Hello, I have problem with authentication. I'm using SHA1 passwords stored in MySQL.>From debug:Info: auth-worker(default): sql(test at mail, IP): query: SELECT password FROM vmail WHERE mail = 'test at mail' Info: auth-worker(default): sql(test at mail ,IP): Password mismatch Info: auth-worker(default): sql(test at mail ,IP): SHA1(dupadupa) != '2bca9dbe8a14811c687bb8c51c0e1cd14db8a018' I tried convert password to upper case, but it didn't help. Then I tried authentication in plain text and everything works fine... So, does dovecot crypt SHA1 using other method? I also use same SHA1 passwords to authenticate users in exim and it doesn't have any problem with that. I'm using mysql 5.0.24 and dovecot 1.0 rc7. Best regards, Tomasz Krynicki
On Thu, 31 Aug 2006, guard wrote:> > Hello, > I have problem with authentication. > I'm using SHA1 passwords stored in MySQL. > > From debug: > Info: auth-worker(default): sql(test at mail, IP): query: SELECT password FROM > vmail WHERE mail = 'test at mail' > Info: auth-worker(default): sql(test at mail ,IP): Password mismatch > Info: auth-worker(default): sql(test at mail ,IP): SHA1(dupadupa) != > '2bca9dbe8a14811c687bb8c51c0e1cd14db8a018' > > I tried convert password to upper case, but it didn't help. Then I > tried authentication in plain text and everything works fine... > So, does dovecot crypt SHA1 using other method? > > I also use same SHA1 passwords to authenticate users in exim and it doesn't > have any problem with that. > > I'm using mysql 5.0.24 and dovecot 1.0 rc7.I have found the reason why i can not authenticate users using SHA1 passowds. Problem is dovecot stores sha1 as "sum of the password stored in base64" but mysql and exim store it in hex. Question is why, and does anyone have patch for it? Best regards, Tomasz Krynicki
Timo Sirainen
2006-Oct-08 22:56 UTC
[Dovecot] Password mismatch - SHA1 authentication problem.
On Thu, 2006-08-31 at 22:37 +0200, guard wrote:> Hello, > I have problem with authentication. > I'm using SHA1 passwords stored in MySQL. > > >From debug: > Info: auth-worker(default): sql(test at mail, IP): query: SELECT > password FROM vmail WHERE mail = 'test at mail' > Info: auth-worker(default): sql(test at mail ,IP): Password mismatch > Info: auth-worker(default): sql(test at mail ,IP): SHA1(dupadupa) != > '2bca9dbe8a14811c687bb8c51c0e1cd14db8a018'In case you didn't yet figure this out, there's a small difference.. Dovecot wants SHA1-passwords to be base64-encoded, while the password above is hex-encoded. Hmm. I think this could be detected automatically based on just the length of the string.. Yea, I think I'll change the code to handle both cases automatically. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20061009/604cd08f/attachment.bin>