Hello, I am trying out 2.2.19.rc1 on a lightly loaded server with no problems so far. The reason I wanted to try 2.2.19.rc1 was to get access to the %{listener} variable in the auth phase so I can modify the SQL password_query according to which unix_listener is being queried. According to the docs, "These variables work only in Dovecot-auth and login_log_format_elements setting". I can confirm that %{listener} works in login_log_format_elements but it does not work if I use it in my SQL auth query. My logic is as follows: I create multiple listeners for different SASL authentications in 10 -master.conf service auth { unix_listener auth-userdb { mode = 0660 user = dovecot group = vmail } unix_listener exim-client { mode = 0660 user = dovecot group = exim } unix_listener xmpp-client { mode = 0660 user = dovecot group = mail } user = $default_internal_user } Now I want to use %{listener} in my SQL password_query in a case statement to auth according to which listener is being used. E.g. CASE '%{listener} ' \ WHEN 'exim-client' THEN ma.SMTPAUTH_allowed = 'YES' \ WHEN 'xmpp-client' THEN ma.XMPP_allowed = 'YES' \ ELSE ma.IMAP_allowed = 'YES' \ END Should the %{listener} variable work in this case ? -- Greg -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 473 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20150926/760a0776/attachment.sig>
On 26 Sep 2015, at 12:15, Greg Wildman <lists at itns.co.za> wrote:> > Hello, > > I am trying out 2.2.19.rc1 on a lightly loaded server with no problems > so far. The reason I wanted to try 2.2.19.rc1 was to get access to the > %{listener} variable in the auth phase so I can modify the SQL > password_query according to which unix_listener is being queried. > > According to the docs, "These variables work only in Dovecot-auth and > login_log_format_elements setting". I can confirm that %{listener} > works in login_log_format_elements but it does not work if I use it in > my SQL auth query.The docs were wrong - fixed now. Although I suppose auth could also have that..> Now I want to use %{listener} in my SQL password_query in a case > statement to auth according to which listener is being used. E.g. > > CASE '%{listener} ' \ > WHEN 'exim-client' THEN ma.SMTPAUTH_allowed = 'YES' \ > WHEN 'xmpp-client' THEN ma.XMPP_allowed = 'YES' \ > ELSE ma.IMAP_allowed = 'YES' \ > ENDTypically they would use a different service (smtp, xmpp, imap) and you'd use e.g.: protocol smtp { passdb { ... } } This of course trusts that the auth client sends the correct service.
Timo, I have to test something on one of the BSD, namely related to src/lib/net.c . -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca God,Queen and country!Never Satan President Republic!Beware AntiChrist rising! http://www.fullyfollow.me/rootnl2k Look at Psalms 14 and 53 on Atheism Time for Stephen to move on on Oct 19 2015!!