[Dovecot] Proxy with MasterUser + Authentication issues
Cassidy B. Larson
alandaluz at gmail.com
Sun Dec 17 19:27:26 UTC 2006
Per Timo's direction, I decided to give the MasterUser a try in connecting
my proxy to my destination server.
This might allow for the use of 'secure password' for my clients that like
to check that box by default.
A couple of problems I'm running into running RC15:
#1: My Proxy's SQL password_query line:
password_query = SELECT a.clearpasswd AS password, v.storeIP AS host,
CONCAT(v.userID,'*someuser') AS destuser, 'Y' AS nologin, 'Y' AS nodelay,
'Y' AS proxy, 'somepass' AS pass FROM iwmailsystem.virtmailbox AS v NATURAL
JOIN authenticate.users AS a WHERE
v.userID = '%u' and v.imap_active = 1
I'm wanting to authenticate the user on the proxy before I send it off via
the MasterUser to the destination server. However, I show this in the logs:
Info: auth(default): client in: AUTH 1 PLAIN service=IMAP lip=
x.y.z.a rip=a.b.c.d resp=AGJ1dGNoQGluZm93ZXN0LmNvbQBzZWNyZXQ=
Info: auth-worker(default): sql(user at host.com,a.b.c.d): query: SELECT
a.clearpass
wd AS password, v.storeIP AS host, CONCAT(v.userID,'*someuser') AS
destuser, 'Y' AS nologin, 'Y' AS nodelay, 'Y' AS p
roxy, 'somepass' AS pass FROM iwmailsystem.virtmailbox AS v NATURAL JOIN
authenticate.users AS a WHERE v.userID = 'user at host.com'
and v.imap_active = 1
Error: auth(default): file auth-request.c: line 207
(auth_request_save_cache): assertion failed: (extra_fields == NULL ||
(strstr(extra_fields, "\tpass=") == NULL && strncmp(extra_fields, "pass=",
5) != 0))
Error: child 54122 (auth) killed with signal 6
The Wiki showed I should return a 'pass' column. However, that's choking the
query up in auth-request.c. Could it be the "\tpass" from auth-request.c?
If I change user at host.com's password to 'someass' and remove the 'pass'
column from the password_query, it authenticates, and proxy's over just
fine. Am I doing something wrong? I want to authenticate the user locally on
the proxy and pass off the 'master password' to the proxy, but using 'pass'
doesnt work. 'password' column does. Doesnt help me though for my situation
:)
Problem #2:
I'm wanting to put the masteruser/pass in the database for quick retrieval
and updating.
So I setup dovecot.conf as:
passdb sql {
# Path for SQL configuration file, see doc/dovecot-sql.conf for example
args = /usr/local/etc/dovecot-sql.conf
master=yes
#pass=yes
}
passdb passwd {
}
and dovecot-sql.conf with:
password_query = SELECT '%u' AS user, 'master-password' AS password
Trying to connect locally with a "telnet localhost 143" via:
1 login user at host.com*someuser "somepass"
Give me this in the detail log file:
Info: auth(default): client in: AUTH 1 PLAIN service=IMAP lip=
a.b.c.d rip=w.x.y.z
resp=AGJ1dGNoQGluZm93ZXN0LmNvbSphZG1pbkBpbmZvd2VzdC5jb20AbWFzdGVyLXBhc3N3b3Jk
Error: auth-worker(default): BUG: PASSV had invalid passdb ID
Warning: Killed with signal 15
I am able to successfully authenticate with the master user/pass if I store
it in a passdb file.
However, I'd prefer to have it in the database for obvious reasons.
Any help to the above would be appreciated.
thanks,
Cassidy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://dovecot.org/pipermail/dovecot/attachments/20061217/0b66e7a4/attachment.html
More information about the dovecot
mailing list