similar to: Authenticating dovecot against Active Directory using bsdauth and login_ldap

Hi all, I finally got a chance to try out the fix for the LDAP auth_bind=yes issues in production (using rc21). It seems to be working just fine even after 24 hours of severe abuse. Incidentally, I had switched to bsdauth+login_ldap (on OpenBSD) which was often OK, but occasionally I would see Postfix smtpd throttled with SASL errors due to "connection refused" on the Dovecot

Hi all, I'm running dovecot-1.0.rc17 on OpenBSD 3.9, using userdb and passdb methods of "ldap" (SSL on 636/tcp) in addition to "passwd". Occasionally (generally after a few hours of operation, but not always), LDAP-based logins stop working (e.g. hang/timeout after POP3 PASS command). Accounts with local passwords (as opposed to accounts with a password field of

Hi All. Attached is a patch against OpenBSD, based in part on the owl-always-auth patch. The idea is that the only way out of auth_passwd for the failure case is the "return 0" at the bottom. I don't know if this is a good way to do it or not, it's presented for discussion. Also, I don't think 3.6.1p2 is quite right WRT these timing issues (eg, you get a fast failure

Hi all, I have a problem with my dovecot/postfix configuration: here is my dovecot -n # /usr/local/sbin/dovecot -n # 1.1.20: /etc/dovecot.conf Warning: fd limit 128 is lower than what Dovecot can use under full load (more than 768). Either grow the limit or change login_max_processes_count and max_mail_processes settings # OS: OpenBSD 4.7 amd64 ffs base_dir: /var/dovecot/ log_path:

hi i test bsdauth with cache_key=%u on OpenBSD and get this error Oct 8 10:04:11 pegasus dovecot: Dovecot v1.2.6 starting up Oct 8 10:04:12 pegasus dovecot: auth(default): Panic: file passdb.c: line 201 (passdb_init): assertion failed: (passdb->passdb->default_pass_scheme != NULL || passdb->passd b->cache_key == NULL) Oct 8 10:04:12 pegasus dovecot: dovecot: child 8407 (auth)

I have my own custom schema for email that I have been using for years with courier_imap and exim. I am experimenting with dovecot and trying to set up my conf so that it logs in using the ldap database. In the dovecot-ldap.conf there is a section # Filter for user lookup. Some variables can be used (see # http://wiki.dovecot.org/Variables for full list): # %u - username # %n - user

Hello. I tried installing dovecot on a server that relies on vpopmail authentication using $1$ MD5 algorithm and it didn't work. Please fix this for the next release. Attached is a patch, please be carefull with the line wrapping. Radu --- passdb-vpopmail.c.old Thu Feb 20 00:46:51 2003 +++ passdb-vpopmail.c Thu Sep 30 18:58:56 2004 @@ -1,4 +1,4 @@ -/* Copyright (C) 2002-2003 Timo

Quoting Rick Romero <rick at havokmon.com>: > Quoting Eric Broch <ebroch at whitehorsetc.com>: > >> On 10/4/2018 7:27 AM, Rick Romero wrote: >>> Quoting Eric Broch <ebroch at whitehorsetc.com >>> <mailto:ebroch at whitehorsetc.com>>: >>> >>>> On 10/4/2018 6:34 AM, Rick Romero wrote: >>>>> ? >>>

On 10/4/2018 7:27 AM, Rick Romero wrote: > > Quoting Eric Broch <ebroch at whitehorsetc.com > <mailto:ebroch at whitehorsetc.com>>: > >> >> On 10/4/2018 6:34 AM, Rick Romero wrote: >>> > Quoting Aki Tuomi <aki.tuomi at open-xchange.com > <mailto:aki.tuomi at open-xchange.com>>: > >> On 03.10.2018 23:30, Eric Broch wrote:

Dear list, since the order of authentication and AFS token/KRB TGT forwarding changed (around 3.0), we have had problems with users accidentally overwriting their credentials from a "password" login with forwarded credentials. E.g. user A logs in as user B, but stays with the AFS permissions of user A. A workaround is to use "-k" on these sessions, but "it worked without

