New password hashing scheme as plugin
Andreas Meyer
luckyfellow42 at gmail.com
Mon Aug 1 12:45:34 UTC 2016
2016-07-31 16:39 GMT+02:00 <aki.tuomi at dovecot.fi>:
>
> > On July 27, 2016 at 2:08 AM Andreas Meyer <luckyfellow42 at gmail.com>
> wrote:
> >
> >
> > Hi,
> >
> >
> > I want to add a new password hashing scheme as plugin and provide it for
> > the dovecot project, so that it will be included as optional plugin in
> > future releases.
> >
> > Yet the plugin compiles fine and the .so file gets created.
> >
> > My approach is to call the functions password_scheme_register() and
> > password_scheme_unregister() (src/auth/password-scheme.c) inside the
> > plugin's _init() and _deinit() functions.
> >
> > When a client tries to login via imap the log shows an error message:
> >
> > Error: Couldn't load required plugin
> > /usr/local/lib/dovecot/lib20_newauth_plugin.so: dlopen() failed:
> > /usr/local/lib/dovecot/lib20_newauth_plugin.so: undefined symbol:
> > password_scheme_unregister
> >
> > That error obviously occurs, because the required lib is not linked into
> > the plugin.
> >
> >
> > Now my problem is to understand, whether this approach (via .so file) can
> > be successful at all and if so, how?
> > Do I need to link libs into it? Which would that be and how do I specify
> > them in the Makefile.am?
> >
> > I assume, I don't need to link a lib, but need to use a hook to register
> > the new hashing scheme, since the plugin is loaded into an already
> existing
> > process, which needs to get extended. If this is true, which hook would
> > that be and how do I register the new scheme?
> >
> > Or is there no way to accomplish this via a separated .so plugin? Should
> I
> > extend the sources in /src/auth instead? (separat file for the hashing
> > scheme with preprocessor instructions to include it only on demand)
> >
> >
> >
> > Thank you very much,
> >
> > Andreas
>
> Can you publish your code in, say, github.com and provide link to it?
> New password scheme is doable as plugin but it needs to placed in different
> place and it will be autoloaded.
>
> Aki
>
I created two branches. Both compile fine with the option: --with-libsodium
Branch #1)
https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_libsodium_plugin
This is my try to add libsodium support as plugin. When the plugin is
loaded, it exits with the mentioned error message "undefined symbol:
password_scheme_unregister"
Branch #2)
https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_libsodium_auth
This compiles fine and also works. The new hashing schemes SCRYPT and
ARGON2 are available to dovecot.
Libsodium support is not created as module, but only added if the
--with-libsodium option was passed to configure.
Regards,
Andreas
More information about the dovecot
mailing list