checkpw.c crypt patch

[Patrick Ben Koetter]

* David van Geest <davidv at spindance.com>:
>>
>> Use saslauthd -> PAM -> pam:mysql -> MySQL(crypted passwords)
>>
>> p at rick   
> Thanks Patrick!  I'm attempting what you suggest using pam:mysql.  My  
> /etc/pam.d/smtp.postfix looks like this:

saslauthd calls this? Usually it would be /etc/pam.d/smtp, because the service
name is "smtp".

> auth       optional     pam_mysql.so user=<mysql_username>  
> passwd=<mysql_pw> host=host.domain db=<db_name> table=<user_table>  
> usercolumn=<user_column> passwdcolumn=<user_pass_column> crypt=1
> account    required     pam_mysql.so user=<mysql_username>  
> passwd=<mysql_pw> host=host.domain db=<db_name> table=<user_table>  
> usercolumn=<user_column> passwdcolumn=<user_pass_column> crypt=1
>
> A follow-up question:  how does this work when using a salt?  The DB  
> admin wants to store the password hash and password salt in separate  
> columns in MySQL, so it seems like I would need to add another option in  
> the above lines to specify the salt column, so the salt value can be  
> used with crypt().

I personally haven't used "saslauthd -> PAM -> pam:mysql" before, so I can't
give you any first hand experience. Maybe someone else can share their
knowledge on this.

p at rick


-- 
All technical answers asked privately will be automatically answered on
the list and archived for public access unless privacy is explicitely
required and justified.

saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>