1
0
mirror of https://github.com/imapsync/imapsync.git synced 2024-11-17 00:02:29 +01:00
imapsync/W/patches/proxyauth-v2_1.366.patch
Nick Bebout c08a56e486 1.504
2012-09-02 19:08:57 -05:00

169 lines
6.1 KiB
Diff

diff -urN imapsync-1.366.orig/FAQ imapsync-1.366/FAQ
--- imapsync-1.366.orig/FAQ 2010-10-30 12:24:10.951674625 +0200
+++ imapsync-1.366/FAQ 2010-10-31 14:12:40.447361182 +0100
@@ -514,6 +514,34 @@
--exclude '^user\.'
======================================================================
+Q: How to migrate from Sun Java Enterprise System / Sun One / iPlanet /
+Netscape servers with an admin account?
+
+R: Those imap servers don't allow the typical use of --authuser1 to use an
+administrative account. They expect the use of an IMAP command called
+proxyauth that is issued after login in as an administrative account.
+
+For example, consider the administrative account 'administrator' and your
+real user 'real_user'. The IMAP sequence would be:
+
+ OK [CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS
+ CHILDREN BINARY UNSELECT LANGUAGE STARTTLS XSENDER X-NETSCAPE XSERVERINFO
+ AUTH=PLAIN] imap.server IMAP4 service (Sun Java(tm) System Messaging
+ Server ...))
+ 1 LOGIN administrator password
+ 1 OK User logged in
+ 2 PROXYAUTH real_user
+ 2 OK Completed
+
+In imapsync, you can achieve this by using the following options:
+
+ --host1 source.imap.server \
+ --user1 real_user \
+ --authuser1 administrator \
+ --proxyauth1 \
+ --passfile admin.txt
+
+======================================================================
Q. Is there anyway of making imapsync purge the destination folder
when the source folder is deleted?
diff -urN imapsync-1.366.orig/imapsync imapsync-1.366/imapsync
--- imapsync-1.366.orig/imapsync 2010-10-30 12:24:10.965674761 +0200
+++ imapsync-1.366/imapsync 2010-10-31 13:09:59.922679699 +0100
@@ -204,6 +204,9 @@
with --authuser1 "adminuser", it will not work.
Same behavior with the --authuser2 option.
+When working on Sun/iPlanet/Netscape IMAP servers you must use
+--proxyauth1 to enable administrative user to masquerade as another user.
+Can also be used on destination server with --proxyauth2
=head1 EXIT STATUS
@@ -560,6 +563,7 @@
$ssl1, $ssl2,
$tls1, $tls2,
$authuser1, $authuser2,
+ $proxyauth1, $proxyauth2,
$authmech1, $authmech2,
$split1, $split2,
$reconnectretry1, $reconnectretry2,
@@ -680,6 +684,14 @@
$authmech1 = uc($authmech1);
$authmech2 = uc($authmech2);
+if (defined $proxyauth1 && !$authuser1) {
+ missing_option("With --proxyauth1, --authuser1");
+}
+
+if (defined $proxyauth2 && !$authuser2) {
+ missing_option("With --proxyauth2, --authuser2");
+}
+
$authuser1 ||= $user1;
$authuser2 ||= $user2;
@@ -721,12 +733,14 @@
$debugimap1 and print "Host1 connection\n";
$imap1 = login_imap($host1, $port1, $user1, $password1,
$debugimap1, $timeout, $fastio1, $ssl1, $tls1,
- $authmech1, $authuser1, $reconnectretry1);
+ $authmech1, $authuser1, $reconnectretry1,
+ $proxyauth1);
$debugimap2 and print "Host2 connection\n";
$imap2 = login_imap($host2, $port2, $user2, $password2,
$debugimap2, $timeout, $fastio2, $ssl2, $tls2,
- $authmech2, $authuser2, $reconnectretry2);
+ $authmech2, $authuser2, $reconnectretry2,
+ $proxyauth2);
# history
@@ -1551,7 +1565,8 @@
sub login_imap {
my($host, $port, $user, $password,
$debugimap, $timeout, $fastio,
- $ssl, $tls, $authmech, $authuser, $reconnectretry) = @_;
+ $ssl, $tls, $authmech, $authuser, $reconnectretry,
+ $proxyauth) = @_;
my ($imap);
$imap = Mail::IMAPClient->new();
@@ -1591,13 +1606,25 @@
}
}
- $imap->Authmechanism($authmech) unless ($authmech eq 'LOGIN');
+ if ($proxyauth) {
+ $imap->Authmechanism("");
+ } else {
+ $imap->Authmechanism($authmech) unless ($authmech eq 'LOGIN');
+ }
+
$imap->Authcallback(\&plainauth) if $authmech eq "PLAIN";
- $imap->User($user);
- $imap->Authuser($authuser);
- $imap->Password($password);
+ if ($proxyauth) {
+ $imap->User($authuser);
+ $imap->Authuser($authuser);
+ $imap->Password($password);
+ } else {
+ $imap->User($user);
+ $imap->Authuser($authuser);
+ $imap->Password($password);
+ }
+
unless ($imap->login()) {
my $info = "Error login: [$host] with user [$user] auth";
my $einfo = $imap->LastError || @{$imap->History}[-1];
@@ -1610,6 +1637,8 @@
$imap->login() or
die_clean("$info [LOGIN]: ", $imap->LastError, "\n");
}
+ $proxyauth && $imap->proxyauth($user);
+
print "Success login on [$host] with user [$user] auth [$authmech]\n";
return($imap);
}
@@ -2423,6 +2452,8 @@
"authmech2=s" => \$authmech2,
"authuser1=s" => \$authuser1,
"authuser2=s" => \$authuser2,
+ "proxyauth1" => \$proxyauth1,
+ "proxyauth2" => \$proxyauth1,
"split1=i" => \$split1,
"split2=i" => \$split2,
"reconnectretry1=i" => \$reconnectretry1,
@@ -2722,12 +2753,18 @@
--user1 <string> : user to login on host1. Mandatory.
--authuser1 <string> : user to auth with on host1 (admin user).
Avoid using --authmech1 SOMETHING with --authuser1.
+--proxyauth1 : Use proxyauth on host1. Requires --authuser1.
+ Required by Sun/iPlanet/Netscape IMAP servers to
+ be able to use an administrative user
--password1 <string> : password for the user1. Dangerous, use --passfile1
--passfile1 <string> : password file for the user1. Contains the password.
--host2 <string> : "destination" imap server. Mandatory.
--port2 <int> : port to connect on host2. Default is 143.
--user2 <string> : user to login on host2. Mandatory.
--authuser2 <string> : user to auth with on host2 (admin user).
+--proxyauth2 : Use proxyauth on host2. Requires --authuser2.
+ Required by Sun/iPlanet/Netscape IMAP servers to
+ be able to use an administrative user
--password2 <string> : password for the user2. Dangerous, use --passfile2
--passfile2 <string> : password file for the user2. Contains the password.
--noauthmd5 : don't use MD5 authentification.