Hello,
Yeah, it would be good to re-write the command-line parser for
dbmail-adduser to fix things like that. As it's currently implimented
(with or without the md5 password hash), the last option you specify
will be what's ulimtately used. I probably won't work on that right
now (I need to get some of the other old patches up to date so we can
run dbmail 1.1 ... expect pbsp for multiple dbmail servers and
unique id patches soon).
Jesse
---- Original Message ----
From: Aaron Stone <dbmail@dbmail.org>
To: dbmail@dbmail.org
Subject: Re: [Dbmail] comprehensive md5 password patch
Sent: Sat, 1 Mar 2003 10:38:11 -0800 (PST)
This sounds really great, but I'd like to pick a bone with the
arguments... I think we're now way past due on adding a distinct
crypt-type argument to complement the password argument.
In particular, the current syntax doesn't make it totally obvious
that one cannot do this:
dbmail-adduser -5 password1 D5 password2 + password3
Since it is logically impossible to have more than one password
and crypt type specified on the command line, it should also
be syntactically impossible to type it in! Perhaps like this:
dbmail-adduser -h hashtype -p password
( -c crypt-type is already taken by -c change :-\ )
Aaron
On Fri, 28 Feb 2003, Jesse Norell wrote:
> Hello,
>
> Attached is a patch to handle md5 passwords in a nice fashion. It
> supports md5 hashes and digests for mysql and postgres, including
> dbmail-adduser support for them, and even updates the man page. :)
> A couple other fixes are in there, but not the patch from yesterday
> for big endian Linux systems. It will apply clean to dbmail-1.1
> source with or without that patch. I've tested all the functionality
> I can remember adding, but please hollar if anyone has any problems
> with it.
>
> Basically, the following encryption_types have the following effect:
>
> crypt: uses the crypt(), which may or may not support md5 hashes,
> depending on what libraries you link into your binary
> md5: uses crypt() for md5 hashes, or makemd5() for md5 digests
> (distinguished by the "$1$" string)
> md5sum: supports only md5 digests
>
> For the dbmail-adduser options, this is from the man page:
>
> [-5 password] The md5 hash of the new password for this user.
> [+5 password] The new (cleartext) password for this user which will be
> stored as an md5 hash.
> [d5 password] The md5 digest of the new password for this user.
> [D5 password] The new (cleartext) password for this user which will be
> stored as an md5 digest.
>
>
> Also there are some trivial convert scripts in sql/{mysql,postgres}/
> to change your passwd field to varchar(34). About the only thing
> that'd still be nice is an easy way to fascilitate selecting -lcrypt
> or -lcrypto with ./configure; Ryan, you want to add --with-libcrypt
> and --with-libcrypto options? Without that, you can manually specify
> the libraries with build.sh, or simply run ./configure and manually
> add -lcrypt to the "LIB = " line in Makefile afterwards.
>
> Later,
> Jesse
>
>
> --
> Jesse Norell
> [EMAIL PROTECTED]
_______________________________________________
Dbmail mailing list
Dbmail@dbmail.org
https://mailman.fastxs.nl/mailman/listinfo/dbmail
-- End Original Message --
--
Jesse Norell
[EMAIL PROTECTED]
