Open zwilliamsb2g opened 3 months ago
I'm not familiar with postfixadmin but will take a look. Thanks for raising the issue.
What difference in the query does debugging show with / without the header? It sounds like there would be some difference in the invocation or parameters that would be causing this.
We're configuring a mail server for which we use pam_mysql to consult the mailbox database managed by postfixadmin to authenticate e-mails. Postfixadmin's encrypted passwords contain a small header that denotes the encryption algorithm within the text of the hash itself. When this header is present, pam_mysql fails to authenticate the password, but when it isn't, authentication succeeds. Postfixadmin checks for this header when logging in, so the easiest way to solve this issue is to specify the SQL query that pam_mysql uses in a way that omits this header. As far as I can tell from the available configuration directives, this is not an option, though the "where" option is similar. Is this a reasonable feature to add?