17 Feb
2010
17 Feb
'10
1:05 a.m.
On 15.2.2010, at 19.42, Leonardo Rodrigues wrote:
from sources on src/auth i can find some interesting informations:
/* format: <SHA1 hash><salt> */
and
#define SSHA256_SALT_LEN 4
so the salt really seems to be 4-byte (which in fact are 8 when watching in hexadecimal), the exact difference on dovecotpw non-salted and salted generated passwords.
The generated SSHA256 passwords have 4 byte salt, but Dovecot supports reading any salt length.