Finally it works!.
O.S: Fedora Core 6, but i think it works on diferents RH or RPM based
distros.
1.- Obtain the libxcrypt tarball (you can get a copy of the latest
version in http://ftp.suse.com/pub/people/kukuk/libxcrypt/). You'll find
a spec file to build a rpm install in a similar way as build rpm package
for courier-imap or courier-authlib. Install libxcrypt-xx.rpm and
libxcrypt-devel-xxx.rpm
2.- In /lib link the diferents libcrypt-xx.so to the new libxcrypt-xx.so
3.- In /usr/lib do a similar replace with the libcrypt.a
4.- Unpack the courier-authlib and add the following lines:
File: checkpassword.c
Line: 38
from:
if (strncmp(encrypted_password, $1$, 3) == 0
|| strncasecmp(encrypted_password, {MD5}, 5) == 0
)
to:
if (strncmp(encrypted_password, $1$, 3) == 0
|| strncasecmp(encrypted_password, {MD5}, 5) == 0
|| strncasecmp(encrypted_password, $2a$, 4) == 0
)
File: checkpasswordmd5.c
Line: 20
from:
if (strncmp(encrypted_password, $1$, 3) == 0)
{
return (strcmp(encrypted_password,
md5_crypt(password, encrypted_password)));
}
if (strncasecmp(encrypted_password, {MD5}, 5) == 0)
{
return (strcmp(encrypted_password+5,
md5_hash_courier(password)));
}
to:
if (strncmp(encrypted_password, $1$, 3) == 0)
{
return (strcmp(encrypted_password,
md5_crypt(password, encrypted_password)));
}
if (strncmp(encrypted_password, $2a$, 4) == 0)
{
return (strcmp(encrypted_password,
crypt(password, encrypted_password)));
}
if (strncasecmp(encrypted_password, {MD5}, 5) == 0)
{
return (strcmp(encrypted_password+5,
md5_hash_courier(password)));
}
5.- rebuild and reinstall courier-authlib. Users in a MySQL-db could
have their password Blowfish crypted and courier-authlib will
authenticate them.
--
Omar Martinez
[EMAIL PROTECTED]
Omar Martinez escribió:
Jay Lee wrote:
Omar Martinez wrote:
Hi,
I'm moving a Suse based server: 3000 accounts, MTA: Sendmail,
passwd/shadow auth. The new server its Fedora Core 6 with
Postfix-Courier-MySQL.
Why would you move to a platform that is going to be obsolete in a years
time? Fedora is a very bad choice for a server install IMHO. You'd be
*much* better off using RHEL4 or CentOS 4.
Yeah, maybe you're right
SuSe use Blowfish to save the passwords, but Fedora does not recognize
this kind of encryption. Compiling libxcrypt and pam_unix2 Fedora can
authorize the passwords in the system, But, still courier-authlib can
recognize the passwd.
After the recompile did you try rebuilding Courier-authlib? Are you
rebuilding the libxcrypt and pam_unix2 RPMs or are you just building and
installing them manually?
Where can I enable BlowFish encryption in courier-authlib ?.
My suspicion is that courier-authlib will use Blowfish if the underlying
libary *that it was built against *supports blowfish.
I follow your advice, but courier-authlib only can use blowfish crypted
password if the users are in the passwd/shadow file. This is because
authpam use the PAM module, but in the case of authmysql, courier use
the definitions of the file checkpassword.c and checkpasswordmd5.c (only
md5_crypt and md5_hash_courier functions defined in the md5 directory).
I'm working in quickeasy integration of the xcrypt functions in my
courier-auth-lib installation. It will be a solution to my problem, but
could be a start point for the future integration in the package..
If somebody resolve this problem before, I'll be thankful if can share
the solution.
Thanks Jay Lee by your advice...
--
Omar Martinez
[EMAIL PROTECTED]
Jay
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
-
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.phpp=sourceforgeCID=DEVDEV
___
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users