Author Topic: How do I set up the password plug-in to properly encrypt it  (Read 9210 times)

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
In the roundcube password plug-in, I'm going to use dovecot encryption: CRAM-MD5, and the parameters are set like this.

1、$config['password_algorithm'] = 'clear';
2、$config['password_dovecotpw_method'] = 'CRAM-MD5';
3、$config['password_dovecotpw_with_method'] = true;
4、$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';
But there's no {CRAM-MD5}

As shown in the figure, how should I set it?

« Last Edit: July 18, 2018, 06:28:46 AM by ziluopao »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,873
    • SKaero - Custom Roundcube development
Re: How do I set up the password plug-in to properly encrypt it
« Reply #1 on: July 18, 2018, 10:15:27 AM »
Set the $config['password_algorithm_prefix']

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: How do I set up the password plug-in to properly encrypt it
« Reply #2 on: July 18, 2018, 09:25:07 PM »
This setting still doesn't work

Code: [Select]
$config['password_algorithm'] = 'clear';
$config['password_algorithm_prefix'] = '{CRAM-MD5}'
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = '';
$config['password_dovecotpw_with_method'] = true;
$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u LIMIT 1';

The result in the database is
« Last Edit: July 18, 2018, 10:05:22 PM by ziluopao »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,873
    • SKaero - Custom Roundcube development
Re: How do I set up the password plug-in to properly encrypt it
« Reply #3 on: July 19, 2018, 12:27:18 AM »
If I understand what your trying to do you would want "password_algorithm" set to "dovecot" and "password_dovecotpw_method" set to "CRAM-MD5"

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: How do I set up the password plug-in to properly encrypt it
« Reply #4 on: July 19, 2018, 02:33:43 AM »
Well, I installed postfix+dovecot+roundcube, and postfix encryption is CRAM-MD5.

Now I want to use the  password plug-in from the roundabout to change the password in the same way, so how do I set it

thank you!
« Last Edit: July 19, 2018, 04:39:56 AM by ziluopao »

Offline SKaero

  • Administrator
  • Hero Member
  • *****
  • Posts: 5,873
    • SKaero - Custom Roundcube development
Re: How do I set up the password plug-in to properly encrypt it
« Reply #5 on: July 19, 2018, 10:07:45 AM »
I think the following settings would work:
Code: [Select]
$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = 'CRAM-MD5';
$config['password_dovecotpw_with_method'] = true;

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: How do I set up the password plug-in to properly encrypt it
« Reply #6 on: July 19, 2018, 12:43:07 PM »
So what I get when I do that is,As shown in figure
Quote
$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = 'CRAM-MD5';
$config['password_dovecotpw_with_method'] = true;
$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';
And actually what I want is something like this
{CRAM-MD5}00747cf2ffaf11c5ea4a64979c3901fc1d20dee13f480bb598f7d8575b23e61b
« Last Edit: July 19, 2018, 09:30:53 PM by ziluopao »

Offline ziluopao

  • Jr. Member
  • **
  • Posts: 15
Re: How do I set up the password plug-in to properly encrypt it
« Reply #7 on: July 19, 2018, 11:12:34 PM »
I think the following settings would work:
Code: [Select]
$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = 'CRAM-MD5';
$config['password_dovecotpw_with_method'] = true;

My LNMP service, in particular, sets security permissions across directories, so there are hints in the log
Quote
[20-Jul-2018 10:28:02 PRC] PHP Warning:  proc_open(): open_basedir restriction in effect. File(/dev/null) is not within the allowed path(s): (/www/wwwroot/mail.jnjml.ml/:/tmp/:/proc/) in /www/wwwroot/mail.jnjsj.ml/plugins/password/password.php on line 606
When I remove this sentence from use.ini, it is all right
Quote
open_basedir=/www/wwwroot/mail.jnjml.ml/:/tmp/:/proc/

After your advice and my continuous pursuit, I finally succeeded, mainly because my English is not very good. So keep reading readme, try to understand the meaning and finally get it done, of course it has a lot to do with your reminder, thank you!

Quote
// The SQL query used to change the password.
// The query can contain the following macros that will be expanded as follows:
//      %p is replaced with the plaintext new password
//      %P is replaced with the crypted/hashed new password
//         according to configured password_method
//      %o is replaced with the old (current) password
//      %O is replaced with the crypted/hashed old (current) password
//         according to configured password_method
//      %h is replaced with the imap host (from the session info)
//      %u is replaced with the username (from the session info)
//      %l is replaced with the local part of the username
//         (in case the username is an email address)
//      %d is replaced with the domain part of the username
//         (in case the username is an email address)
// Deprecated macros:
//      %c is replaced with the crypt version of the new password, MD5 if available
//         otherwise DES. More hash function can be enabled using the password_crypt_hash
//         configuration parameter.
//      %D is replaced with the dovecotpw-crypted version of the new password
//      %n is replaced with the hashed version of the new password
//      %q is replaced with the hashed password before the change
Quote
$config['password_query'] = 'UPDATE mailbox SET password=%D WHERE  username=%u LIMIT 1';
use.ini
Quote
open_basedir=/www/wwwroot/mail.jnjml.ml/:/tmp/:/proc/:/usr/bin/doveadm pw
« Last Edit: July 20, 2018, 01:16:58 AM by ziluopao »