bug: ARGON2 hash selection incompatible with LDAP
Krisztián Szegi
k.git at mszk.eu
Tue Nov 15 13:16:32 UTC 2022
Sorry, I wanted to post from this alias, but From-Address isn't saved with my drafts :)
I failed to recognize during my patchwork that the verification function is the same for ARGON2I and -ID:
both call `verify_argon2`, which in turn calls `libsodium's crypto_pwhash_str_verify`.
In the new light this, there is no "harm" in my patch:
- If backend gives back "{ARGON2}...", dovecot verifies with the same call anyway, regardless of what subtype it actually is, i.e.: {ARGON2I} will work too.
- If dovecot generates the hash, the prefix will be the one set by the config's default hash, so for backwards comp., "{ARGON2ID}" could be used if someone wants that. Dovecot will succeed in verifying {ARGON2} generated by itself as well.
"Aki Tuomi" aki.tuomi at open-xchange.com – 15 November 2022 13:55
> > On 15/11/2022 14:45 EET Krisztián Szegi <oni-dono at mszk.eu> wrote:
> >
> >
> > Good day to all,
> >
> > this is my first post to the mailing list!
> >
> > I'd like to report that non-binding auth to (Open)LDAP doesn't work if the latter hashes passwords with ARGON2.
> >
> > Although dovecot (I am using http://2.3.19.1) does support ARGON2 with libsodium, but it doesn't recoginize hashes beginning "{ARGON2}$argon2id$" stored (and hashed, using ppolicy module's hashCleartext) by OpenLDAP.
> >
> > Now, I understand that ARGON2I, -D, and -ID are not compatible, but the ACTUAL algorithm is there between the two $.
> > Furthermore, I think dovecot is in the minority here, I haven't met any software that specifies the ARGON2 subtype between {}.
> > BTW, I haven't met any software that hashes passwords with ARGON2, but not with the ARGON2ID subtype (where libsodium is available, which also seems to be the standard here), as THAT is the recommended one anyway.
> >
> > I patched the rpm in OpenSUSE repo to alias {ARGON2} to {ARGON2ID}:
> > https://build.opensuse.org/package/view_file/home:Samonitari:branches:openSUSE:Factory/dovecot23/dovecot-2.3.0-alias_ARGON2_to_ARGON2ID.patch
> >
> > Could we get something like this (but maybe more correct) into the official source?
> > Maybe a config switch to alias it runtime?
> >
> > Thanks for the attention:
> > Krisztián
>
> Hi!
>
> Thanks for your report. I think it makes sense, we'll see what we can do about this.
>
> Aki
>
>
More information about the dovecot
mailing list