Jump to content
Froxlor Forum
  • 1

Courier configuration and froxlor 2.0


halfgaar

Question

The migration guide mentions the password hashing algorithm Dovecot uses. Is anything known about Courier IMAP? My current authmysqlrc is:

# cat /etc/courier/authmysqlrc | sed -e 's/^MYSQL_PASSWORD.*$/MYSQL_PASSWORD removed/'
MYSQL_OPT   0
MYSQL_SERVER 127.0.0.1
MYSQL_USERNAME froxlor
MYSQL_PASSWORD removed
MYSQL_PORT 3306
MYSQL_DATABASE froxlor
MYSQL_USER_TABLE mail_users
MYSQL_CRYPT_PWFIELD password_enc
MYSQL_UID_FIELD uid
MYSQL_GID_FIELD gid
MYSQL_LOGIN_FIELD username
MYSQL_HOME_FIELD homedir
MYSQL_MAILDIR_FIELD maildir
MYSQL_QUOTA_FIELD (quota*1024*1024)
MYSQL_AUXOPTIONS_FIELD CONCAT("allowimap=",imap,",allowpop3=",pop3)

Because password_enc looks like $1$zEOfoobarB4hjtXhJqEH/ and contains a algorithm type, I guess that's why the migration guide says to disable the default scheme, and it will use the $1$ to detect it? Is it always $1$, or are there also newer algorithms that Courier doesn't like?

Link to comment
Share on other sites

3 answers to this question

Recommended Posts

  • 0

It didn't work. After the update, the password_enc field contains {MD5-CRYPT}, like {MD5-CRYPT}$1$IcUfpkfoobar.

I created a DB view to strip that content:

create view mail_users_backwards as select *, replace(password_enc, '{MD5-CRYPT}', '') as password_enc_old from mail_users;

I then changed authmysqlrc to use mail_users_backwards and password_enc_old.

Courier doesn't support that {MD5-CRYPT} string. I also don't know why it would be there, because the $1$ specifies enough?

 

Link to comment
Share on other sites

  • 0

The Dovecot docs say:

Quote

The password scheme can be overridden for each password by prefixing it with {SCHEME}, for example: {PLAIN}pass.

But because the $1$, $2$, etc string is already in it, this seems unnecessary?

My hack is incomplete BTW: when you change the password, it changes the scheme, like to {BLF-CRYPT}. But again, because it says "$2y$", why include an override?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...