I was kinda hoping it would've shown bit more details. But, looks like you've
ran into a bug. Lua passdb does not export fields in case return value is not
OK or NEXT. I'll file this to your bug tracker.
Aki
> On 23/01/2025 17:20 EET Arkadiusz Miśkiewicz via dovecot
> <dovecot@dovecot.org> wrote:
>
>
> On 23/01/2025 14:23, Aki Tuomi wrote:
> > Can you post auth_debug=yes logs?
>
>
> Attaching here (as quotation):
>
> > Jan 23 15:10:24 webx dovecot[10752]: auth: Debug: client in: AUTH 1
> > PLAIN service=imap session=qZ/XK2As7rsKFhKW
> > lip=10.22.18.200 rip=10.22.18.150 lport=143 rport=48110
> > resp=<hidden>
> > Jan 23 15:10:24 webx dovecot[10752]: auth: Debug:
> > lua(test,10.22.18.150,<qZ/XK2As7rsKFhKW>): Performing passdb lookup
> > Jan 23 15:10:24 webx dovecot[10752]: auth: Debug:
> > lua(test,10.22.18.150,<qZ/XK2As7rsKFhKW>): cache miss
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10770): Debug: conn
> > unix:auth-worker (pid=10801,uid=172): Server accepted connection (fd=13)
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10770): Debug: conn
> > unix:auth-worker (pid=10801,uid=172): Sending version handshake
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10770): Debug: conn
> > unix:auth-worker (pid=10801,uid=172): auth-worker<1>: Handling PASSV request
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10770): Debug: conn
> > unix:auth-worker (pid=10801,uid=172): auth-worker<1>:
> > lua(test,10.22.18.150,<qZ/XK2As7rsKFhKW>): Performing passdb lookup
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10770): Debug: conn
> > unix:auth-worker (pid=10801,uid=172): auth-worker<1>:
> > lua(test,10.22.18.150,<qZ/XK2As7rsKFhKW>): Calling auth_password_verify
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10770): Debug: conn
> > unix:auth-worker (pid=10801,uid=172): auth-worker<1>:
> > lua(test,10.22.18.150,<qZ/XK2As7rsKFhKW>): Finished passdb lookup
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10770): Debug: conn
> > unix:auth-worker (pid=10801,uid=172): auth-worker<1>: Finished:
> > user_disabled
> > Jan 23 15:10:24 webx dovecot[10752]: auth: Debug:
> > lua(test,10.22.18.150,<qZ/XK2As7rsKFhKW>): Finished passdb lookup
> > Jan 23 15:10:24 webx dovecot[10752]: auth: Debug:
> > auth(test,10.22.18.150,<qZ/XK2As7rsKFhKW>): Auth request finished
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10803): Debug: Loading
> > modules from directory: /usr/lib64/dovecot/plugins/auth
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10803): Debug: Module
> > loaded: /usr/lib64/dovecot/plugins/auth/lib20_auth_var_expand_crypt.so
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10803): Debug: Module
> > loaded: /usr/lib64/dovecot/plugins/auth/libdriver_mysql.so
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10803): Debug: Module
> > loaded: /usr/lib64/dovecot/plugins/auth/libdriver_pgsql.so
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10803): Debug: Module
> > loaded: /usr/lib64/dovecot/plugins/auth/libdriver_sqlite.so
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10803): Debug: Loading
> > modules from directory: /usr/lib64/dovecot/plugins/auth
> > Jan 23 15:10:24 webx dovecot[10752]: auth-worker(10803): Debug: Module
> > loaded: /usr/lib64/dovecot/plugins/auth/libauthdb_lua.so
> > Jan 23 15:10:29 webx dovecot[10752]: auth: Debug: client passdb out: FAIL
> > 1 user=test code=user_disabled
> > Jan 23 15:10:29 webx dovecot[10752]: imap-login: Disco
>
>
> >
> > Aki
> >
> >> On 23/01/2025 13:26 EET Arkadiusz Miśkiewicz via dovecot
> >> <dovecot@dovecot.org> wrote:
> >>
> >>
> >> Hello.
> >>
> >>
> >> Trying to pass reason response via lua by passing it at
> >> dovecot.auth.PASSDB_RESULT_USER_DISABLED like:
> >>
> >>
> >> function auth_password_verify(request, password)
> >> return dovecot.auth.PASSDB_RESULT_USER_DISABLED,
> >> "reason=custom_message"
> >>
> >> end
> >>
> >> function auth_userdb_lookup(request)
> >> return dovecot.auth.PASSDB_RESULT_OK, "uid=428671 gid=9726
> >> home=/var/mail/existusertest"
> >>
> >> end
> >>
> >> function script_init()
> >> return 0
> >> end
> >>
> >> function script_deinit()
> >> end
> >>
> >>
> >> Unfortunately returned result contains no custom message and also
> >> returns AUTHENTICATIONFAILED instead of CONTACTADMIN:
> >>
> >> NO [AUTHENTICATIONFAILED] Authentication failed.
> >>
> >> while I would expect something like:
> >>
> >> NO [CONTACTADMIN] custom_message:
> >>
> >> Any reason for such behaviour and how to get reason passed and proper
> >> CONTACTADMIN?
> >>
> >> Tests done on 2.3.21.1.
> >>
> >> passdb {
> >> driver = lua
> >> mechanisms = login plain
> >> args = file=/etc/dovecot/lua_auth_script_test_fail.lua blocking=yes
> >> }
> >>
> >>
> >> userdb {
> >> driver = lua
> >> args = file=/etc/dovecot/lua_auth_script_test_fail.lua blocking=yes
> >> }
> >>
> >> --
> >> Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
> >>
> >> _______________________________________________
> >> dovecot mailing list -- dovecot@dovecot.org
> >> To unsubscribe send an email to dovecot-le...@dovecot.org
> >
>
>
> --
> Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
> _______________________________________________
> dovecot mailing list -- dovecot@dovecot.org
> To unsubscribe send an email to dovecot-le...@dovecot.org
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
