Author Topic: Use password plugin strange problems  (Read 9679 times)

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Use password plugin strange problems
« on: January 13, 2017, 07:17:31 AM »
Hi all!
When using password plug-in, I change password is successful, the new password saved in the database, but can't log in with the new password!
I use the postfix v2.6.6, roundcube v1.2.3,dovecot2.0.9
In the roundcube password in the plug-in configuration is:
Code: [Select]
$config['password_db_dsn'] = 'mysql://postfix:r71433SaMCEXnI4Adat@localhost/postfix';
$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE  username=%u LIMIT 1';
$config['password_crypt_hash'] = 'md5';
I don't know where is wrong, the strange thing is, can make the new modified password, but can't use it to log in, that's strange! :-
thanks!
Supplement:
I forgot to say a software: postfixadmin
It is used to manage the mailbox. The reason why is it caused by different encryption?
[
« Last Edit: January 14, 2017, 12:47:38 AM by ziluopao »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
Re: Use password plugin strange problems
« Reply #1 on: January 13, 2017, 07:25:12 AM »
Does the password change in the database? Are you able to login with the old password after it has been changed?

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: Use password plugin strange problems
« Reply #2 on: January 13, 2017, 07:32:54 AM »
In the database password is changed, but can't log in with the new password, more can't log in with the old password, of course, for the change it

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
Re: Use password plugin strange problems
« Reply #3 on: January 13, 2017, 07:46:38 AM »
It looks like your going to need to set the password_algorithm_prefix to {CRAM-MD5}
Code: [Select]
// Password prefix (e.g. {CRYPT}, {SHA}) for passwords generated
// using password_algorithm above. Default: empty.
$config['password_algorithm_prefix'] = '';

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: Use password plugin strange problems
« Reply #4 on: January 13, 2017, 08:15:10 AM »
Supplement:
I forgot to say a software: postfixadmin
It is used to manage the mailbox. The reason why is it caused by different encryption?

It is no use:
$config['password_algorithm_prefix'] = '{CRAM-MD5}';
Encrypted data in the display (as shown in figure),

The encryption method is postfixadmin and roundcube is different.But I don't know how to detect postfixadmin encryption, if found out, and let them keep a kind of encryption method, perhaps can solve a problem.
« Last Edit: January 13, 2017, 08:39:09 AM by ziluopao »

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: Use password plugin strange problems
« Reply #5 on: January 13, 2017, 08:57:55 AM »
I use this writing plus the {CRAM - MD5}
UPDATE mailbox SET password=CONCAT(\'{CRAM-MD5}\',MD5(%q)) WHERE username=%u LIMIT 1
But save the string in the database after the new password encryption, namely {CRAM - MD5} behind, or not, because still can't login with new password.

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
Re: Use password plugin strange problems
« Reply #6 on: January 13, 2017, 04:46:50 PM »
Knowing that the system is using PostFixAdmin helps. Try changing the "password_algorithm" setting to "dovecot" and set "password_dovecotpw_with_method" to true and use "%P" as the password in the query.

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: Use password plugin strange problems
« Reply #7 on: January 13, 2017, 07:29:31 PM »
Change according to your request, including query tried in two forms,
----------------------------------------------------------------------------------------------------------------
If the query is UPDATE mailbox SET password=CONCAT(\'{CRAM-MD5}\',MD5(%p)) WHERE username=%u LIMIT 1, to get the result

----------------------------------------------------------------------------------------------------------------
If the query is UPDATE mailbox SET password=%p WHERE username=%u LIMIT 1, to get the result

----------------------------------------------------------------------------------------------------------------
Still won't do
« Last Edit: January 13, 2017, 07:32:45 PM by ziluopao »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
Re: Use password plugin strange problems
« Reply #8 on: January 13, 2017, 07:57:27 PM »
The P needs to be capitalized "%P"

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: Use password plugin strange problems
« Reply #9 on: January 13, 2017, 08:14:48 PM »
If the above two query in the small p into big p, will prompt error
In addition, the parameter $config [' password_algorithm_prefix] = '{CRAM - MD5}'; Seems doesn't work, seems to be dispensable
« Last Edit: January 13, 2017, 08:28:40 PM by ziluopao »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
Re: Use password plugin strange problems
« Reply #10 on: January 13, 2017, 08:40:46 PM »
It will be the capital P, you most likely need to set the path to the doveadm command in the password_dovecotpw setting:
Code: [Select]
// Path for dovecotpw/doveadm-pw (if not in the $PATH).
// Used for password_algorithm = 'dovecot'.
// $config['password_dovecotpw'] = '/usr/local/sbin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw'] = '/usr/local/sbin/dovecotpw'; // for dovecot-1.x

The password_algorithm_prefix option is only used in some cases, once the dovecot method is working correct it should work as expect.

