4 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Re: different aut...
FromSent OnAttachments
Sam VarshavchikOct 20, 2001 3:35 pm 
David LevitanOct 20, 2001 3:58 pm 
David LevitanOct 20, 2001 4:14 pm 
Sam VarshavchikOct 20, 2001 4:17 pm 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Re: [courier-users] Re: different authentication for ssl imapActions...
From:David Levitan (dav@dlevitan.com)
Date:Oct 20, 2001 3:58:52 pm
List:net.sourceforge.lists.courier-users

Thank you very much for the reply. The two PAM types, I presume, are imap and imapssl? Thank you again, David Levitan

Sam Varshavchik wrote:

David Levitan writes:

Hi, I am wondering whether it is possible to set up different pam modules for ssl imap and non-ssl imap. I would like to enable one time passwords for non-ssl logins, and allow the use of normal passwords for ssl logins. Is this possible? I'm running Redhat 7.1 with courier-imap 1.3.9

It's possible, with a minor code change. In imaplogin.c, change: authmod_login(main_argc-1, main_argv+1, "imap", userid, passwd); to: authmod_login(main_argc-1, main_argv+1, getenv("IMAPSERVICE"), userid, passwd); Then add "IMAPSERVICE=imap" to the etc/imap configuration file, and "IMAPSERVICE=imapssl" to the etc/imap-ssl configuration file, and set up different pam modules for the imapssl service. This is going to take care of plain logins. For SASL logins, there's a similar change to authenticate_auth.c:

authmod(main_argc-1, main_argv+1, "imap", authtype, authdata); replace with:

authmod(main_argc-1, main_argv+1, getenv("IMAPSERVICE"), authtype, authdata);