[Doveceot] Fix forced PW update

master
andryyy 2021-06-09 07:22:48 +02:00
parent 47b57df3a2
commit a6edb75e88
No known key found for this signature in database
GPG Key ID: 8EC34FF2794E25EF
1 changed files with 1 additions and 9 deletions

View File

@ -128,15 +128,6 @@ user_query = SELECT CONCAT(JSON_UNQUOTE(JSON_VALUE(attributes, '$.mailbox_format
iterate_query = SELECT username FROM mailbox WHERE active = '1' OR active = '2'; iterate_query = SELECT username FROM mailbox WHERE active = '1' OR active = '2';
EOF EOF
# Create pass dict for Dovecot
cat <<EOF > /etc/dovecot/sql/dovecot-dict-sql-passdb.conf
# Autogenerated by mailcow
driver = mysql
connect = "host=/var/run/mysqld/mysqld.sock dbname=${DBNAME} user=${DBUSER} password=${DBPASS}"
default_pass_scheme = ${MAILCOW_PASS_SCHEME}
password_query = SELECT password FROM mailbox WHERE active = '1' AND username = '%u' AND domain IN (SELECT domain FROM domain WHERE domain='%d' AND active='1') AND JSON_UNQUOTE(JSON_VALUE(attributes, '$.force_pw_update')) != '1' AND (JSON_UNQUOTE(JSON_VALUE(attributes, '$.%s_access')) = '1' OR ('%s' != 'imap' AND '%s' != 'pop3'))
EOF
cat <<EOF > /etc/dovecot/lua/passwd-verify.lua cat <<EOF > /etc/dovecot/lua/passwd-verify.lua
function auth_password_verify(req, pass) function auth_password_verify(req, pass)
@ -176,6 +167,7 @@ function auth_password_verify(req, pass)
INNER JOIN mailbox ON mailbox.username = app_passwd.mailbox INNER JOIN mailbox ON mailbox.username = app_passwd.mailbox
WHERE mailbox = '%s' WHERE mailbox = '%s'
AND IFNULL(JSON_UNQUOTE(JSON_VALUE(mailbox.attributes, '$.%s_access')), 1) = '1' AND IFNULL(JSON_UNQUOTE(JSON_VALUE(mailbox.attributes, '$.%s_access')), 1) = '1'
AND IFNULL(JSON_UNQUOTE(JSON_VALUE(mailbox.attributes, '$.force_pw_update')), 0) != '1'
AND app_passwd.active = '1' AND app_passwd.active = '1'
AND mailbox.active = '1' AND mailbox.active = '1'
AND app_passwd.domain IN (SELECT domain FROM domain WHERE domain='%s' AND active='1')]], con:escape(req.user), con:escape(req.service), con:escape(req.domain))) AND app_passwd.domain IN (SELECT domain FROM domain WHERE domain='%s' AND active='1')]], con:escape(req.user), con:escape(req.service), con:escape(req.domain)))