Hi again
I have now solved this with a workaround.
In short, it involves a Drupal 7 module called HTPasswdSync that
intercepts password creation and changes in Drupal, and writes the
password in SHA-1 hash format to a file (/etc/apache2/dovecot). I then
point Dovecot to use this file as userdb and passdb source.
I have written an more in detail explanation that is available at
http://www.stos.se/?q=node/12 .
The question remains; Will Dovecot ever be compatible with Drupal 7
password hashes?
Regards
Tobias RÃ¥denholt
i...@stos.se wrote 2013-03-11 17:57:
Hi
I'm trying to get Dovecot to use Drupal users password for authenticating
IMAP users. But I just cant figure out how to make Dovecot understand the
password hash type that Drupal 7 is using.
My example user with password Teacher1 looks like this in Drupal database:
$S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU
Dovecot retrieves this hash but complains that its not a recognized hash
type, or that the hash is wrong, depending on if I change the default hash
type in Dovecot config.
Any help appreciated.
root@SSiS:/etc/postfix# dovecot --version
1.2.15
root@SSiS:/etc/postfix# dovecot -n
# 1.2.15: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-12-pve i686 Debian 6.0.7 simfs
log_timestamp: %Y-%m-%d %H:%M:%S
login_dir: /var/run/dovecot/login
login_executable: /usr/lib/dovecot/imap-login
mail_privileged_group: mail
mail_location: maildir:/home/vmail/
mbox_write_locks: fcntl dotlock
auth default:
verbose: yes
debug: yes
debug_passwords: yes
passdb:
driver: pam
passdb:
driver: sql
args: /etc/dovecot/dovecot-sql.conf
userdb:
driver: passwd
root@SSiS:/etc/postfix#
root@SSiS:/etc/postfix# grep -v '^ *\(#.*\)\?$'
/etc/dovecot/dovecot-sql.conf
driver = mysql
connect = host=127.0.0.1 dbname=Drupal user=Dru_Adm password=localu
default_pass_scheme = CRYPT
password_query = SELECT name AS user, pass AS password FROM users WHERE
name='%n'
user_query = SELECT
CONCAT(SUBSTRING_INDEX(mail,'@',-1),'/',SUBSTRING_INDEX(mail,'@',1),'/') AS
mail FROM users WHERE name='%n'
root@SSiS:/etc/postfix# tail /var/log/mail.log
Mar 11 16:17:42 SSiS dovecot: auth(default): new auth connection: pid=8593
Mar 11 16:17:51 SSiS dovecot: auth(default): client in:
AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=52316#011resp=AFRlYWNoZXIxAFRlYWNoZXIx
Mar 11 16:17:51 SSiS dovecot: auth-worker(default):
pam(Teacher1,127.0.0.1): lookup service=dovecot
Mar 11 16:17:51 SSiS dovecot: auth-worker(default):
pam(Teacher1,127.0.0.1): #1/1 style=1 msg=Password:
Mar 11 16:17:54 SSiS dovecot: auth-worker(default):
pam(Teacher1,127.0.0.1): pam_authenticate() failed: Authentication failure
(password mismatch?) (given password: Teacher1)
Mar 11 16:17:54 SSiS dovecot: auth-worker(default):
sql(Teacher1,127.0.0.1): query: SELECT name AS user, pass AS password FROM
users WHERE name='Teacher1'
Mar 11 16:17:54 SSiS dovecot: auth-worker(default):
sql(Teacher1,127.0.0.1): Password mismatch
Mar 11 16:17:54 SSiS dovecot: auth-worker(default): md5_verify(Teacher1):
Not a valid MD5-CRYPT or PLAIN-MD5 password
Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in
passdb
Mar 11 16:17:54 SSiS dovecot: auth-worker(default): Invalid OTP data in
passdb
Mar 11 16:17:54 SSiS dovecot: auth-worker(default):
sql(Teacher1,127.0.0.1): CRYPT(Teacher1) !=
'$S$DZwJa.U8HXT2PvTmwCK13rGEYEvnx5DB6/hlqnfCBum4s4U7MVWU'
Mar 11 16:17:56 SSiS dovecot: auth(default): client out:
FAIL#0111#011user=Teacher1
Mar 11 16:18:01 SSiS dovecot: imap-login: Disconnected: Too many invalid
commands (auth failed, 1 attempts): user=<Teacher1>, method=PLAIN,
rip=127.0.0.1, lip=127.0.0.1, secured
Mar 11 16:32:36 SSiS dovecot: auth(default): new auth connection: pid=9075
Mar 11 16:32:41 SSiS dovecot: imap-login: Disconnected: Too many invalid
commands (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
root@SSiS:/etc/postfix#
