On 10/05/19 10:10 AM, Richard Hector via dovecot wrote:
Hi all,
I'm currently using a PostgreSQL database for my user/password db, directly from dovecot. The trouble with that is that I'm stuck with whatever hash algorithms dovecot supports - which IIRC means (a subset of?) what libc has been compiled with, which can be a bit restrictive.
So I'd like to use an external tool, which would also let me integrate other applications (eg web apps).
PAM seems to be most suited to sharing accounts with the OS, which isn't what I want.
BSDAuth likewise, but I'm not using BSD.
CheckPassword looks like a somewhat convoluted protocol, but maybe the best bet?
IMAP - well, that's circular :-)
OAuth2 looks possible, but seems to be focused on http?
Any suggestions? And recommended implementations?
How hard is it to add extra methods?
No tips?
Are my requirements/preferences quite unusual?
Am I asking a silly question?
Am I misunderstanding/exaggerating the limitations of dovecot's/libc's algorithms?
Thanks, Richard