Extracting CLIENTID information from checkpassword or postlogin scripting
Hello,
When extracting client_id information from the client connection (i.e. setting imap_id_log = *) the information is directly logged by Dovecot as such: ID sent: name=Thunderbird, version=91.5.0
My question is, Is it possible to export/set this information in a checkpassword script or a postlogin script?
client_id
If|imap_id_retain| https://doc.dovecot.org/settings/core/#core_setting-imap_id_retainis enabled this variable is populated with the client ID request as IMAP arglist.
I've enabled both checkpassword and postlogin on a test server, as well as 'imap_id_retain' set to 'yes'. I wrote a simple Perl script that dumps everything in %ENV as well as @ARGV for checkpassword and postlogin, but I don't see any occurrences of ID information. I've also tried to see if I could supply that variable in dovecot.conf by setting 'client_id' as a parameter, but that didn't seem to do the trick either.
passdb {
...
# Doesn't work
args = /usr/local/bin/checkpassword.pl client_id
# Doesn't work
args = /usr/local/bin/checkpassword.pl %{client_id}...
}
What am I missing? Is it possible to get these variables into an external script that checkpassword or postlogin executes?
Thanks.
On 17. Jan 2022, at 21.25, Dan Conway darkc0de@archnix6.net wrote:
Hello,
When extracting client_id information from the client connection (i.e. setting imap_id_log = *) the information is directly logged by Dovecot as such: ID sent: name=Thunderbird, version=91.5.0
My question is, Is it possible to export/set this information in a checkpassword script or a postlogin script?
client_id If imap_id_retain https://doc.dovecot.org/settings/core/#core_setting-imap_id_retain is enabled this variable is populated with the client ID request as IMAP arglist.
I've enabled both checkpassword and postlogin on a test server, as well as 'imap_id_retain' set to 'yes'. I wrote a simple Perl script that dumps everything in %ENV as well as @ARGV for checkpassword and postlogin, but I don't see any occurrences of ID information. I've also tried to see if I could supply that variable in dovecot.conf by setting 'client_id' as a parameter, but that didn't seem to do the trick either.
passdb { ... # Doesn't work args = /usr/local/bin/checkpassword.pl client_id
# Doesn't work args = /usr/local/bin/checkpassword.pl %{client_id} ... }
What am I missing? Is it possible to get these variables into an external script that checkpassword or postlogin executes?
Is your client sending IMAP ID pre login?
Sami
On 17/01/2022 21:33 Sami Ketola sami@ketola.io wrote:
On 17. Jan 2022, at 21.25, Dan Conway darkc0de@archnix6.net wrote:
Hello, When extracting client_id information from the client connection (i.e. setting imap_id_log = *) the information is directly logged by Dovecot as such: ID sent: name=Thunderbird, version=91.5.0
My question is, Is it possible to export/set this information in a checkpassword script or a postlogin script? client_id Ifimap_id_retain (https://doc.dovecot.org/settings/core/#core_setting-imap_id_retain)is enabled this variable is populated with the client ID request as IMAP arglist. I've enabled both checkpassword and postlogin on a test server, as well as 'imap_id_retain' set to 'yes'. I wrote a simple Perl script that dumps everything in %ENV as well as @ARGV for checkpassword and postlogin, but I don't see any occurrences of ID information. I've also tried to see if I could supply that variable in dovecot.conf by setting 'client_id' as a parameter, but that didn't seem to do the trick either.
passdb { ... # Doesn't work args = /usr/local/bin/checkpassword.pl client_id
# Doesn't work args = /usr/local/bin/checkpassword.pl %{client_id}
... }
What am I missing? Is it possible to get these variables into an external script that checkpassword or postlogin executes?
Is your client sending IMAP ID pre login?
Sami
You should use auth-lua instead of checkpassword script. Then you can extract auth variables easily.
Aki
participants (3)
-
Aki Tuomi
-
Dan Conway
-
Sami Ketola