search for: auth_request_log_info

...52:08.000000000 -0700 +++ dovecot-1.0.13-jgg/src/auth/mech-gssapi.c 2008-08-11 23:52:15.000000000 -0600 @@ -101,6 +101,13 @@ gss_name_t gss_principal; const char *service_name; + if (strcmp(request->auth->gssapi_hostname,"$ALL") == 0) { + auth_request_log_info(request, "gssapi", + "Using all keytab entires"); + *ret = GSS_C_NO_CREDENTIAL; + return GSS_S_COMPLETE; + } + if (strcasecmp(request->service, "POP3") == 0) { /* The standard POP3 service...

...her userdbs */ auth_request_log_error(auth_request, "prefetch", "passdb didn't return userdb entries"); } else { /* more userdbs, they may know the user */ auth_request_log_info(auth_request, "prefetch", "passdb didn't return userdb entries"); } callback(USERDB_RESULT_USER_UNKNOWN, auth_request); return; } is this really correct? if so it migth be a good idea...

...t;->->->->->->->->->->->->-> Hi Alessio, i spent over 5 hours looking for a solution to this problem and i found one working for me in dovecot sources edit src/auth/passdb-vpopmail.c than add char *remotehost = net_ip2addr(&auth_request->remote_ip); auth_request_log_info(auth_request, "vpopmail", "remote ip is: %s", remotehost); before if (((vpw->pw_gid & NO_IMAP) != 0 && line than modify the condition line to look like: if (((vpw->pw_gid & NO_IMAP) != 0 && ? ? ? ? ? ? ?strcmp(auth_request->service, "IMAP...

Using kmail with PLAIN authentication worked fine with beta3 but trying it with beta4 authentication fails. This is because kmail sends "username \0 username \0 password" in the authorization token and the new code to call auth_request_set_login_username() when supplied an authid must be returning failure (certainly commenting this code out returns to the beta3 behaviour of

...ode 'passdb-vpopmail.c' (below) that if the clear password (pw_clear_passwd) is present Dovecot skips the hashed password (pw_passwd), and we want authentication against the hashed password. <snippet> if (vpopmail_is_disabled(auth_request, vpw)) { auth_request_log_info(auth_request, AUTH_SUBSYS_DB, "%s disabled in vpopmail for this user", auth_request->service); password = NULL; *result_r = PASSDB_RESULT_USER_DISABLED; } else...

...ls, size), ","); + + iter = atoi(fields[0]); + salt = fields[1]; + + len = strlen(fields[2]); + request->stored_key = buffer_create_dynamic(request->pool, + MAX_BASE64_DECODED_SIZE(len)); + if (base64_decode(fields[2], len, NULL, + request->stored_key) < 0) { auth_request_log_info(auth_request, "scram-sha-1", - "password mismatch"); + "Invalid base64 encoding" + "of StoredKey in passdb"); auth_request_fail(auth_request); - } else { - server_final_message = get_scram_server_final(request); - auth_r...

Quoting Aki Tuomi <aki.tuomi at open-xchange.com>: > On 03.10.2018 23:30, Eric Broch wrote: >> Hello list, >> >> I run Dovecot with the vpopmail driver and have found that it >> authenticates against the clear text password in the vpopmail >> database. Is there a configuration option either at compile time, link >> time, or a setting in one of the

...gt;> clear password (pw_clear_passwd) is present Dovecot skips the >> hashed password (pw_passwd), and we want authentication against the >> hashed password. >> >> <snippet> >> if (vpopmail_is_disabled(auth_request, vpw)) { >> auth_request_log_info(auth_request, AUTH_SUBSYS_DB, >> "%s disabled in vpopmail for >> this user", >> auth_request->service); >> password = NULL; >> *result_r = PASSDB_...

