I next tried...
$rcmail_config['password_query'] = 'UPDATE mailserver SET password=%D WHERE username=%u';
...which resulted in "Could not update password. Encryption function missing."
I reviewed the guide I had used, noting...
default_pass_scheme = SHA512-CRYPT
...in /etc/dovecot/dovecot-sql.conf.ext
The guide that I used to set up postfix/dovecot also suggested a password encryption function, as follows:
INSERT INTO `mailserver`.`virtual_users`
(`id`, `domain_id`, `password` , `email`)
VALUES
('1', '1', ENCRYPT('firstpassword', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'email1@example.com'),
('2', '1', ENCRYPT('secondpassword', CONCAT('$6$', SUBSTRING(SHA(RAND()), -16))), 'email2@example.com');
Line 110 of the password plugin readme states:
Use a MYSQL crypt function (*nix only) with random 8 character salt
-UPDATE users SET password=ENCRYPT(%p,concat(_utf8'$1$',right(md5(rand()),8),_utf8'$')) WHERE username=%u LIMIT 1
Having read another user's bad experience using this command, I attempted to modify password_query as follows:
$rcmail_config['password_query'] = 'UPDATE mailserver SET password=ENCRYPT(%p,concat('$6$', SUBSTRING(SHA(RAND()), -16))) WHERE username=%u LIMIT 1';
Which resulted in this error, from the roundcube log:
[05-Nov-2013 19:08:20 UTC] PHP Parse error: syntax error, unexpected '$' in /var/www/round/plugins/password/config.inc.php on line 45
This breaks the roundcube settings page; neither the password option nor any other options are accessible for the user.
Maybe I'm lacking independence or insight, but password_query seems very challenging for the non-expert system admin to configure. If there's any way to help newcomers configure this more easily, I'm sure it would be much appreciated and much more utilized.
Can you show me the correct syntax, SKAero?
Thanks!
EDIT: adding the _utf8 syntax, with or without the trailing "_utf8'$'", also does not work.
$rcmail_config['password_query'] = 'UPDATE mailserver SET password=ENCRYPT(%p,concat(_utf8'$6$', SUBSTRING(SHA(RAND()), -16),_utf8'$')) WHERE username=%u LIMIT 1';
EDIT2: I doubt this is relevant, but "CRAM-MD5" was worrying me, so here's more from my config:
$rcmail_config['password_crypt_hash'] = 'sha512';
$rcmail_config['password_idn_ascii'] = false;
$rcmail_config['password_dovecotpw'] = '/usr/sbin/dovecot';
$rcmail_config['password_dovecotpw_method'] = 'CRAM-MD5';
$rcmail_config['password_dovecotpw_with_method'] = false;
$rcmail_config['password_hash_algorithm'] = 'sha1';
$rcmail_config['password_hash_base64'] = false;
EDIT3: Curiously, even the readme-supplied crypt function (line 110) breaks roundcube:
$rcmail_config['password_query'] = 'UPDATE users SET password=ENCRYPT(%p,concat(_utf8'$1$',right(md5(rand()),8),_utf8'$')) WHERE username=%u LIMIT 1';
I presume that adjoining _utf8 to '$1$' was supposed to prevent this error, so maybe it's as simple as using a different prefix? I'm totally lost on this one. Any good ideas out there?