
> >>
> >> read -d '\0' -r -u 3
> >
> > Are you sure this is supposed to work? \0 character is an end-of-string
> > character in C language, and I wouldn't be surpri
> On Mon, 2009-01-12 at 18:31 +0100, Durk Strooisma wrote:
>> #!/bin/bash
>>
>> read -d '\0' -r -u 3
>
> Are you sure this is supposed to work? \0 character is an end-of-string
> character in C language, and I wouldn't be surprised if read simply
> didn't support it as delimiter.
Well if I try to
On Mon, 2009-01-12 at 18:31 +0100, Durk Strooisma wrote:
> #!/bin/bash
>
> read -d '\0' -r -u 3
Are you sure this is supposed to work? \0 character is an end-of-string
character in C language, and I wouldn't be surprised if read simply
didn't support it as delimiter.
signature.asc
Description:
Hi all,
I'm trying to implement checkpassword authentication with a simple bash
script. In some way I can't get the password from file descriptor 3.
The start of script looks like this:
#!/bin/bash
read -d '\0' -r -u 3
USERNAME="${REPLY}"
read -d '\0
Timo Sirainen <[EMAIL PROTECTED]> writes:
> Hmm. auth-client.c is about performing authentication as a
> client. What you're doing is about doing a userdb lookup and
> connecting to dovecot-auth as a master. So different file, but I'm
> not really sure about the name. Perhaps auth-master.c and
>
On Oct 23, 2008, at 9:15 PM, Sascha Wilde wrote:
as lib-auth/auth-client.c already exists. Would it be a good idea to
put the new stuff in the same file? And in case not, any suggestions
what a new file could be named?
Hmm. auth-client.c is about performing authentication as a client.
What
Sascha Wilde <[EMAIL PROTECTED]> writes:
> Timo Sirainen <[EMAIL PROTECTED]> writes:
>> On Thu, 2008-10-23 at 16:18 +0200, Sascha Wilde wrote:
> [...]
>>> 2.) The exported interface in the respective auth-client.h files is
>>> different. The solution would be to figure out what the right
>>>
tes:
>> >> > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
>> >> >> Sascha Wilde <[EMAIL PROTECTED]> writes:
>> >> >>> [userdb-checkpassword]
>> >> [...]
>> >> > The code is now in dovecot-1.2 tree.
>> >
Wilde wrote:
> >> >> Sascha Wilde <[EMAIL PROTECTED]> writes:
> >> >>> [userdb-checkpassword]
> >> [...]
> >> > The code is now in dovecot-1.2 tree.
> >>
> >> Unfortunately there is one tiny, but essential change missing:
> &
Timo Sirainen <[EMAIL PROTECTED]> writes:
> On Thu, 2008-10-23 at 16:18 +0200, Sascha Wilde wrote:
[...]
>> 2.) The exported interface in the respective auth-client.h files is
>> different. The solution would be to figure out what the right
>> interface would be
[...]
> Perhaps something l
Timo Sirainen <[EMAIL PROTECTED]> writes:
> On Thu, 2008-10-23 at 13:13 +0200, Sascha Wilde wrote:
>> Timo Sirainen <[EMAIL PROTECTED]> writes:
>> > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
>> >> Sascha Wilde <[EMAIL PROTECTED]> writes:
>
On Thu, 2008-10-23 at 16:18 +0200, Sascha Wilde wrote:
> 1.) It seems that some code in deliver/auth-client.c has been revised
> after it was copied to expire/auth-client.c, this is a small problem
> as I would expect simply using the newer code to be the right
> thing[tm].
Yes, I have
On Thu, 2008-10-23 at 13:13 +0200, Sascha Wilde wrote:
> Timo Sirainen <[EMAIL PROTECTED]> writes:
> > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
> >> Sascha Wilde <[EMAIL PROTECTED]> writes:
> >>> [userdb-checkpassword]
> [...]
> > The
Sascha Wilde <[EMAIL PROTECTED]> writes:
> Timo Sirainen <[EMAIL PROTECTED]> writes:
>> On Wed, 2008-10-22 at 16:15 +0200, Sascha Wilde wrote:
>>> There are more than 250LOC in deliver/auth-client.c and I wonder if
>>> there is already a higher level api for auth clients? I would have
>>> expected
Timo Sirainen <[EMAIL PROTECTED]> writes:
> On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
>> Sascha Wilde <[EMAIL PROTECTED]> writes:
>>> [userdb-checkpassword]
[...]
