[Dovecot] SQL field format for digest-md5?
Darren Pilgrim
list_dovecot at bluerosetech.com
Tue Dec 23 23:51:16 EET 2008
Timo Sirainen wrote:
> On Dec 23, 2008, at 8:57 PM, Darren Pilgrim wrote:
>
>> I'm enabling digest-md5 authentication with "user at example.com"
>> username and plain-text passwords stored in a MySQL database. What
>> should the password field contain in order to work with digest-md5?
>> Would the following:
>>
>> SELECT CONCAT('{digest-md5}', MD5(CONCAT(username, '::', password)))
>> AS password ...
>>
>> be correct?
>
> Don't try to do anything special. Just:
>
> SELECT username as user, password FROM ..
That's what I already have. It works for plain, login and cram-md5;
however, but digest-md5 fails. Reading the wiki page[1] for digest-md5
says the user at example.com username format breaks because I'm not using
realms. My options are either set auth_realms or store passwords using
the DIGEST-MD5 scheme. I'm trying to do the later since I can't
realistically set or maintain auth_realms.
1: http://wiki.dovecot.org/Authentication/Mechanisms/DigestMD5
More information about the dovecot
mailing list