I am using Dovecot Salted SHA2-512 for passwords and have this so far.
$config['password_algorithm'] = 'dovecot';
$config['password_dovecotpw_method'] = 'SSHA512';
$config['password_dovecotpw_with_method'] = false;
$config['password_dovecotpw'] = '/usr/bin/doveadm pw';
$config['password_query'] = "UPDATE accounts SET password=%P WHERE
email=%u";
But the part i can't figure out is how to verify the current password in
the query.
$config['password_confirm_current'] = true;
I noticed that %O always returns a different hash so it will never match
the salted hash in SQL. This will never work
UPDATE accounts SET password=%P WHERE email=%u AND password=%O
How can i go about setting it up so it verifies current password or is
that not possible to do with salted passwords?
_______________________________________________
Roundcube Users mailing list
[email protected]
http://lists.roundcube.net/mailman/listinfo/users