> The code is now in dovecot-1.2 tree.
Unfortunately there is one tiny, but essential change m
Timo Sirainen <[EMAIL PROTECTED]> writes:
> On Wed, 2008-10-22 at 16:15 +0200, Sascha Wilde wrote:
>> Timo Sirainen <[EMAIL PROTECTED]> writes:
>> > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
>> >> Sascha Wilde <[EMAIL PROTECTED]> writes:
&g
On Wed, 2008-10-22 at 16:15 +0200, Sascha Wilde wrote:
> Timo Sirainen <[EMAIL PROTECTED]> writes:
> > On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
> >> Sascha Wilde <[EMAIL PROTECTED]> writes:
> >>> [userdb-checkpassword]
>
> > The code
Timo Sirainen <[EMAIL PROTECTED]> writes:
> On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
>> Sascha Wilde <[EMAIL PROTECTED]> writes:
>>> [userdb-checkpassword]
> The code is now in dovecot-1.2 tree.
Thank you, that's great! The only thing I'm mi
On Oct 21, 2008, at 5:27 PM, Sascha Wilde wrote:
Sascha Wilde <[EMAIL PROTECTED]> writes:
Timo Sirainen <[EMAIL PROTECTED]> writes:
[...]
All of this forces that the checkpassword script developer either
handles the AUTHORIZED environment correctly or it doesn't work at
all
Sascha Wilde <[EMAIL PROTECTED]> writes:
> Timo Sirainen <[EMAIL PROTECTED]> writes:
> [...]
>> All of this forces that the checkpassword script developer either
>> handles the AUTHORIZED environment correctly or it doesn't work at
>> all. And it prevents
On Oct 20, 2008, at 10:40 PM, Timo Sirainen wrote:
Ever since I took these Human-Computer-Interfacing classes I've
started thinking about ways to make things more easier (and
foolproof). There was this one example about how difficult it was to
design a web page (about 10 years ago) that tol
On Oct 20, 2008, at 10:19 PM, Sascha Wilde wrote:
Ok, you convinced me that your concept has the advantage of forcing
the
checkpassword script author to try to implement all aspects of the
spec.
..
After all, nothing is foolproof to a sufficiently talented fool. ;-)
Sure, but I like it
Timo Sirainen <[EMAIL PROTECTED]> writes:
[...]
> All of this forces that the checkpassword script developer either
> handles the AUTHORIZED environment correctly or it doesn't work at
> all. And it prevents admin from accidentally using the script wrong.
Ok, you convinced
On Oct 20, 2008, at 8:57 PM, Sascha Wilde wrote:
Timo Sirainen <[EMAIL PROTECTED]> writes:
On Oct 20, 2008, at 8:00 PM, Sascha Wilde wrote:
My solution:
1. The userdb-only checkpassword script sees no AUTHORIZED in the
environment and returns with an exit code != 0[0]
You
Timo Sirainen <[EMAIL PROTECTED]> writes:
> On Oct 20, 2008, at 8:00 PM, Sascha Wilde wrote:
>
>> My solution:
>>
>>1. The userdb-only checkpassword script sees no AUTHORIZED in the
>> environment and returns with an exit code != 0[0]
>
> You a
On Oct 20, 2008, at 8:00 PM, Sascha Wilde wrote:
My solution:
1. The userdb-only checkpassword script sees no AUTHORIZED in the
environment and returns with an exit code != 0[0]
You assume that the script actually checks this. There's no
requirement that a userdb-only script
Timo Sirainen <[EMAIL PROTECTED]> writes:
> On Oct 20, 2008, at 7:08 PM, Sascha Wilde wrote:
>
>> I understand the idea now, but see above: we need the (userdb only)
>> checkpassword script to follow our rules anyway, so instead of doing
>> magic to the enviro
On Oct 20, 2008, at 7:08 PM, Sascha Wilde wrote:
I understand the idea now, but see above: we need the (userdb only)
checkpassword script to follow our rules anyway, so instead of doing
magic to the environment and checking for this in checkpassword-
reply it
should be sufficient for the
1 - 100 of 131 matches
Mail list logo