[sork] passwd (release 2.2) - Solaris, crypt(), MD5, DES, vpopmail

Dennis Kisilyov dennis at infoleak.com
Mon Sep 15 08:50:10 PDT 2003 

Forgive if this is a repeat.....

My Setup
--------
Solaris 9 Sparc Latest, Apache 2.0.47, PHP 4.3.3, Horde 2.2.4 , IMP
3.2.2, passwd 2.2
MySQL 4.0.14, vpopmail 5.3.24, qmail 1.03+patches, courier imap 2.1.1

Intent
------
Get passwd-2.2 to work with vpopmail/mysql auth.

a) As I've found out the release version of passwd-2.2
(ftp.horde.org/passwd/)( contained updates post release.
   /passwd/lib/Driver/vpopmail.php (1.4.2.2) called
Horde::getDriverConfig()
   in 1.4.2.3 it is commented out. Which makes main.php actually return
a screen. :-).

When fixed this made my passwd attempt to work (somewhat) with
vpopmail's databases.
However the script returned an error "Incorrect Password".

This meant that the function comparePasswords in Driver.php was
returning a false answer.
It is called from vpopmail.php like so: 

(around line 133):	return $this->comparePasswords($currentPassword,
$oldPassword);
$currentPassword contains a return value from a SQL query
$oldPassword is plaintext input of old password (forgive if I've got
something wrong...)

My encryption technique is crypt for vpasswd and solaris. The sample
user for my testing is 'user1' password 'test' which was created with
vpasswd.

Running "SELECT pw_passwd FROM vpopmail WHERE pw_name = 'user1' AND
pw_domain = 'infoleak.com';" returns $19JEJTylB1.M (written by vpasswd).

Same as running "SELECT ENCRYPT('test','$1');" in MySQL.

Not the same as running crypt('test','$1'); in PHP however.

These results brought me to a code snippet from /passwd/lib/Driver.php
(v.1.3.2.5) in function comparePasswords and runline variable values.
It was called with $encrypted = '$19JEJTylB1.M' and $plaintext = 'test';

--cut here--
106         case 'crypt':
107             $encrypted = substr($encrypted, 7); # makes $encrypted =
ylB1.M
108             $salt = substr($encrypted , 0, 2);  # makes the $salt =
yl
109             if ($encrypted == crypt($plaintext, $salt)) { #result of
crypt 'yl9xlY019Bbfc'
110                  return true;
111             }
112             break;
--cut here--

And yl9x1Y019Bbfc would be fine since SELECT ENCRYPT('test','yl')
returns yl9xlY019Bbfc,
And crypt('test','yl') works as well.
However our salt is '$1' hence the substr does not work for my example.
Esp. when line 107 mangles the $encrypted variable. (in my case at
least).

To my dismay, the result of crypt('test','$1') was
$1$$whuMjZj.HMFoaTaZRRtkO0 and not the anticipated $19JEJTylB1.M.
Although any other salt used in the crypt function returns the proper
password pair. 

vpopmail uses the '$1$' salt which is ignored by Solaris crypt() and
used as a '$1' 2 char DES salt instead. However calling PHP's crypt()
with '$1' automatically generates a MD5 it does not even wait for
'$1$'....

I am now stuck investigating the behaviour of vpopmail with regards to
md5/non-md5 on 
Solaris since Solaris /etc/security/crypt.conf does reflect support for
3 types of md5 type crypt.
But mysql, vpopmail, and php have a very different idea about it. 

If anyone can provide any suggestions I would appreciate it.

Thanks
-DK

More information about the sork mailing list