[Dovecot] vmailmgr user database

Mij mij at bitchx.it
Mon Sep 19 14:59:44 EEST 2005 

On 18/set/05, at 18:20, Timo Sirainen wrote:

>> If not, i'd like to help out. Is there a standard API to
>> implement or such? Is there some further documentation
>> to avoid a full inspection of the sources?
>
> A bit late, but if you haven't yet done anything:
>
> src/auth/userdb.h and passdb.h
>
> And lots of examples as the existing userdb*.c and passdb*.c
>
> Password and user database lookups are separated. If vmailmgr wants to
> reply both at the same time, you can store the userdb result into
> auth_request->extra_fields and use "userdb passdb", the same way as
> passdb-checkpassword.c works.

I looked at the -stable srcs before posting this, so I didn't find
the checkpassword featured in the -alpha.

with dovecot supporting checkpassword, there wouldn't be need
for a custom module for vmailmgr anymore, as it also provides
a checkpassword-compatible authenticator "checkvpw".

There's one difference between them, that is that checkvpw
wants a 3rd argument on the ocmmand "maildir". In spite of
what says checkvpw's man page speaks differently, auth doesn't
work at all if you don't do this:

michele at n0tion:507:> checkvpw /usr/bin/true 3<myfile
michele at n0tion:508:> echo $?
111
michele at n0tion:509:> checkvpw /usr/bin/true maildir 3<myfile
michele at n0tion:510:> echo $?
0

  Since you can't pass more arguments to a mechanism from
the config file, you have to hack passdb-checkpassword.c in
checkpassword_verify_plain_child():

char *args[3];
[...]
	args[0] = checkpassword_path;
	args[1] = checkpassword_reply_path;
	args[2] = NULL;
[...]


to
char *args[4];
[...]
	args[0] = checkpassword_path;
	args[1] = checkpassword_reply_path;
	args[3] = "maildir";
	args[4] = NULL;
[...]

shitish approach, but this is what i've done to try out first.
Unfortunately and mysteriously, this wasn't successful anyway
(login failed). I suppose this is because I used "passwd" for
userdb, but I didn't do homework studying dovecot docs so
I may be out of track.

checkpassword ignores further args on its command line, so
to get two working in 1 source adding permanently the 3rd
argument "maildir" in passdb-checkpassword.c could be a
solution, even if not that elegant.

In the end, probably realizing a module for vmailmgr on its
own would be the best solution, this way you can get both
userdb and passdb acting separately with some great
offence to information hiding wrt vmailmgr. In the poor 2
hours I spent lookin in the code I didn't catch that good
what's this separation useful for, however. I mean, you
should just care about user account infos when the user
itself authenticates, when otherwise?

besides that, the design and the code is very clean. comment
a bit more if you like external contributions!!

I will put hands back on this by the next week end, I have uni
engagements this week.

ciao

More information about the dovecot mailing list