View Single Post
  #3  
Old 31st March 2009, 12:05
DHDSP DHDSP is offline
Junior Member
 
Join Date: May 2008
Posts: 11
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Thanks for the answer.

Now userdbpw is also used in my setup to set the "system pw" for courier, as in my previous post:

"echo "$6" | userdbpw | userdb "$5"/"$4"@"$5" set systempw"

A quick look in the sourcecode (I'm not a real programmer) tells me the crypt funtion is used to generate the "system pw" if no md5 or hmac is used.

like here:

tail userdbpw.c (from the courier authlib source)

--------------------<CUT>------------------------
salt[1]=userdb_hex64[(unsigned)salt[1]];
}
#endif

#if HAVE_CRYPT
printf("%s\n", crypt(buf, salt));
fflush(stdout);
#endif
return (0);
}
--------------------</CUT>------------------------


now I'm not really sure if the "HAVE_CRYPT" means that userdbpw is called without the option md5 or hmac - but i suppose so.

Wouldn't these encrypted passwords then be usable? Or am I missing something ?


TIA
Peter
Reply With Quote