Hi,
I'm writing a checkpassword script in order to support our OTP token as a fallback for client certificate authentication. Here are two questions:
It seems to me that the username and the password will be delivered to my script both on file descriptor 3 and via the environment variables AUTH_USER and AUTH_PASSWORD. May I ignore file descriptor 3 and use the environment variables or may it happen that these variables will have differnet content from what is sent via fd 3?
There seems to be some undocumented interaction between dovecot and my script via file descriptor 4. Seems that whatever I write to fd 4 will show up in syslog (unless it contains newlines). Can I use this "feature" to send error messages from my script to dovecot? What data does dovecot expect on fd 4?
Peter