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: Use password plugin strange problems
« Reply #11 on: January 13, 2017, 09:34:04 PM »
I write the query
Code: [Select]
$config['password_query'] = 'UPDATE mailbox SET password=%P WHERE username=%u LIMIT 1';Still doesn't work

I am using is dovecot2.0.9
Doveadm pw is working
Code: [Select]
[root@mail bin]# /usr/bin/doveadm pw
Enter new password:
Retype new password:
{CRAM-MD5}cac4ce2f7dc054d3eceb912c447008f40f80d6aabec8c224e
[root@mail bin]#
In postfixadmin set so
Code: [Select]
// Encrypt
// In what way do you want the passwords to be crypted?
// md5crypt = internal postfix admin md5
// md5 = md5 sum of the password
// system = whatever you have set as your PHP system default
// cleartext = clear text passwords (ouch!)
// mysql_encrypt = useful for PAM integration
// authlib = support for courier-authlib style passwords
// dovecot:CRYPT-METHOD = use dovecotpw -s 'CRYPT-METHOD'. Example: dovecot:CRAM-MD5
//   (WARNING: don't use dovecot:* methods that include the username in the hash - you won't be able to login to PostfixAdmin in this case)
$CONF['encrypt'] = 'dovecot:CRAM-MD5';
// $CONF['dovecotpw'] = "/usr/sbin/dovecotpw";
// for dovecot 2.x (dovecot 2.0.0 - 2.0.7 is not supported!)
$CONF['dovecotpw'] = "/usr/bin/doveadm pw";
In roundcube set so
Code: [Select]
// Used for password_algorithm = 'dovecot'.
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
// For details see password::hash_password() method.
$config['password_algorithm'] = 'dovecot';
// when using the %D macro (deprecated, use %P)
$config['password_dovecotpw_with_method'] = true;
Where is the mistake?
thanks!
« Last Edit: January 16, 2017, 09:49:55 AM by ziluopao »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
Re: Use password plugin strange problems
« Reply #12 on: January 13, 2017, 11:41:02 PM »
Well I think that all looks good so now we'll have to get into the harder debugging.

1. Make sure the temp and logs directories are writable by Roundcube
2. Find the following code in the <RC root>/plugins/password/password.php:
Code: [Select]
$pipe = popen("$dovecotpw -s '$method' > '$tmpfile'", "w");
if (!$pipe) {
    unlink($tmpfile);
    return false;
}
and change it to:
Code: [Select]
$pipe = popen("$dovecotpw -s '$method' > '$tmpfile'", "w");
if (!$pipe) {
    rcube::write_log('errors', 'Plugin password (dovecot driver): 1 - '. $tmpfile);
    unlink($tmpfile);
    return false;
}
3. Find the following code in the <RC root>/plugins/password/password.php:
Code: [Select]
if (!preg_match('/^\{' . $method . '\}/', $crypted)) {
    return false;
}
and change it to:
Code: [Select]
if (!preg_match('/^\{' . $method . '\}/', $crypted)) {
    rcube::write_log('errors', 'Plugin password (dovecot driver): 2 - '. $crypted);
    return false;
}
4. Try to save the password
5. Post the output from <RC root>/logs/errors

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: Use password plugin strange problems
« Reply #13 on: January 14, 2017, 12:35:18 AM »
Debugging in accordance with your request, look at the logs found:
Code: [Select]
[root@mail logs]# cat errors
 [14-Jan-2017 13:35:35 PRC] PHP Warning:  popen() has been disabled for security reasons in /mypro/root/hunqing1.com/plugins/password/password.php on line 587
[14-Jan-2017 13:35:35 +0800]: <dg9418jj> Plugin password (dovecot driver): 1 - /mypro/root/hunqing1.com/temp/roundcube-riDGY7
[root@mail logs]#
Appears to be the popen () are disabled.After I open the password plug-ins work smoothly!
Thank SKaero help! Thanks!
« Last Edit: January 14, 2017, 12:51:04 AM by ziluopao »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,876
    • SKaero - Custom Roundcube development
Re: Use password plugin strange problems
« Reply #14 on: January 14, 2017, 11:20:10 AM »
NP, glad its working.