Quote from: SKaero on November 24, 2025, 08:36:25 PMThat would be the issue. The config file needs to be named "config.inc.php" not "config.php"

*facepalm* That was indeed the issue. Completely my fault. I fixed it, tests successfully now.

thanks!

That would be the issue. The config file needs to be named "config.inc.php" not "config.php"

Quote from: SKaero on November 22, 2025, 11:53:18 PMThis is a telling issue, I'm worried that you config options aren't being picked up. What file are you making these changes in?

I was curious about that as well.

These are changes made in the /plugins/password/config.php file.

Max wins the Las Vegas GP and he is still in the race to win the drivers' championship.

Quote from: jrn75 on November 22, 2025, 10:46:30 PM(quick edit, this bit hasn't been working either:

$config['password_confirm_current'] = true;

It's only showing me the 2 "new password" fields. not a huge issue, just noting it)

This is a telling issue, I'm worried that you config options aren't being picked up. What file are you making these changes in?

debian 13.2 (trixie) with php8.4.11, Roundcube 1.7 beta2 and the "password" plugin. A previous thread on this had the following:

"
Yep, you killed it! thanks a lot.

The problem is solved finally.

correct config is as below:
$config['password_algorithm'] = "blowfish-crypt";     
$config['password_algorithm_options'] = "blf-crypt";
$config['password_algorithm_prefix'] = "{BLF-CRYPT}";
$config['password_dovecotpw'] = "/usr/local/bin/doveadm pw";
$config['password_dovecotpw_method'] = "BLF-CRYPT";
$config['password_dovecotpw_with_method'] = true;"

I have all of those in my config.php but my attempt to change a password yields:

"PHP Error: Password plugin: Hash method not supported. in /var/www/html/roundcube/plugins/password/password.php on line 741 (POST /?_task=settings&_action=plugin.password-save)"

Some previous guides noted I need php-hash but that's now included with php and not a separate install. I also have postfix admin on the same server and I have successfully created users and changed passwords that way.
I've been able to test doveadm pw as well, and it seems to work.

user@box:/usr/bin$ doveadm pw -s BLF-CRYPT -p testpass
{BLF-CRYPT}$2y$05$jsxkzAVL1.....

I know it's a beta but where else can I look?

Here's most of my config:

$config['password_driver'] = 'sql';
$config['password_confirm_current'] = true;
$config['password_log'] = true;
$config['password_login_exceptions'] = null;
$config['password_hosts'] = null;
$config['password_force_save'] = false;
$config['password_force_new_user'] = false;
$config['password_algorithm'] = 'blowfish-crypt';


(tried "dovecot" there too)

$config['password_algorithm_options'] = "blf-crypt";
$config['password_algorithm_prefix'] = "{BLF-CRYPT}";
$config['password_dovecotpw_method'] = 'BLF-CRYPT';
$config['password_dovecotpw_with_method'] = true;
$config['password_disabled'] = false;
$config['password_username_format'] = '%u';
$config['password_query'] = 'UPDATE mailbox SET password=%P WHERE username=%u LIMIT 1';

Thank you for your assistance.


(quick edit, this bit hasn't been working either:

$config['password_confirm_current'] = true;

It's only showing me the 2 "new password" fields. not a huge issue, just noting it)

That error would be the problem but it's a little hard to say what the problem is specifically. The part that jumps out at me is "upstream: "fastcgi://xxx.xxx.xxx.xxx:80" that should be the port that php-fpm is running on and that shouldn't be port 80. It makes it seem like its trying to connect to nginx instead of php-fpm. What does you php-fpm config look like?

Hi, SKaero.

I just tried to load the webmail again, and the php-fpm log (/var/log/php-fpm/php-fpm.log) hasn't recorded anything new (latest entry is from an hour ago).

The nginx error log (/var/log/nginx/error.log) shows a new entry:

*6886 upstream sent unsupported FastCGI protocol version: 72 while reading response header from upstream, client: xxx.xxx.xxx.xxx(IP), server: _, request: "GET /mail/ HTTP/2.0", upstream: "fastcgi://xxx.xxx.xxx.xxx:80", host: "mail.website.com"

I'm not sure if the version of FastCGI protocol can be specified somewhere, of if server should be something other than _. Is this a useful log entry?

Thanks.

A fix for Roundcube master (which supports PHP >= 8.1) might be to remove all ->done() calls from the 'ldap' driver code, but I can't test it.

I suggest to try the ldap_simple driver instead of ldap for the password plugin.