Mercurial > dovecot > original-hg > dovecot-1.2
changeset 1578:ab2fb3c6a12b HEAD
Using "*" as PAM service name now uses imap/pop3 service.
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Thu, 26 Jun 2003 02:15:34 +0300 |
parents | b3ae1757f921 |
children | a0207c0adf7e |
files | doc/auth.txt dovecot-example.conf src/auth/passdb-pam.c |
diffstat | 3 files changed, 24 insertions(+), 7 deletions(-) [+] |
line wrap: on
line diff
--- a/doc/auth.txt Thu Jun 26 01:42:55 2003 +0300 +++ b/doc/auth.txt Thu Jun 26 02:15:34 2003 +0300 @@ -80,8 +80,14 @@ ApplePAM (OSX). PAM doesn't provide user database, so you have to use something else for that - passwd usually. -Here's an example /etc/pam.d/imap configuration file which uses -standard UNIX authentication: +By default Dovecot uses "dovecot" service, ie. the PAM configuration is in +/etc/pam.d/dovecot file. You can override this by giving the wanted service +name as parameter for pam. For example "auth_passdb = pam dovecot2". If you +give "*" as service name, Dovecot uses "imap" service for IMAP connections +and "pop3" service for POP3 connections. + +Here's an example /etc/pam.d/dovecot configuration file which uses standard +UNIX authentication: auth required pam_unix.so nullok account required pam_unix.so
--- a/dovecot-example.conf Thu Jun 26 01:42:55 2003 +0300 +++ b/dovecot-example.conf Thu Jun 26 02:15:34 2003 +0300 @@ -381,7 +381,7 @@ # Where password database is kept: # passwd: /etc/passwd or similiar, using getpwnam() # shadow: /etc/shadow or similiar, using getspnam() -# pam: PAM authentication +# pam [<service> | *]: PAM authentication # passwd-file <path>: passwd-like file with specified location # vpopmail: vpopmail authentication # ldap <config path>: LDAP, see doc/dovecot-ldap.conf
--- a/src/auth/passdb-pam.c Thu Jun 26 01:42:55 2003 +0300 +++ b/src/auth/passdb-pam.c Thu Jun 26 02:15:34 2003 +0300 @@ -204,7 +204,8 @@ } static void -pam_verify_plain_child(const char *user, const char *password, int fd) +pam_verify_plain_child(const char *service, const char *user, + const char *password, int fd) { pam_handle_t *pamh; struct pam_userpass userpass; @@ -221,7 +222,7 @@ userpass.user = user; userpass.pass = password; - status = pam_start(service_name, user, &conv, &pamh); + status = pam_start(service, user, &conv, &pamh); if (status != PAM_SUCCESS) { result = PASSDB_RESULT_INTERNAL_FAILURE; str = t_strdup_printf("pam_start(%s) failed: %s", @@ -323,9 +324,18 @@ verify_plain_callback_t *callback) { struct pam_auth_request *pam_auth_request; + const char *service; int fd[2]; pid_t pid; + service = service_name != NULL ? service_name : + request->protocol == AUTH_PROTOCOL_IMAP ? "imap" : + request->protocol == AUTH_PROTOCOL_POP3 ? "pop3" : NULL; + if (service == NULL) { + i_error("Unknown protocol %d in auth request", + request->protocol); + } + if (pipe(fd) < 0) { i_error("PAM: pipe() failed: %m"); callback(PASSDB_RESULT_INTERNAL_FAILURE, request); @@ -343,7 +353,7 @@ if (pid == 0) { (void)close(fd[0]); - pam_verify_plain_child(request->user, password, fd[1]); + pam_verify_plain_child(service, request->user, password, fd[1]); _exit(0); } @@ -364,7 +374,8 @@ static void pam_init(const char *args) { - service_name = i_strdup(*args != '\0' ? args : "dovecot"); + service_name = strcmp(args, "*") == 0 ? NULL : + i_strdup(*args != '\0' ? args : "dovecot"); to_wait = NULL; }