Hello qpsmtpd email list!
I made some very minor changes to the auth_vpopmail_sql auth plugin for using vpopmail with encrypted passwords. I did not see a straightforward approach to integrating these changes into auth_vpopmail_sql, as it is supporting cram-md5 based as well as plain text auth right now/
The code is structured that way because there are three auth methods supported:
CRAM-MD5, LOGIN and PLAIN, all of which require plaintext passwords to function. I am not aware of a CRYPT SASL mechanism (nor it is useful since virtually all modern clients support CRAM-MD5 which is a superior method); if you can locate some mention of that method on the web, you are better at Google than I. ;)
Additionally, your patch won't work, because CRAM-MD5 requires each side of the transaction to have the plaintext password available, so that each side passes it through a one-way hash using a known salt, before comparing it. It is impossible to use a crypt'd password with CRAM-MD5.
However, the PLAIN and LOGIN mechanisms send the password over the wire (base64 encoded in the case of the LOGIN), so it would be possible to support crypted passwords there, but then the plugin couldn't support CRAM-MD5 at all.
Since vpopmail's recommended installation instructions suggesting using the
'--enable-clear-passwd=y' option, I'm inclined to leave the plugin as is. The plugin is documented to require that option.
Sorry...
John
