mirror of
https://blitiri.com.ar/repos/chasquid
synced 2026-01-08 17:51:57 +00:00
cfe0e48c0a
Some deployments already have users that authenticate without a domain. Today, we refuse to even consider those, and reject them at parsing time. However, it is a use-case worth supporting, at least with some restrictions that make the complexity manageable. This patch changes the auth package to support authenticating users without an "@domain" part. Those requests will always be directly passed on to the fallback authenticator, if available. The dovecot fallback authenticator can already handle this case just fine.
80 lines
1.5 KiB
Plaintext
80 lines
1.5 KiB
Plaintext
base_dir = $ROOT/run/
|
|
log_path = $ROOT/dovecot.log
|
|
ssl = no
|
|
|
|
default_internal_user = $USER
|
|
default_login_user = $USER
|
|
|
|
# Before auth checks, rename "u@d" to "u-x". This exercises that chasquid
|
|
# handles well the case where the returned user information does not match the
|
|
# requested user.
|
|
# We drop the domain, to exercise "naked" auth handling.
|
|
auth_username_format = "%n-x"
|
|
|
|
passdb {
|
|
driver = passwd-file
|
|
args = $ROOT/passwd
|
|
}
|
|
|
|
userdb {
|
|
driver = passwd-file
|
|
args = $ROOT/passwd
|
|
}
|
|
|
|
service auth {
|
|
unix_listener auth {
|
|
mode = 0666
|
|
}
|
|
}
|
|
|
|
# Dovecot refuses to start without protocols, so we need to give it one.
|
|
protocols = imap
|
|
|
|
service imap-login {
|
|
chroot =
|
|
inet_listener imap {
|
|
address = 127.0.0.1
|
|
port = 0
|
|
}
|
|
}
|
|
|
|
service anvil {
|
|
chroot =
|
|
}
|
|
|
|
# In dovecot 2.3 these services want to change the group owner of the files,
|
|
# so override it manually to our effective group.
|
|
# This is backwards-compatible with dovecot 2.2.
|
|
# TODO: once we stop supporting dovecot 2.2 for tests, we can set
|
|
# default_internal_group and remove these settings.
|
|
service imap-hibernate {
|
|
unix_listener imap-hibernate {
|
|
group = $GROUP
|
|
}
|
|
}
|
|
service stats {
|
|
unix_listener stats {
|
|
group = $GROUP
|
|
}
|
|
unix_listener stats-writer {
|
|
group = $GROUP
|
|
}
|
|
}
|
|
service dict {
|
|
unix_listener dict {
|
|
group = $GROUP
|
|
}
|
|
}
|
|
service dict-async {
|
|
unix_listener dict-async {
|
|
group = $GROUP
|
|
}
|
|
}
|
|
|
|
# Turn on debugging information, to help troubleshooting issues.
|
|
auth_verbose = yes
|
|
auth_debug = yes
|
|
auth_debug_passwords = yes
|
|
auth_verbose_passwords = yes
|
|
mail_debug = yes
|