1 Topic by jfreak53

  • jfreak53
  • Member
  • Offline
  • Registered: 2012-03-24
  • Posts: 19

Topic: MD5 Only Passwords for Sogo Support

==== Provide required information to help troubleshoot and get quick answer ====
- iRedMail version: Latest
- Linux/BSD distribution name and version: CentOS 5.6
- Any related log? Log is helpful for troubleshooting.
====

I need to get iRedAdmin to plain MD5 password's so they are compatible with Sogo.  I tried this in iredutils.py:

SQL_DEFAULT_PASSWD_SCHEME = 'MD5
SQL_PASSWD_PREFIX_SCHEME = False

But no go, I also changed in md5crypt.py to:

return salt + passwd

So it wouldn't use the $ or Magic.

Is there any other way to do this that I'm missing?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: MD5 Only Passwords for Sogo Support

May i know which version of iRedAdmin-Pro-MySQL you have? I can post patch to achieve it here.

3 Reply by jfreak53

  • jfreak53
  • Member
  • Offline
  • Registered: 2012-03-24
  • Posts: 19

Re: MD5 Only Passwords for Sogo Support

Awesome thanks, it's the latest regular version, not Pro.  It's:
iRedMail-0.7.4

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: MD5 Only Passwords for Sogo Support

Set 'SQL_DEFAULT_PASSWD_SCHEME' to 'PLAINMD5' and try below patch:

diff -r 5f8353e1297f libs/iredutils.py
--- a/libs/iredutils.py    Sat Feb 18 17:20:01 2012 +0800
+++ b/libs/iredutils.py    Fri Apr 13 20:02:14 2012 +0800
@@ -348,9 +348,23 @@
     return md5crypt.unix_md5_crypt(p, getRandomPassword(length=8))
 
 
+def getPlainMD5Password(p):
+    p = str(p)
+    try:
+        from hashlib import md5
+        return md5(p).hexdigest()
+    except ImportError:
+        import md5
+        return md5.new(p).hexdigest()
+
+    return p
+
+
 def getSQLPassword(p):
     if SQL_DEFAULT_PASSWD_SCHEME == 'MD5':
         return getMD5Password(p)
+    elif pwscheme == 'PLAINMD5':
+        pw = getPlainMD5Password(p)
     else:
         # PLAIN text.
         return p

5 Reply by jfreak53

  • jfreak53
  • Member
  • Offline
  • Registered: 2012-03-24
  • Posts: 19

Re: MD5 Only Passwords for Sogo Support

Awesome, thanks!  Well for some reason the diff file and command didn't work for me, not sure why but it didn't.  So all I did was copy paste.  But there was an error in the code and I didn't notice it until I tried to change a password ha ha, you had this:

elif pwscheme == 'PLAINMD5':

That didn't work and when I went to change a password it just didn't work and gave me an error.  So I changed it to the above and it worked just fine:

if SQL_DEFAULT_PASSWD_SCHEME == 'PLAINMD5':

So now all is working, thanks for the help.  Now the only problem is admin's.  For admin's of course when I go to change an admin password it works, it changes it to plain MD5, great.  But login for admin's still requires the old hashing sequence.  Any idea where that is at so I can change that as well?  That way I can actually allow my admin to change his password smile ha ha

Thanks.

6 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: MD5 Only Passwords for Sogo Support

Good news.

For admin login, please check file libs/mysql/core.py, class Auth.

7 Reply by jfreak53

  • jfreak53
  • Member
  • Offline
  • Registered: 2012-03-24
  • Posts: 19

Re: MD5 Only Passwords for Sogo Support

I just figured it out like 2 seconds ago ha ha, I came back to post my findings.

Well for anyone looking in the future.  That file mentioned above libs/mysql/core.py imports the file iredutils.py, so all you have to do is search for this line:

if md5crypt.md5crypt(password, salt) == str(record.password):

Comment it out using #, then underneath it put:

if iredutils.getPlainMD5Password(password) == str(record.password):

Because the library iredutils was imported above and already has the function to encrypt.  It took me a bit of looking and searching but I found it smile

Thanks for all the help.

8 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: MD5 Only Passwords for Sogo Support

Glad to hear that it works for you.

To make it compatible with Dovecot password schemes, it will be renamed to 'PLAIN-MD5' in next release (there's a '-').