[Dovecot] Using dovecot with wordpress/phpass passwords?
Good afternoon,
I am trying to setup dovecot to authenticate using the userdata from wordpress. It's being a bit mor difficult than I thought. This is the relevant part of the dovecot-sql.conf
default_pass_scheme = CRYPT password_query = SELECT user_pass AS password FROM wp_users WHERE user_email='%u'; user_query = SELECT 501 as uid, 501 as gid,'maildir:storage=51200' as quota FROM wp_users WHERE user_email = '%u'
I can see that the query is being procecessed according to the logs.
Wordpress and others are using phpass to authenticate (http://www.openwall.com/phpass/), it is basically a salted md5 hash. Basically, after the process, a hash like this is obtained.
$P$BiWISc3IsqRHxeEjq4VJP1Vi8gy4mg1 (for test123 password)
I would like to know if dovecot would be able to read this, otherwise I could still make a custom checkpassword function but that would be non-optimal.
Could someone guide me on this? If you need more details just ask.
Thanks a lot,
joan
On Fri, 2011-03-11 at 17:39 +0100, Joan wrote:
default_pass_scheme = CRYPT password_query = SELECT user_pass AS password FROM wp_users WHERE user_email='%u'; user_query = SELECT 501 as uid, 501 as gid,'maildir:storage=51200' as quota FROM wp_users WHERE user_email = '%u'
If you're using Dovecot v1.1+ that quota value won't work.
Wordpress and others are using phpass to authenticate (http://www.openwall.com/phpass/), it is basically a salted md5 hash. Basically, after the process, a hash like this is obtained.
$P$BiWISc3IsqRHxeEjq4VJP1Vi8gy4mg1 (for test123 password)
I would like to know if dovecot would be able to read this,
It can't. But if you're using Openwall, apparently its crypt() supports this and Dovecot doesn't need to.
otherwise I could still make a custom checkpassword function but that would be non-optimal.
Either that or write a phpass plugin.
To sum up:
Wordpress and others are using phpass to authenticate (http://www.openwall.com/phpass/), it is basically a salted md5 hash. Basically, after the process, a hash like this is obtained.
$P$BiWISc3IsqRHxeEjq4VJP1Vi8gy4mg1 (for test123 password)
I would like to know if dovecot would be able to read this,
It can't. But if you're using Openwall, apparently its crypt() supports this and Dovecot doesn't need to. Unfortunately, that stuff isn't include in any major distribution, had to look on the other options
I could still make a custom checkpassword function but that would be non-optimal. I created a checkpass script to verify the passwords. For anyone looking for this, I got some good information here:
.- Implementation of custom checkpassword in perl, with a sample testing script: http://wiki.qpsmtpd.org/plugins:auth:authcheckpassword
.- Phpass implementation for perl http://search.cpan.org/~zefram/Authen-Passphrase/lib/Authen/Passphrase/PHPas...
For the dovecot part, just add in the passdb section from dovecot.conf this:
passdb checkpassword { args = /etc/dovecot/checkpassword.pl }
participants (2)
-
Joan
-
Timo Sirainen