|
| From: | Dom Gallagher |
| Subject: | Re: [tpop3d-discuss] tpop3d domain stripping? |
| Date: | Thu, 14 Mar 2002 21:01:00 -0600 |
At 21:53 3/14/2002 +0000, you wrote:
On Thu, Mar 14, 2002 at 03:45:53PM -0600, Dom Gallagher wrote: > We're currently using tpop3d in a virtualhost context, and it happily > accepts address@hidden or just plain user, by appending the domain > (append_domain). > > We'd like to replace cucipop on a couple of machines, but have been using > cucipop's 'feature' of ignoring domains for authentication. Is there a > 'strip_domain' or similar functionality that we could be using to > automatically remove the domain before authenticating? These users are > authenticating from the system password file, and that isn't going to > change. Not exactly, though it would be easy either to modify tpop3d or to write a perl authenticator to do this. At present the two local account authenticators use the username as supplied by the client, and won't try to authenticate users who've supplied a domain; this could be changed by altering the code in auth_pam and auth_passwd.c
Went one better; added strip-domain functionality (we REALLY need this to be a run-time option, not a compile-time one). I've fully tested this on Linux and Solaris with passwd+shadow auth, but not APOP (not exactly sure what uses this, so not too bothered about offering the functionality). APOP support for strip-domain is coded in and doesn't give warnings or anything, so I left it in (someone may want to test ;).
I'd really like this functionality to make it into the core tpop3d so I don't hae to patch when a new version comes out, but I can't find any reference to patch submissions. I've got diffs against stock 1.3.5; where should I post em?
Incidentally, your website mentions POP3Lite. Visiting their website is informative:
POP3Lite development stopped, it may or may not work, there's no guarantee. Gergely Nagy \ mhp/|8]
| [Prev in Thread] | Current Thread | [Next in Thread] |