skraps at hushmail
Apr 1, 2012, 2:25 AM
Post #2 of 2
(161 views)
Permalink
|
|
Re: IMAP Proxy in front of DBMail -- GSSAPI, etc password issues
[In reply to]
|
|
at ln 1245 of authldap.c is where it validates the password supplied.
If you skip that check or remove line 1249 then it will validate any
login as a good login.
if (ldap_err) {
TRACE(TRACE_ERR, "ldap_bind_s failed: %s",
ldap_err2string(ldap_err));
*user_idnr = 0;
when there is a login error it just changes the idnr to 0, then
returns 0
if (*user_idnr == 0)
return 0;
I guess you could always remove the ldap_err check and log the login?
Maybe I am wrong Paul is better suited for this question.
On 04/01/2012 at 4:43 AM, Erick Turnquist wrote:Hi list,
I have just set up a Dovecot proxy in front of DBMail. I would like
Dovecot to handle all authentication because I need to use GSSAPI
and/or
LDAP credentials. The proxying works great when I use the LDAP
password
(authdriver is set to ldap). But of course DBMail can't bind to the
LDAP
server with whatever credentials it's being given when I hit Dovecot
with a GSSAPI token.
It seems like what I need is a way for DBMail to accept any password
its
given, or a way for Dovecot to send the same password to DBMail for
every login. Neither of these things appear possible right now. What
are
my options for getting GSSAPI logins to work with DBMail?
|
