[sork] Forwards H3 (3.1-cvs), Vexim and Mysql does not work, maybe problem with encryption

Eric Jon Rostetter eric.rostetter at physics.utexas.edu
Tue Aug 15 08:18:03 PDT 2006 

Quoting Hermann Wilken <hermann at schwi.de>:

> 16 Query       UPDATE users SET on_forward = 'y' WHERE username =
> 'hermann (at) schwi.de' AND crypt = 'd51475f98f9d02cedada9b7cd8d22839'
>
> The value d51475f98f9d02cedada9b7cd8d22839 does not match the value in
> my vexim usertable, so nothing happens, of course. Obviously the
> password is not encrypted through crypt-md5, but it should be.

Which driver?

I _think_ the SQL driver encrypts by default with the php md5()  
function, which
I always hear isn't compatible with the MySQL md5() function for some
reason.  But that is hear-say...

I'm not sure the CUSTOMSQL driver encrypts it at all?

So, the question would seem to be what format of encryption do you use
in your Database?  If it isn't plain text, and isn't compatible with
php's md5() function, then you likely are out of luck.

> If I set $conf['enabled']['authenticate'] = false; some other password
> will be used (according to mysql.log). Where is this password from?

If you don't set this, it uses the Horde login password.  If you
do set this, it forces the user to input the password to forwards and
uses that.  Or at least that is how I remember it working.

> From Horde? I am quite confused. Authentication in Horde is done by IMP.

So the Horde/IMP password is used if $conf['enabled']['authenticate'] is
false, and the user's input is used if it is instead set to true, IIRC.

> How can I make Horde and/or Forwards make to use crypt-md5 passwords?
> BTW, passwd works fine here!

I don't think you can.  I think it only uses php's md5() right now.
So the only way to change that would be to change the code, I _think_.

What value to you use with passwd?  If it isn't md5-hex, then forwards
probably won't work. (I think the php md5() function is what passwd calls
md5-hex).

> Maybe I'm just missing a small detail or I'm doing completely wrong
> (please don't hit ;-)).

No, I think no one ever ported over any additional encryption methods to
forwards sql drivers like we did for passwd, so if you're not using
php md5() (aka md5-hex) encryption, or plain text, then I think it just
doesn't work.

> Any help is appreciated.

I'm no expert on any of this, even though I originated the programs.
I've not used them for a while, as I've switched to Ingo instead actually.
But if my memory serves, you are out of luck, and the only options are:

1) File an enhancement bug ticket and hope someone does it.
2) Sponsor a bounty for what you need, and hope someone does it.
3) Write the code yourself (basically steal it from passwd).
4) Change your SQL passwords to another format (probably not feasible).

> Regards,
>
> Hermann

-- 
Eric Rostetter
The Department of Physics
The University of Texas at Austin

Go Longhorns!

More information about the sork mailing list