Quoting Eric Broch <ebroch at whitehorsetc.com>: > On 10/4/2018 7:27 AM, Rick Romero wrote: >> >> Quoting Eric Broch <ebroch at whitehorsetc.com >> <mailto:ebroch at whitehorsetc.com>>: >> >>> >>> On 10/4/2018 6:34 AM, Rick Romero wrote: >>>> >> Quoting Aki Tuomi <aki.tuomi at open-xchange.com >>

On 10/4/2018 6:34 AM, Rick Romero wrote: > > Quoting Aki Tuomi <aki.tuomi at open-xchange.com > <mailto:aki.tuomi at open-xchange.com>>: > >> On 03.10.2018 23:30, Eric Broch wrote: >> >>> Hello list, >>> >>> I run Dovecot with the vpopmail driver and have found that it >>> authenticates against the clear text password in the

[Mod: in a disk crash I lost the original of this message posted by Dave to linux-security so this one is from bugtraq, reposted with author''s permission -- alex] This old problem refuses to die. #!/bin/sh # # yankpw # # Under a lot of linux distributions(I know Redhat 3.0.3 and Slackware 3.0) # /var/log/messages is world readable. If a user types in his password at # the login prompt,

Quoting Eric Broch <ebroch at whitehorsetc.com>: > On 10/4/2018 6:34 AM, Rick Romero wrote: > >> ? Quoting Aki Tuomi <aki.tuomi at open-xchange.com>: > On 03.10.2018 23:30, Eric Broch wrote: > >> Hello list, >> >> I run Dovecot with the vpopmail driver and have found that it >> authenticates against the clear text password in the vpopmail

Hi, probably just nothing to worry about, but I get the following warnings when building 1.1.7 on OpenBSD 4.4 on i386. If I remove the --with-bsdauth config option, they all disappear. I won't use it anyway, but maybe there are others. $ dmesg OpenBSD 4.4 (GENERIC) #1021: Tue Aug 12 17:16:55 MDT 2008 deraadt at i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel(R)

Hi Aki and Remo, switch from vpopmail driver to SQL driver (if you are using vpopmail with mysql as backend) is very simple. First you need to setup the right query for vpopmail database: # cat /etc/dovecot/dovecot-sql.conf.ext ### Vpopmail driver = mysql connect = host=192.168.1.2 dbname=vpopmail user=vpopmail password=Vp0pM4iL default_pass_scheme = MD5-CRYPT ### Query to get a list of all

Hello, in the BSD Authentication system the login script can request environment variables to be set/unset. The call to auth_close() in auth-passwd.c does change the current environment, but those changes are lost for the child environment. It would be really useful to add some kind of mechanism to get those changes into the child environment. I've added two possible solutions. Both

From: Marco Trevisan (Trevi?o) <mail at 3v1n0.net> kbdint result vfunc may return various values, so use an enum to make it clearer what each result means without having to dig into the struct documentation. --- auth-bsdauth.c | 2 +- auth-pam.c | 10 +++++----- auth.h | 5 +++++ auth2-chall.c | 4 ++-- 4 files changed, 13 insertions(+), 8 deletions(-) diff --git

Greetings all, I have a OpenBSD /Dovecot server at home running and sending / receiving email "internally" without issue.. Recently, I set up the same at our Parish, but one of our users wants to get their email externally. The user can read their email but has to "send" via the local ISP server.. The problem After much searching I have not found an answer to my question. I

The references to pw_expire and pw_change in pwcopy() in misc.c cause compilation errors at least on solaris. How about doing a memcpy of the whole structure and only explicitly setting those that need xstrdup? That would work on openbsd and everywhere else. - Dave Dykstra --- misc.c.O Thu Jun 21 11:35:28 2001 +++ misc.c Thu Jun 21 11:36:09 2001 @@ -125,14 +125,10 @@ { struct passwd *copy =