Extmail password encryption method modified to PLAIN-MD5

Extmail The default password encryption method is Md5crypt, but sometimes you encounter such a problem-the old mail system is MD5 encrypted user password.

In this case, you need to change the Extmail password encryption method to MD5, through the official interpretation (MD5 and md5crypt no difference), modified to PLAIN-MD5. However, this only solves the problem of Web login verification, and does not resolve the authentication problem of SMTP and POP3.

The validation issue was resolved through http://www.extmail.org/forum/viewthread.php?tid=3175 posts, with the following excerpt:

Courier-authlib 's auth_generic manual mentions the format of the crypted password in support of 3 categories:

1) Traditional crypted password, such as crypt () or md5-salted password
2) {MD5} is prefixed, followed by Base64 encoded MD5 password
3) {Sha} is prefixed (the actual also supports {SAH256}, this looks at source know) followed by the Base64 encoded SHA password

How can we achieve 2? In the current extmail/Extman Implementation, the MD5 password only supports passwords that exist in 16 binary form, for example:

d41d8cd98f00b204e9800998ecf8427e

After base64 encoding still can not pass through the AUTHLIB certification, and then carefully read DIGEST::MD5 manual introduction, found that the MD5 function returned is a binary, the yield is 16 bytes of ciphertext, and Md5_hex (that is, the current extMail/ Extman used) is its 16 binary form (32 bytes in length).

Then test with MD5 function generated MD5 ciphertext and base64 encoding, plus {MD5} prefix, plug into mysql , found passed authtest test! Then look at the courier-authlib of the CHECKPASSWD.C and CHECKPASSWDMD5.C and MD5 directory of the MD5 encryption function, confirmed that is the verification of binary +BASE64 encoded MD5 cipher, not the ciphertext after hex.

The question is how to convert the ciphertext from hex format to binary format? Many users go from other systems to ext*, the password is mostly MD5 hex format, and then write the following code to implement the conversion:

Use

mime::base64;

My $s = ' d41d8cd98f00b204e9800998ecf8427e ';

$s =~ s/(..) /bin ($)/ge;
$s = ' {MD5} '. Encode_base64 ($s);
$s =~ s/\s+//; # Remove NewLine

Print $s, "\ n";

Sub Bin {
my $n = shift;
sprintf ("%c", Hex ($n));
}

In this way, the regular MD5 cipher is converted into the {MD5}XXXXX format that meets the requirements. The result of the execution of the script just now:

{md5}1b2m2y8asgtpgamy7phcfg==

This article is from the "Bodhi" blog, so be sure to keep this source http://zhangxingnan.blog.51cto.com/3241217/1615244

Extmail password encryption method modified to PLAIN-MD5