Finally it works!. O.S: Fedora Core 6, but i think it works on diferents RH or RPM based distros.
1.- Obtain the libxcrypt tarball (you can get a copy of the latest version in http://ftp.suse.com/pub/people/kukuk/libxcrypt/). You'll find a spec file to build a rpm install in a similar way as build rpm package for courier-imap or courier-authlib. Install libxcrypt-xx.rpm and libxcrypt-devel-xxx.rpm 2.- In /lib link the diferents libcrypt-xx.so to the new libxcrypt-xx.so 3.- In /usr/lib do a similar replace with the libcrypt.a 4.- Unpack the courier-authlib and add the following lines: File: checkpassword.c Line: 38 from: if (strncmp(encrypted_password, "$1$", 3) == 0 || strncasecmp(encrypted_password, "{MD5}", 5) == 0 ) to: if (strncmp(encrypted_password, "$1$", 3) == 0 || strncasecmp(encrypted_password, "{MD5}", 5) == 0 || strncasecmp(encrypted_password, "$2a$", 4) == 0 ) File: checkpasswordmd5.c Line: 20 from: if (strncmp(encrypted_password, "$1$", 3) == 0) { return (strcmp(encrypted_password, md5_crypt(password, encrypted_password))); } if (strncasecmp(encrypted_password, "{MD5}", 5) == 0) { return (strcmp(encrypted_password+5, md5_hash_courier(password))); } to: if (strncmp(encrypted_password, "$1$", 3) == 0) { return (strcmp(encrypted_password, md5_crypt(password, encrypted_password))); } if (strncmp(encrypted_password, "$2a$", 4) == 0) { return (strcmp(encrypted_password, crypt(password, encrypted_password))); } if (strncasecmp(encrypted_password, "{MD5}", 5) == 0) { return (strcmp(encrypted_password+5, md5_hash_courier(password))); } 5.- rebuild and reinstall courier-authlib. Users in a MySQL-db could have their password Blowfish crypted and courier-authlib will authenticate them. -- Omar Martinez [EMAIL PROTECTED] Omar Martinez escribió: > Jay Lee wrote: >> Omar Martinez wrote: >>> Hi, >>> >>> I'm moving a Suse based server: 3000 accounts, MTA: Sendmail, >>> passwd/shadow auth. The new server its Fedora Core 6 with >>> Postfix-Courier-MySQL. >>> >> Why would you move to a platform that is going to be obsolete in a years >> time? Fedora is a very bad choice for a server install IMHO. You'd be >> *much* better off using RHEL4 or CentOS 4. > > Yeah, maybe you're right.... > >>> SuSe use Blowfish to save the passwords, but Fedora does not recognize >>> this kind of encryption. Compiling libxcrypt and pam_unix2 Fedora can >>> authorize the passwords in the system, But, still courier-authlib can >>> recognize the passwd. >>> >> After the recompile did you try rebuilding Courier-authlib? Are you >> rebuilding the libxcrypt and pam_unix2 RPMs or are you just building and >> installing them manually? >>> Where can I enable BlowFish encryption in courier-authlib ?. >>> >> My suspicion is that courier-authlib will use Blowfish if the underlying >> libary *that it was built against *supports blowfish. > > I follow your advice, but courier-authlib only can use blowfish crypted > password if the users are in the passwd/shadow file. This is because > authpam use the PAM module, but in the case of authmysql, courier use > the definitions of the file checkpassword.c and checkpasswordmd5.c (only > md5_crypt and md5_hash_courier functions defined in the md5 directory). > > I'm working in "quick&easy" integration of the xcrypt functions in my > courier-auth-lib installation. It will be a solution to my problem, but > could be a start point for the future integration in the package.. > > If somebody resolve this problem before, I'll be thankful if can share > the solution. > > Thanks Jay Lee by your advice... > > -- > Omar Martinez > [EMAIL PROTECTED] > > > >> Jay > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > courier-users mailing list > courier-users@lists.sourceforge.net > Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users > ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
