Roundcube Community Forum

 

How do I set up the password plug-in to properly encrypt it

Started by ziluopao, July 18, 2018, 06:23:43 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions

ziluopao

July 18, 2018, 06:23:43 AM Last Edit: July 18, 2018, 06:28:46 AM by ziluopao
In the roundcube password plug-in, I'm going to use dovecot encryption: CRAM-MD5, and the parameters are set like this.

1、$config['password_algorithm'] = 'clear';
2、$config['password_dovecotpw_method'] = 'CRAM-MD5';
3、$config['password_dovecotpw_with_method'] = true;
4、$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';
But there's no {CRAM-MD5}

As shown in the figure, how should I set it?

SKaero

#1
July 18, 2018, 10:15:27 AM
Set the $config['password_algorithm_prefix']

ziluopao

#2
July 18, 2018, 09:25:07 PM Last Edit: July 18, 2018, 10:05:22 PM by ziluopao
This setting still doesn't work

Code Select

$config['password_algorithm'] = 'clear';
$config['password_algorithm_prefix'] = '{CRAM-MD5}'
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = '';
$config['password_dovecotpw_with_method'] = true;
$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u LIMIT 1';


The result in the database is

SKaero

#3
July 19, 2018, 12:27:18 AM
If I understand what your trying to do you would want "password_algorithm" set to "dovecot" and "password_dovecotpw_method" set to "CRAM-MD5"

ziluopao

#4
July 19, 2018, 02:33:43 AM Last Edit: July 19, 2018, 04:39:56 AM by ziluopao
Well, I installed postfix+dovecot+roundcube, and postfix encryption is CRAM-MD5.

Now I want to use the  password plug-in from the roundabout to change the password in the same way, so how do I set it

thank you!

SKaero

#5
July 19, 2018, 10:07:45 AM
I think the following settings would work:
Code Select

$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = 'CRAM-MD5';
$config['password_dovecotpw_with_method'] = true;

ziluopao

#6
July 19, 2018, 12:43:07 PM Last Edit: July 19, 2018, 09:30:53 PM by ziluopao
So what I get when I do that is,As shown in figure
Quote
$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = 'CRAM-MD5';
$config['password_dovecotpw_with_method'] = true;
$config['password_query'] = 'UPDATE mailbox SET password=%c WHERE username=%u';
And actually what I want is something like this
{CRAM-MD5}00747cf2ffaf11c5ea4a64979c3901fc1d20dee13f480bb598f7d8575b23e61b

ziluopao

#7
July 19, 2018, 11:12:34 PM Last Edit: July 20, 2018, 01:16:58 AM by ziluopao
Quote from: SKaero on July 19, 2018, 10:07:45 AM
I think the following settings would work:
Code Select

$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw'] = '/usr/bin/doveadm pw'; // for dovecot-2.x
$config['password_dovecotpw_method'] = 'CRAM-MD5';
$config['password_dovecotpw_with_method'] = true;


My LNMP service, in particular, sets security permissions across directories, so there are hints in the log
Quote[20-Jul-2018 10:28:02 PRC] PHP Warning:  proc_open(): open_basedir restriction in effect. File(/dev/null) is not within the allowed path(s): (/www/wwwroot/mail.jnjml.ml/:/tmp/:/proc/) in /www/wwwroot/mail.jnjsj.ml/plugins/password/password.php on line 606
When I remove this sentence from use.ini, it is all right
Quoteopen_basedir=/www/wwwroot/mail.jnjml.ml/:/tmp/:/proc/

After your advice and my continuous pursuit, I finally succeeded, mainly because my English is not very good. So keep reading readme, try to understand the meaning and finally get it done, of course it has a lot to do with your reminder, thank you!

Quote
// The SQL query used to change the password.
// The query can contain the following macros that will be expanded as follows:
//      %p is replaced with the plaintext new password
//      %P is replaced with the crypted/hashed new password
//         according to configured password_method
//      %o is replaced with the old (current) password
//      %O is replaced with the crypted/hashed old (current) password
//         according to configured password_method
//      %h is replaced with the imap host (from the session info)
//      %u is replaced with the username (from the session info)
//      %l is replaced with the local part of the username
//         (in case the username is an email address)
//      %d is replaced with the domain part of the username
//         (in case the username is an email address)
// Deprecated macros:
//      %c is replaced with the crypt version of the new password, MD5 if available
//         otherwise DES. More hash function can be enabled using the password_crypt_hash
//         configuration parameter.
//      %D is replaced with the dovecotpw-crypted version of the new password
//      %n is replaced with the hashed version of the new password
//      %q is replaced with the hashed password before the change
Quote$config['password_query'] = 'UPDATE mailbox SET password=%D WHERE  username=%u LIMIT 1';
use.ini
Quoteopen_basedir=/www/wwwroot/mail.jnjml.ml/:/tmp/:/proc/:/usr/bin/doveadm pw
Print
Go Up Pages1
User actions