Text only | Text with Images

Roundcube Community Forum

Third Party Contributions => API Based Plugins => Topic started by: ziluopao on July 18, 2018, 06:23:43 AM

Title: How do I set up the password plug-in to properly encrypt it
Post by: ziluopao on July 18, 2018, 06:23:43 AM
In the roundcube password plug-in, I'm going to use dovecot encryption: CRAM-MD5, and the parameters are set like this.

1、$config['password_algorithm'] = 'clear';
2、$config['password_dovecotpw_method'] = 'CRAM-MD5';
3、$config['password_dovecotpw_with_method'] = true;
4、$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';
But there's no {CRAM-MD5}

As shown in the figure, how should I set it?

Title: Re: How do I set up the password plug-in to properly encrypt it
Post by: SKaero on July 18, 2018, 10:15:27 AM
Set the $config['password_algorithm_prefix']
Title: Re: How do I set up the password plug-in to properly encrypt it
Post by: ziluopao on July 18, 2018, 09:25:07 PM
This setting still doesn't work

Code Select

$config['password_algorithm'] = 'clear';
$config['password_algorithm_prefix'] = '{CRAM-MD5}'
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = '';
$config['password_dovecotpw_with_method'] = true;
$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u LIMIT 1';


The result in the database is
Title: Re: How do I set up the password plug-in to properly encrypt it
Post by: SKaero on July 19, 2018, 12:27:18 AM
If I understand what your trying to do you would want "password_algorithm" set to "dovecot" and "password_dovecotpw_method" set to "CRAM-MD5"
Title: Re: How do I set up the password plug-in to properly encrypt it
Post by: ziluopao on July 19, 2018, 02:33:43 AM
Well, I installed postfix+dovecot+roundcube, and postfix encryption is CRAM-MD5.

Now I want to use the  password plug-in from the roundabout to change the password in the same way, so how do I set it

thank you!
Title: Re: How do I set up the password plug-in to properly encrypt it
Post by: SKaero on July 19, 2018, 10:07:45 AM
I think the following settings would work:
Code Select

$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = 'CRAM-MD5';
$config['password_dovecotpw_with_method'] = true;
Title: Re: How do I set up the password plug-in to properly encrypt it
Post by: ziluopao on July 19, 2018, 12:43:07 PM
So what I get when I do that is,As shown in figure
Quote
$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = 'CRAM-MD5';
$config['password_dovecotpw_with_method'] = true;
$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';
And actually what I want is something like this
{CRAM-MD5}00747cf2ffaf11c5ea4a64979c3901fc1d20dee13f480bb598f7d8575b23e61b
Title: Re: How do I set up the password plug-in to properly encrypt it
Post by: ziluopao on July 19, 2018, 11:12:34 PM
Quote from: SKaero on July 19, 2018, 10:07:45 AM
I think the following settings would work:
Code Select

$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = 'CRAM-MD5';
$config['password_dovecotpw_with_method'] = true;


My LNMP service, in particular, sets security permissions across directories, so there are hints in the log
Quote[20-Jul-2018 10:28:02 PRC] PHP Warning:  proc_open(): open_basedir restriction in effect. File(/dev/null) is not within the allowed path(s): (/www/wwwroot/mail.jnjml.ml/:/tmp/:/proc/) in /www/wwwroot/mail.jnjsj.ml/plugins/password/password.php on line 606
When I remove this sentence from use.ini, it is all right
Quoteopen_basedir=/www/wwwroot/mail.jnjml.ml/:/tmp/:/proc/

After your advice and my continuous pursuit, I finally succeeded, mainly because my English is not very good. So keep reading readme, try to understand the meaning and finally get it done, of course it has a lot to do with your reminder, thank you!

Quote
// The SQL query used to change the password.
// The query can contain the following macros that will be expanded as follows:
//      %p is replaced with the plaintext new password
//      %P is replaced with the crypted/hashed new password
//         according to configured password_method
//      %o is replaced with the old (current) password
//      %O is replaced with the crypted/hashed old (current) password
//         according to configured password_method
//      %h is replaced with the imap host (from the session info)
//      %u is replaced with the username (from the session info)
//      %l is replaced with the local part of the username
//         (in case the username is an email address)
//      %d is replaced with the domain part of the username
//         (in case the username is an email address)
// Deprecated macros:
//      %c is replaced with the crypt version of the new password, MD5 if available
//         otherwise DES. More hash function can be enabled using the password_crypt_hash
//         configuration parameter.
//      %D is replaced with the dovecotpw-crypted version of the new password
//      %n is replaced with the hashed version of the new password
//      %q is replaced with the hashed password before the change
Quote$config['password_query'] = 'UPDATE mailbox SET password=%D WHERE  username=%u LIMIT 1';
use.ini
Quoteopen_basedir=/www/wwwroot/mail.jnjml.ml/:/tmp/:/proc/:/usr/bin/doveadm pw
Text only | Text with Images