Using userdb/passdb data in director_username_hash

Aki Tuomi aki.tuomi at open-xchange.com
Fri Apr 12 21:14:14 EEST 2019


> On 12 April 2019 21:09 Mark Moseley via dovecot <dovecot at dovecot.org> wrote:
> 
> 
> TL;DR:
> 
> Can director_username_hash use %{userdb:...} or %{passdb:...} ?
> 
> ====================================
> 
> This is on Ubuntu Precise, running dovecot 2.2.36. It's a fully production, director-ized env, so assume everything is working correctly. Happy to post doveconf if it's relevant but wanted to ask a general question first.
> 
> I was curious if there's a way to get userdb/passdb data into director_username_hash. Currently, we've got default hashing (on %u). I'm returning a SQL field called 'real_username' (the owner of the mailbox, so almost never the same as %u). I'd like (for mdbox reasons) to hash on that rather than %u.
> 
> My test SQL is returning (this is just a chunk -- it's duplicated for testing):
> UserName AS userdb_real_username, UserName AS real_username
> 
> I can see in my director boxes that it's at least picking up the latter:
> 
> passdb out: PASS1user=tesbox at mailbox.comproxy=yreal_username=testuser
> 
> Is it possible to inject 'real_username' into director_username_hash? That is, I'd rather hash on 'testuser' instead of 'testbed'.
> 
> I've been trying different permutations on my director boxes with no luck.
> 
> director_username_hash = %{userdb:real_username}
> director_username_hash = %{passdb:real_username}
> director_username_hash = %{userdb:userdb_real_username}
> director_username_hash = %{passdb:userdb_real_username}
> 
> With any of those settings, every mailbox gets hashed to the same backend, so I'm guessing it's not getting anything useful (i.e. probably resolving to the same empty string and hashing on that -- or perhaps is just hashing on the literal string, e.g. "%{userdb:real_username}" ).
> 
> And I'm not even sure if director_username_hash has access to any passdb/userdb data. Is there a debug setting that would show what string director is using to do the hashing?
> 
> Current debug settings are:
> 
> auth_debug = yes
> auth_debug_passwords = yes
> mail_debug = yes
> 
> but not a peep as to the string that director is hashing on.

Hi!

The only variables usable on director_username_hashing are (u)ser, user(n)ame and (d)omain.

Aki


More information about the dovecot mailing list