[Dovecot] Accessing plain text password from memory
Timo Sirainen
tss at iki.fi
Fri Dec 13 16:47:23 EET 2013
On 13.12.2013, at 16.37, Stanislas SABATIER <s.sabatier at pobox.com> wrote:
> Is there a way to retrieve the client's password in plain text from memory ?
>
> I don't store the password in plain text in my postgreSQL but I need it
> when the client is connected to make crypto computation.
>
> If I write a plugin to do the job, how could I retrieve the plain text
> password from master ?
Assuming you you're using passdb sql and userdb prefetch and you want to access the password in imap/pop3/etc process, you can do:
password_query = '%w' as userdb_password, ...
Then the password will be available the same way as plugin { password } would be available (mail_user_plugin_getenv()).
You could also write a passdb plugin you could access the password directly from auth_request->mech_password.
More information about the dovecot
mailing list