In order to change the password scheme I wrote a script named updateproxy that needs the plain text password from the user. To get that I use the line
password_query = SELECT username as user, password, \
'%w' as userdb_plain_pass FROM auth_user WHERE username='%n'
This works nicely with almost all passwords but not with this one
1234567%&/abcd
the error message being
dovecot: Failed to expand plugin setting plain_pass =
'1234567%&/abcd': Unknown variable '%&'
It seems to me that dovecot tries to do another level of variable evaluation upon the **value** of the already evaluated variable.
So I searched for ways to escape problematic characters like % and changed my line to
password_query = SELECT username as user, password, \
'%E{w}' as userdb_plain_pass FROM auth_user WHERE username='%n'
but this produces problems with password values containing quotes.
So how can I get a plain text password containing any ascii char (or even better any utf-8 char) safely to my script?
Thanks for your suggestions
-------------- here the nasty details, if you want ------------- $ dovecot -n # 2.3.7.2 (3c910f64b): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.7.2 () # OS: Linux 5.4.0-122-generic x86_64 Ubuntu 20.04.4 LTS # Hostname: mx-10-2.bildung.hessen.de auth_mechanisms = plain login auth_username_chars = abcdefghijklmnopqrstuvwxyz_0123456789.ABCDEFGHIJKLMNOPQRSTUVWXYZ-@ lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_location = maildir:~/Maildir mail_privileged_group = mail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Junk { auto = subscribe special_use = \Junk } mailbox Sent { auto = subscribe special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { # the following file contains a '%w'-line args = /etc/dovecot/db1.conf driver = sql } passdb { # the following file contains a '%w'-line args = /etc/dovecot/db2.conf driver = sql } passdb { # the following file contains no '%w'-line (just for detail) args = /etc/dovecot/db3.conf driver = sql } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_max_actions = 64 sieve_max_redirects = 16 sieve_max_script_size = 10M sieve_trace_debug = yes sieve_user_log = ~/sievelog sieve_vacation_dont_check_recipient = yes sieve_vacation_use_original_recipient = yes } protocols = imap sieve lmtp service auth { unix_listener /var/spool/postfix/private/dovecot-auth { group = postfix mode = 0660 user = postfix } } service imap { executable = imap after-login } service lmtp { unix_listener /var/spool/postfix/private/dovecot-lmtp { group = postfix mode = 0660 user = postfix } } service after-login { executable = script-login /etc/dovecot/updateproxy user = vmail } service stats { unix_listener stats-reader { group = mail mode = 0666 } unix_listener stats-writer { group = mail mode = 0666 } } ssl_cert = was automatically rejected:%n%r } protocol imap { imap_client_workarounds = delay-newmail mail_max_userip_connections = 300 }