...xist in the first passdb (deny passdb), then the error occur, even if it exists in the other passdb. This is normal, but auth_verbose shouldn't be used only to " Log unsuccessful authentication attempts and the reasons why they failed." ?? Again, I'm not a programmer, but 'auth_request_log_info' function in 'https://github.com/dovecot/core/blob/release-2.2.33/src/auth/auth-request.c' seems to log events only when 'auth_verbose=yes'. Is there another way to get deny passdb match messages, without enable verbose log ? Thanks, Marco -- Marco Giunta - ITCS SysA...

...at in the code 'passdb-vpopmail.c' (below) that if the clear password (pw_clear_passwd) is present Dovecot skips the hashed password (pw_passwd), and we want authentication against the hashed password. <snippet> if (vpopmail_is_disabled(auth_request, vpw)) { auth_request_log_info(auth_request, AUTH_SUBSYS_DB, "%s disabled in vpopmail for this user", auth_request->service); password = NULL; *result_r = PASSDB_RESULT_USER_DISABLED; } else {...

...ervice, "IMAP") == 0) || + strcasecmp(auth_request->service, "IMAP") == 0) || ((vpw->pw_gid & NO_POP) != 0 && - strcmp(auth_request->service, "POP3") == 0)) { + strcasecmp(auth_request->service, "POP3") == 0)) { auth_request_log_info(auth_request, "vpopmail", "%s disabled", auth_request->service); password = NULL; @@ -101,8 +101,8 @@ } #ifdef HAVE_VPOPMAIL_OPEN_SMTP_RELAY - if (strcmp(request->service, "POP3") == 0 || - strcmp(request->service, "IMAP") == 0)...

...;passdb-vpopmail.c' (below) that if the clear password (pw_clear_passwd) is present Dovecot skips the hashed password (pw_passwd), and we want authentication against the hashed password. > > <snippet> > if (vpopmail_is_disabled(auth_request, vpw)) { > auth_request_log_info(auth_request, AUTH_SUBSYS_DB, > "%s disabled in vpopmail for this user", > auth_request->service); > password = NULL; > *result_r = PASSDB_RESULT_USER_DISABLED; &...

...(pw_clear_passwd) is present Dovecot skips the >>> hashed password (pw_passwd), and we want authentication against >>> the hashed password. >>> >>> <snippet> >>> ? ? ? ?if (vpopmail_is_disabled(auth_request, vpw)) { >>> ? ? ? ? ? ? ? ?auth_request_log_info(auth_request, AUTH_SUBSYS_DB, >>> ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?"%s disabled in vpopmail for >>> this user", >>> ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?auth_request->service); >>> ? ? ? ? ? ? ? ?password = NULL; >>> ? ? ? ? ? ? ? ?*re...

....1, lip=127.0.0.1, secured ======================================= It appears that the cause of these log messages are the following lines of code in src/auth/passdb-bsdauth.c ==== src/auth/passdb-bsdauth.c ======== 29 if (!IS_VALID_PASSWD(pw->pw_passwd)) { 30 auth_request_log_info(request, "bsdauth", 31 "invalid password field"); 32 callback(PASSDB_RESULT_USER_DISABLED, request); 33 return; 34 } ======================================= These lines seem to req...

Hi, We are trying to implement a highly secure mail server with user authentication restricted to SSL certificates only (not using passwords at all). Still, user information is stored in a LDAP directory. In this configuration LDAP is used to check whether the user is registered (and probably supply quota and other info), and actual authentication is done by SSL layer. According to wiki, a

...est) +static bool auth_request_master_lookup_finish(struct auth_request *request, + bool submit) /* APPLE - urlauth */ { if (request->passdb_failure) return TRUE; /* master login successful. update user and master_user variables. */ + + /* APPLE - urlauth */ + if (submit) + auth_request_log_info(request, "passdb", + "Submit user logging in as %s", + request->requested_login_user); + else /* reduce code deltas */ auth_request_log_info(request, "passdb", "Master user logging in as %s", request->requested_login_user);...