2016-08-05 10:59 GMT+02:00 Aki Tuomi <aki.tu...@dovecot.fi>: > > > On 02.08.2016 00:46, Andreas Meyer wrote: > > 2016-08-01 15:58 GMT+02:00 <aki.tu...@dovecot.fi>: > > > >>> On August 1, 2016 at 4:38 PM aki.tu...@dovecot.fi wrote: > >>> > >>> > >>> > >>>> On August 1, 2016 at 3:45 PM Andreas Meyer <luckyfello...@gmail.com> > >> wrote: > >>>> > >>>> 2016-07-31 16:39 GMT+02:00 <aki.tu...@dovecot.fi>: > >>>> > >>>>>> On July 27, 2016 at 2:08 AM Andreas Meyer <luckyfello...@gmail.com > >>>>> wrote: > >>>>>> > >>>>>> Hi, > >>>>>> > >>>>>> > >>>>>> I want to add a new password hashing scheme as plugin and provide > >> it for > >>>>>> the dovecot project, so that it will be included as optional > >> plugin in > >>>>>> future releases. > >>>>>> > >>>>>> Yet the plugin compiles fine and the .so file gets created. > >>>>>> > >>>>>> My approach is to call the functions password_scheme_register() and > >>>>>> password_scheme_unregister() (src/auth/password-scheme.c) inside > >> the > >>>>>> plugin's _init() and _deinit() functions. > >>>>>> > >>>>>> When a client tries to login via imap the log shows an error > >> message: > >>>>>> Error: Couldn't load required plugin > >>>>>> /usr/local/lib/dovecot/lib20_newauth_plugin.so: dlopen() failed: > >>>>>> /usr/local/lib/dovecot/lib20_newauth_plugin.so: undefined symbol: > >>>>>> password_scheme_unregister > >>>>>> > >>>>>> That error obviously occurs, because the required lib is not > >> linked into > >>>>>> the plugin. > >>>>>> > >>>>>> > >>>>>> Now my problem is to understand, whether this approach (via .so > >> file) can > >>>>>> be successful at all and if so, how? > >>>>>> Do I need to link libs into it? Which would that be and how do I > >> specify > >>>>>> them in the Makefile.am? > >>>>>> > >>>>>> I assume, I don't need to link a lib, but need to use a hook to > >> register > >>>>>> the new hashing scheme, since the plugin is loaded into an already > >>>>> existing > >>>>>> process, which needs to get extended. If this is true, which hook > >> would > >>>>>> that be and how do I register the new scheme? > >>>>>> > >>>>>> Or is there no way to accomplish this via a separated .so plugin? > >> Should > >>>>> I > >>>>>> extend the sources in /src/auth instead? (separat file for the > >> hashing > >>>>>> scheme with preprocessor instructions to include it only on demand) > >>>>>> > >>>>>> > >>>>>> > >>>>>> Thank you very much, > >>>>>> > >>>>>> Andreas > >>>>> Can you publish your code in, say, github.com and provide link to > >> it? > >>>>> New password scheme is doable as plugin but it needs to placed in > >> different > >>>>> place and it will be autoloaded. > >>>>> > >>>>> Aki > >>>>> > >>>> > >>>> > >>>> > >>>> I created two branches. Both compile fine with the option: > >> --with-libsodium > >>>> Branch #1) > >>>> > >>>> > >> https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_ > libsodium_plugin > >>>> This is my try to add libsodium support as plugin. When the plugin is > >>>> loaded, it exits with the mentioned error message "undefined symbol: > >>>> password_scheme_unregister" > >>>> > >>>> > >>>> Branch #2) > >>>> > >>>> > >> https://github.com/LuckyFellow/dovecot-core-libsodium/tree/2.2.25_ > libsodium_auth > >>>> This compiles fine and also works. The new hashing schemes SCRYPT and > >>>> ARGON2 are available to dovecot. > >>>> Libsodium support is not created as module, but only added if the > >>>> --with-libsodium option was passed to configure. > >>>> > >>>> > >>>> > >>>> Regards, > >>>> Andreas > >>> Hi! > >>> > >>> I had a look at your code and noticed you had tried to put it in > >> dovecot's tree. I would recommend making completely separate plugin of > it. > >> It's not very hard, I can help you out there. It does not need to be in > >> src/plugins, the source supports fully external plugins that you can > then > >> install separately. > >>> This would make it lot more easier to develop the plugin. I'll see if I > >> can make you a little skeleton to help you out with this, you can then > use > >> it as basis for your auth plugin. > >>> Aki > >> https://github.com/cmouse/dovecot-password-scheme-plugin > >> > >> is the plugin template you can use. please see if it helps you out. > >> > >> Aki > >> > > > > > > Thank you very much for the skeleton. It really helped a lot. > > > > I created this repository and checked in my changes: > > https://github.com/LuckyFellow/dovecot-libsodium-plugin > > It compiles and installs fine. The auth module loads the plugin > > automatically on demand, the hashing schemes are available and they work. > > > > What do I need to do, so that you can include it as plugin? > > > > > > Regards, > > Andreas > We don't need to include it ourselves, you can tell people it exists > there, and they can compile it with their dovecot installation. We can > add wiki page for the plugin to guide people to your page. > > It will be automatically included after make install, you can try it out > with > > doveadm pw -s <scheme name> > > Aki >
Alright. It would be awesome if you add a hint to the plugin to the dovecot wiki. Thank you very much for your help. Andreas
