[dev] Accomodating Horde Suite for new cyrus-2.2.*

Vilius Šumskas vilius at lnk.lt
Fri May 14 08:02:58 PDT 2004 

Hi,

Cituojama "Alexandru N. Barloiu" <slak at dale.ro>:

I'm currently using cyrus 2.2.3 with Horde, IMP, ingo and other. Horde
Authentification is set up through cyrsql driver.

> as of version 2.2.0 cyrus supports virtual domains, meening that
> mailboxes that look like a email address can be created. so in cyrus
> users can look like user/alexandru.barloiu at domain.org.

As far as i know, this is not quite true. Virtual domain support is 
still buggy,
for example you can't make postfix treat such usernames correctly.

> the password
> storage is a little more complicated. I use mysql to store passwords. In
> older versions a simple table containing username and password ( plain
> text ) wes more than enought. cyrus for now can only work with
> unencrypted mysql passwords.

It's not true. I'm using mysql as my cyrus user db backend. Passwords is
encrypted in mysql's md5() by default, but you actually can make it work with
whatever combination you like. For example I'm using crypt-md5 encrypted
passwords (just like in linux shadow files).

> now with virtual domain support it uses a
> method to determine the username and realm by simply considering what is
> in front of "@" the username and what cames after "@" the realm. so a
> more complex table is nedeed ( but still fairly simple ) that has three
> cols ( username, realm and password ). the mysql select statement looks
> like this: "select password from %table% where username='%u' and
> realm='%r'. every thing seems ok for me.

You don't need any modifications to horde, just use cyrsql driver. And 
hordeauth
= true parameter in imp. (if you would like more details on this let me know).

> I didn't had a lot of time on my hands to check every little detail in
> horde, all the custom hooks, so if I say something that may be stupid or
> allready implemented or in planning stage allready, please excuse me.
>
> I use the cvs version of horde and imp and ingo and passwd, auth for
> horde using application ( imp ). everything went ok with that. seems
> that horde and imp permit auth with an username that looks like a email
> address without changing it in any way.
>
> however ingo ( sieve ) and passwd don't work as I hoped. The passwd
> thing went easy with just a little tweeking by implementing in the sql
> engine another column named realm.
> the ingo filters are a little more difficult and I cannot understand (
> since I don't think it uses sieveshell ) why it refusses to
> authentificate with the complete username ( user at domain ) and it only
> uses user without the domain. now the sieve sql querys selects the right
> username but in realm column searches the default domain instead of the
> domain that is after "@".

passwd and ingo works just fine here.

> now my question is this. I can and want to contribute to this issue but
> don\'t exactly know how to do this. If I send my pathes to this list is
> ok? If not what would be ok ?

looking forward for you reply.

--
    Best Regards,

    Vilius Sumskas
    LNK TV system administrator
    mob.: +370 614 75713
    www.lnk.lt

More information about the dev mailing list