[Dovecot] New userdb backend for checkpassword like programs
Sascha Wilde
wilde at intevation.de
Mon Oct 20 18:26:04 EEST 2008
Timo Sirainen <tss at iki.fi> writes:
> On Fri, 2008-10-17 at 19:04 +0200, Sascha Wilde wrote:
>> http://hg.intevation.org/kolab/dovecot-1.2_kolab-branch/
>>
>> Timo, what would be needed to get the new back end upstream?
>
> Some small things:
>
> - rename checkpassword-common.c to db-checkpassword.c so it's
> consistent with others.
[x] done
> - userdb checkpassword is a new dovecot-specific extension, so you can
> drop all vpopmail etc. exit code handlers. Just 3 needed: success, user
> doesn't exist and internal error (also being the default).
[x] done
Currently the code handles only two cases: success and (any kind of)
error. The passdb-checkpassword stuff seems not to handle "user
doesn't exist" in any special way, so I don't see why the userdb
backend should.
> - a valid userdb checkpassword script shouldn't be a valid passdb
> checkpassword script to avoid accidents. I guess this could be done by
I don't agree here. I think it would be ok to have only one
checkpassword executable to handle both cases.
> 1) Require userdb scripts to set USERDB environment.
>
> 2) checkpassword-reply checks if USERDB environment is set. If it is,
> return exit code 2 instead of 0.
>
> 3) userdb-checkpassword.c's success exit code is 2. exit code 0 would
> produce failure.
>
> Hmm. Or perhaps instead of USERDB change the AUTHORIZED environment's
> value to something else.
1) I fully agree that it is a very good idea that, if AUTHORIZED is set
checkpassword-reply should return something != 0 at success and
userdb-checkpassword should expect this very value.
I'll implement that.
2) I don't understand why the checkpassword program[0] should change the
environment in any way.
cheers
sascha
[0] I guess that's what you mean by "userdb scripts"
--
Sascha Wilde OpenPGP key: 4BB86568
http://www.intevation.de/~wilde/ http://www.intevation.de/
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück; AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 188 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20081020/d22ebcdb/attachment.bin
More information about the dovecot
mailing list