Thanks for the answer.
Now userdbpw is also used in my setup to set the "system pw" for courier, as in my previous post:
"echo "$6" | userdbpw | userdb "$5"/"$4"@"$5" set systempw"
A quick look in the sourcecode (I'm not a real programmer) tells me the crypt funtion is used to generate the "system pw" if no md5 or hmac is used.
like here:
tail userdbpw.c (from the courier authlib source)
--------------------<CUT>------------------------
salt[1]=userdb_hex64[(unsigned)salt[1]];
}
#endif
#if HAVE_CRYPT
printf("%s\n", crypt(buf, salt));
fflush(stdout);
#endif
return (0);
}
--------------------</CUT>------------------------
now I'm not really sure if the "HAVE_CRYPT" means that userdbpw is called without the option md5 or hmac - but i suppose so.
Wouldn't these encrypted passwords then be usable? Or am I missing something ?
TIA
Peter
|