Hi Staff,
I'm creating the dovecot configuration for multiple user passwords
e-mail site. It's working well, but I've one problem - I can't
log, which password was used.
I'm using auth-sql, the query looks like:
password_query = \
SELECT `users`.`email` AS `user`, \
`shadow`.`passwd` AS `password`, \
FROM `shadow`
WHERE `shadow`.`email` = '%u' AND \
( ('%r'='127.0.0.1' AND `shadow`.`webmail`<>0) OR \
('%r'<>'127.0.0.1' AND `shadow`.`imap`<>0 AND \
`shadow`.`hash`='%{sha512;rounds=5000:password}') \
) LIMIT 1
The hash from random generated application password works as
the selector, which password should be checked.
It works fine, but in the log I have got only the e-mail and both
IP addresses. I need to log one more information - which password
was used (`shadow`.`id` column). It would be a great feature
to have one more extra variable, which I could set in this
query and which goes directly to log and nowhere else.
I have tried something like:
password_query = \
SELECT CONCAT(`users`.`email`,'#',`shadow`.`id`) AS `user`, ...
and then "repair it" in user_query:
SELECT `email` AS `user`
WHERE `email` = REGEXP_SUBSTR('%u','[^#]+')
and it even works well, except postfix-auth, which received email
with #number as the username and it was problematic.
So I'm kindly asking for this extra variable in next versions
of Dovecot ;)
Bogusław Juza
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
