[tpop3d-discuss] APOP from flat files
Paul Makepeace
Paul.Makepeace at realprogrammers.com
Tue, 4 Feb 2003 23:41:19 +0000
On Tue, Feb 04, 2003 at 08:45:49PM +0000, Chris Lightfoot wrote:
> On Tue, Feb 04, 2003 at 08:29:17PM +0000, Paul Makepeace wrote:
> > Perhaps I'm being dense, but is this possible? Are people only using
> > APOP with MySQL/perl/other?
Still wondering here - what are the data sources available for those
wanting APOP?
> > I was thinking of patching out fgetpwent() from auth_flatfile.c so that
> > it a) wouldn't require redundant trailing :::: [which confused the hell
> > out of me the first time I used this] b) could allow the
> > {scheme}password technique instead.
> >
> > It's been a while since I paid much attention to the source so perhaps
> > better ideas might be out there...
>
> That's a fairly plausible idea. I think that the original
> author was using a system where fgetpwent would work OK
> without the trailing ::::. By all means patch it, though
> if it could be back-compatible, that would be a plus....
My intention is simply to use the extant tokenising code in tpop3d. Add
in the {scheme}password format `a la auth_mysql.c to make it a little
more flexible.
Now, to make it back compatible it would need to treat unix's salted
crypt as the default rather than, as the current semantics are, MD5. I
guess that's it, right?
> Others have suggested DBM-based drivers, and I think I'd accept one.
> One (obvious) comment is that you can't hold the DBM file open since
> it has to be possible to change passwords while tpop3d is running.
Yep, I'd open in read-only too.
Right now, most likely I'll pull open the qpopper pop.auth database and
generate the appropriate flat files which should work with the above
addition allowing {plaintext}p@55w3rd
FYI, qpopper AFAIK uses DBM or GDBM and XORs the passwords with 0xFF.
Puzzlingly, there seem to be, sometimes, two trailing NULs in the GDBMs
produced by qpopper's popauth program. Maybe a bug...
Paul
--
Paul Makepeace ....................................... http://paulm.com/
"If your dog were blue, then the ferryman can at last cease his
ceaseless crossing."
-- http://paulm.com/toys/surrealism/