Using userdb/passdb data in director_username_hash

Mark Moseley moseleymark at gmail.com
Fri Apr 12 21:44:07 EEST 2019


On Fri, Apr 12, 2019 at 11:14 AM Aki Tuomi <aki.tuomi at open-xchange.com>
wrote:

>
> > On 12 April 2019 21:09 Mark Moseley via dovecot <dovecot at dovecot.org>
> wrote:
> >
> >
> > TL;DR:
> >
> > Can director_username_hash use %{userdb:...} or %{passdb:...} ?
> >
> > ====================================
> >
> > This is on Ubuntu Precise, running dovecot 2.2.36. It's a fully
> production, director-ized env, so assume everything is working correctly.
> Happy to post doveconf if it's relevant but wanted to ask a general
> question first.
> >
> > I was curious if there's a way to get userdb/passdb data
> into director_username_hash. Currently, we've got default hashing (on %u).
> I'm returning a SQL field called 'real_username' (the owner of the mailbox,
> so almost never the same as %u). I'd like (for mdbox reasons) to hash on
> that rather than %u.
> >
> > My test SQL is returning (this is just a chunk -- it's duplicated for
> testing):
> > UserName AS userdb_real_username, UserName AS real_username
> >
> > I can see in my director boxes that it's at least picking up the latter:
> >
> > passdb out: PASS1user=tesbox at mailbox.comproxy=yreal_username=testuser
> >
> > Is it possible to inject 'real_username' into director_username_hash?
> That is, I'd rather hash on 'testuser' instead of 'testbed'.
> >
> > I've been trying different permutations on my director boxes with no
> luck.
> >
> > director_username_hash = %{userdb:real_username}
> > director_username_hash = %{passdb:real_username}
> > director_username_hash = %{userdb:userdb_real_username}
> > director_username_hash = %{passdb:userdb_real_username}
> >
> > With any of those settings, every mailbox gets hashed to the same
> backend, so I'm guessing it's not getting anything useful (i.e. probably
> resolving to the same empty string and hashing on that -- or perhaps is
> just hashing on the literal string, e.g. "%{userdb:real_username}" ).
> >
> > And I'm not even sure if director_username_hash has access to any
> passdb/userdb data. Is there a debug setting that would show what string
> director is using to do the hashing?
> >
> > Current debug settings are:
> >
> > auth_debug = yes
> > auth_debug_passwords = yes
> > mail_debug = yes
> >
> > but not a peep as to the string that director is hashing on.
>
> Hi!
>
> The only variables usable on director_username_hashing are (u)ser,
> user(n)ame and (d)omain.
>
>
Ok, thanks for the info!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://dovecot.org/pipermail/dovecot/attachments/20190412/7755423c/attachment-0001.html>


More information about the dovecot mailing list