[Dovecot] Accessing plain text password from memory
Stanislas SABATIER
stan at email-prive.net
Fri Dec 13 17:00:24 EET 2013
Thanks for the info, I'll dig this option.
Regards,
Stan.
Le 13 déc. 2013 à 15:47, Timo Sirainen <tss at iki.fi> a écrit :
> On 13.12.2013, at 16.37, Stanislas SABATIER <s.sabatier at pobox.com> wrote:
>
>> Is there a way to retrieve the client's password in plain text from memory ?
>>
>> I don't store the password in plain text in my postgreSQL but I need it
>> when the client is connected to make crypto computation.
>>
>> If I write a plugin to do the job, how could I retrieve the plain text
>> password from master ?
>
> Assuming you you're using passdb sql and userdb prefetch and you want to access the password in imap/pop3/etc process, you can do:
>
> password_query = '%w' as userdb_password, ...
>
> Then the password will be available the same way as plugin { password } would be available (mail_user_plugin_getenv()).
>
> You could also write a passdb plugin you could access the password directly from auth_request->mech_password.
>
More information about the dovecot
mailing list