search for: passdb_result_user_disabled

...ts the extra_field and returns some error (authentication was not successful) so that the "real" passdb backend can be invoked to "really" validate the authentication data. However, in auth_request_handle_passdb_callback() the extra_fields are reseted unless the return code is PASSDB_RESULT_USER_DISABLED. But if that return code is used then any following passdb's aren't invoked any more - which makes sense with respect to user authenticiation. I would therefore like to propose that some IGNORE/CONTINUE-status to be introduced in auth/passdb.h, that would be handled in that extra_fields and...

...)) { auth_request_log_info(auth_request, AUTH_SUBSYS_DB, "%s disabled in vpopmail for this user", auth_request->service); password = NULL; *result_r = PASSDB_RESULT_USER_DISABLED; } else { if (vpw->pw_clear_passwd != NULL && *vpw->pw_clear_passwd != '\0') { password = t_strdup_noconst(vpw->pw_clear_passwd); *cleartext = TRUE; } else if...

Quoting Aki Tuomi <aki.tuomi at open-xchange.com>: > On 03.10.2018 23:30, Eric Broch wrote: >> Hello list, >> >> I run Dovecot with the vpopmail driver and have found that it >> authenticates against the clear text password in the vpopmail >> database. Is there a configuration option either at compile time, link >> time, or a setting in one of the

...og_info(auth_request, AUTH_SUBSYS_DB, >> "%s disabled in vpopmail for >> this user", >> auth_request->service); >> password = NULL; >> *result_r = PASSDB_RESULT_USER_DISABLED; >> } else { >> if (vpw->pw_clear_passwd != NULL && >> *vpw->pw_clear_passwd != '\0') { >> password = t_strdup_noconst(vpw->pw_clear_passwd); >> *cleart...

...st, vpw)) { auth_request_log_info(auth_request, AUTH_SUBSYS_DB, "%s disabled in vpopmail for this user", auth_request->service); password = NULL; *result_r = PASSDB_RESULT_USER_DISABLED; } else { if (vpw->pw_clear_passwd != NULL && *vpw->pw_clear_passwd != '\0') { password = t_strdup_noconst(vpw->pw_clear_passwd); *cleartext = TRUE; } else if (...

...; ? ? ? ? ? ? ?strcmp(auth_request->service, "POP3") == 0)) { ? ? ? ? ? ? ? ? auth_request_log_info(auth_request, "vpopmail", ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? "%s disabled", auth_request->service); ? ? ? ? ? ? ? ? password = NULL; ? ? ? ? ? ? ? ? *result_r = PASSDB_RESULT_USER_DISABLED; ? ? ? ? } else ............... this way you will preserve webmail access and cut imap from external in case -i limit is defined in vpopmail hope it helps <-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-<-< Can so...

...auth_request_log_info(auth_request, AUTH_SUBSYS_DB, > "%s disabled in vpopmail for this user", > auth_request->service); > password = NULL; > *result_r = PASSDB_RESULT_USER_DISABLED; > } else { > if (vpw->pw_clear_passwd != NULL && > *vpw->pw_clear_passwd != '\0') { > password = t_strdup_noconst(vpw->pw_clear_passwd); > *cleartext = TRUE; &gt...

...uest, AUTH_SUBSYS_DB, >>> ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?"%s disabled in vpopmail for >>> this user", >>> ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?auth_request->service); >>> ? ? ? ? ? ? ? ?password = NULL; >>> ? ? ? ? ? ? ? ?*result_r = PASSDB_RESULT_USER_DISABLED; >>> ? ? ? ?} else { >>> ? ? ? ? ? ? ? ?if (vpw->pw_clear_passwd != NULL && >>> ? ? ? ? ? ? ? ? ? ?*vpw->pw_clear_passwd != '\0') { >>> ? ? ? ? ? ? ? ? ? ? ? ?password = t_strdup_noconst(vpw->pw_clear_passwd); >>> ? ? ? ? ? ? ? ?...

...sdauth.c ==== src/auth/passdb-bsdauth.c ======== 29 if (!IS_VALID_PASSWD(pw->pw_passwd)) { 30 auth_request_log_info(request, "bsdauth", 31 "invalid password field"); 32 callback(PASSDB_RESULT_USER_DISABLED, request); 33 return; 34 } ======================================= These lines seem to require that the pw structure contains the encrypted password in pw->pw_passwd. Where login_ldap is used against Active Directory the encrypted password is not available to b...

...0) { + auth_request_log_info(request, "passdb", + "Attempted submit user login for " + "non-imap service %s " + "(trying to log in as user: %s)", + request->service, + request->requested_login_user); + *result = PASSDB_RESULT_USER_DISABLED; + } else /* reduce code deltas */ + if (!auth_request_master_lookup_finish(request, + request->passdb->submit)) /* APPLE - urlauth */ return FALSE; } else { if (request->passdb->pass) { @@ -1310,7 +1347,8 @@ if (request->skip_password_check) { /* current...