[Dovecot] APOP and AuthDatabase/SQL
Hi,
We're running dovecot 1.2.15 and use SQL authentication. We'd like to be able to support APOP, but can't see how this would fit in with SQL auth.
Currently we have:
password_query = SELECT email as user, password FROM virtual_users WHERE email='%u' or (email LIKE '%n@%%' AND unhashed='%w')
It seems that in order to auth APOP logins, we'd need to access variables containing the authentication string sent by the client, and also variables containing the auth string sent in the POP3 greeting.
Incidentally, the RFC (1939) suggests using:
<pid.time@hostname>for the greeting, but it looks as if dovecot uses something else? I'm seeing greetings such as:
+OK Dovecot ready. 260f.4abcc.4ef11550.cJD6sQSUSnmPS1B/5RGF0Q==@myhostname.com
base64 encoding?
Thanks in advance, Peter Smith
On 21.12.2011, at 1.08, Peter Smith wrote:
We're running dovecot 1.2.15 and use SQL authentication. We'd like to be able to support APOP, but can't see how this would fit in with SQL auth.
Currently we have:
password_query = SELECT email as user, password FROM virtual_users WHERE email='%u' or (email LIKE '%n@%%' AND unhashed='%w')
It seems that in order to auth APOP logins, we'd need to access variables containing the authentication string sent by the client, and also variables containing the auth string sent in the POP3 greeting.
The only way to get it working is to have the password_query return the password in plaintext, so Dovecot can do the APOP check. There's no way to get the APOP greeting string.
participants (2)
-
Peter Smith
-
Timo Sirainen