[Dovecot] [PATCH] Allow verification of user's hash in doveadm-pw

Spack spack.world at gmail.com
Thu Sep 1 01:17:47 EEST 2011


Hi,

It may be useful for testing purpose to know if a generated password
hash correspond to a given clear password. This can be useful to check
if a hash generated by another program can be verified by Dovecot
without any errors.

This patch adds the ability the verify a password hash using `doveadm
pw` via the `-V` option.

    $ doveadm pw -s SSHA.hex
    Enter new password:
    Retype new password:
    {SSHA.HEX}58b910d947c60b35be3e12b0d9897c1f87dfa450e6d5a75c

    $ doveadm pw -s SSHA.hex
-V{SSHA.HEX}58b910d947c60b35be3e12b0d9897c1f87dfa450e6d5a75c
    Enter new password:
    Retype new password:
    {SSHA.HEX}4fdf801f57870fb624bee60895c2308187837dfb3987ca06 (verified)

When the user specify a hash, it is checked in place of the usual
verification process. This works with all schemes. Just be sure to
escape special characters or use simple quotes.

    $ doveadm pw -s MD5-CRYPT -V'{MD5-CRYPT}$1$R7thDyN.$E0G0czPE/h4S0Hn/b5oVW1'
    Enter new password:
    Retype new password:
    {MD5-CRYPT}$1$rp8nVSqq$gDAPM5iqv1yhBoDZIWsQ4/ (verified)

Lets print a failed check:

    doveadm pw -s CRYPT -V{CRYPT}/uuE/AAAAAAAA
    Enter new password:
    Retype new password:
    reverse password verification check failed

FYI the word used for those test cases was "password".


Regards,
___
Jimmy Thrasibule <spack.world at gmail.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: user_hash-doveadm-pw.diff
Type: text/x-patch
Size: 1708 bytes
Desc: not available
URL: <http://dovecot.org/pipermail/dovecot/attachments/20110901/ce62b6bb/attachment-0002.bin>


More information about the dovecot mailing list