Good afternoon, I am trying to setup dovecot to authenticate using the userdata from wordpress. It's being a bit mor difficult than I thought. This is the relevant part of the dovecot-sql.conf default_pass_scheme = CRYPT password_query = SELECT user_pass AS password FROM wp_users WHERE user_email='%u'; user_query = SELECT 501 as uid, 501 as gid,'maildir:storage=51200' as quota FROM wp_users WHERE user_email = '%u' I can see that the query is being procecessed according to the logs. Wordpress and others are using phpass to authenticate (http://www.openwall.com/phpass/), it is basically a salted md5 hash. Basically, after the process, a hash like this is obtained. $P$BiWISc3IsqRHxeEjq4VJP1Vi8gy4mg1 (for test123 password) I would like to know if dovecot would be able to read this, otherwise I could still make a custom checkpassword function but that would be non-optimal. Could someone guide me on this? If you need more details just ask. Thanks a lot, joan
Timo Sirainen
2011-Mar-12 15:39 UTC
[Dovecot] Using dovecot with wordpress/phpass passwords?
On Fri, 2011-03-11 at 17:39 +0100, Joan wrote:> default_pass_scheme = CRYPT > password_query = SELECT user_pass AS password FROM wp_users WHERE > user_email='%u'; > user_query = SELECT 501 as uid, 501 as gid,'maildir:storage=51200' as > quota FROM wp_users WHERE user_email = '%u'If you're using Dovecot v1.1+ that quota value won't work.> Wordpress and others are using phpass to authenticate > (http://www.openwall.com/phpass/), it is basically a salted md5 hash. > Basically, after the process, a hash like this is obtained. > > $P$BiWISc3IsqRHxeEjq4VJP1Vi8gy4mg1 (for test123 password) > > I would like to know if dovecot would be able to read this,It can't. But if you're using Openwall, apparently its crypt() supports this and Dovecot doesn't need to.> otherwise > I could still make a custom checkpassword function but that would be > non-optimal.Either that or write a phpass plugin.