Hello,
I am trying out 2.2.19.rc1 on a lightly loaded server with no problems
so far. The reason I wanted to try 2.2.19.rc1 was to get access to the
%{listener} variable in the auth phase so I can modify the SQL
password_query according to which unix_listener is being queried.
According to the docs, "These variables work only in Dovecot-auth and
login_log_format_elements setting". I can confirm that %{listener}
works in login_log_format_elements but it does not work if I use it in
my SQL auth query.
My logic is as follows:
I create multiple listeners for different SASL authentications in 10
-master.conf
service auth {
unix_listener auth-userdb {
mode = 0660
user = dovecot
group = vmail
}
unix_listener exim-client {
mode = 0660
user = dovecot
group = exim
}
unix_listener xmpp-client {
mode = 0660
user = dovecot
group = mail
}
user = $default_internal_user
}
Now I want to use %{listener} in my SQL password_query in a case
statement to auth according to which listener is being used. E.g.
CASE '%{listener} ' \
WHEN 'exim-client' THEN ma.SMTPAUTH_allowed = 'YES' \
WHEN 'xmpp-client' THEN ma.XMPP_allowed = 'YES' \
ELSE ma.IMAP_allowed = 'YES' \
END
Should the %{listener} variable work in this case ?
--
Greg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part
URL:
<http://dovecot.org/pipermail/dovecot/attachments/20150926/760a0776/attachment.sig>
On 26 Sep 2015, at 12:15, Greg Wildman <lists at itns.co.za> wrote:> > Hello, > > I am trying out 2.2.19.rc1 on a lightly loaded server with no problems > so far. The reason I wanted to try 2.2.19.rc1 was to get access to the > %{listener} variable in the auth phase so I can modify the SQL > password_query according to which unix_listener is being queried. > > According to the docs, "These variables work only in Dovecot-auth and > login_log_format_elements setting". I can confirm that %{listener} > works in login_log_format_elements but it does not work if I use it in > my SQL auth query.The docs were wrong - fixed now. Although I suppose auth could also have that..> Now I want to use %{listener} in my SQL password_query in a case > statement to auth according to which listener is being used. E.g. > > CASE '%{listener} ' \ > WHEN 'exim-client' THEN ma.SMTPAUTH_allowed = 'YES' \ > WHEN 'xmpp-client' THEN ma.XMPP_allowed = 'YES' \ > ELSE ma.IMAP_allowed = 'YES' \ > ENDTypically they would use a different service (smtp, xmpp, imap) and you'd use e.g.: protocol smtp { passdb { ... } } This of course trusts that the auth client sends the correct service.
Timo, I have to test something on one of the BSD, namely related to src/lib/net.c . -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for Stephen to move on on Oct 19 2015!!