From: Remko Lodder (remko at elvandar dot org)
Date: Thu Mar 11 2004 - 14:37:36 EST
Select username from users where password='%p' and username='%u';
try using '%u@%r' at the username section
=> user at realm, so that
Note that i am interested in what platform you run it on, on OpenBSD i dont
get it working at all :-)
Cheers
-- Kind regards, Remko Lodder Elvandar.org/DSINet.org www.mostly-harmless.nl Dutch community for helping newcomers on the hackerscene -----Oorspronkelijk bericht----- Van: owner-cyrus-sasl at lists dot andrew dot cmu dot edu [mailto:owner-cyrus-sasl at lists dot andrew dot cmu dot edu]Namens dwt Verzonden: donderdag 11 maart 2004 20:09 Aan: cyrus-sasl at lists dot andrew dot cmu dot edu Onderwerp: SASL 2.1.17 with auxprop to Myqsl Hi, I spent quite a bit of time digging through the archives.. 3 hours to be exact. I saw a couple similar requests, yet didn't see one of them get answered. I'm hoping this one has better luck. Smtpd.conf: ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ pwcheck_method: auxprop auxprop_plugin: sql sql_engine: mysql mech_list: plain login sql_user: removed sql_passwd: removed sql_hostnames: localhost sql_database: postfix sql_statement: select Password from users where username='%u'; sql_verbose: true --------------------------------- This setup works fine with one domain. Not a single glitch ever. Regardless of how frustrating SASL may be to configure and compile, I have to give it a gold star on reliability. But now I've run into a problem. I'm building a massive server to support multiple domains: Courier IMAP, Postfix, and Mysql as an authentication module on all ends with Cyrus SASL for the outbound authentication. All users for all domains are stored in our one database table, "users". So in this instance we have janedoe at domain1 dot com with password pickles and janedoe at domain2 dot com with password plums. The problem we've found is, when SASL hits up the database to authenticate the user, it finds the first entry and then stops. So when janedoe at domain2 dot com tries to send mail, with her password plums, SASL looks through the database for janedoe and sees the password as pickles and thus rejects the authentication attempt. The solution is to make a statement that looks for the password and the username and then compares the two with the authentication attempt such as: Select username from users where password='%p' and username='%u'; I know %p doesn't give me what I want... but I was hoping there was some way I could make it what I want since according to some documentation I read, %p can "technically be anything". Any ideas or suggestions... or if you know exactly how to correct this problem... would be great appreciated. Thank you, - Demian
|
|
|