Thread: [ postfixadmin-Bugs-3034389 ] dovecot 2.0 breaks dovecotpw encryption
Brought to you by:
christian_boltz,
gingerdog
From: SourceForge.net <no...@so...> - 2010-07-25 19:10:57
|
Bugs item #3034389, was opened at 2010-07-25 21:10 Message generated for change (Tracker Item Submitted) made by christian_boltz You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2010-07-25 19:19:33
|
Bugs item #3034389, was opened at 2010-07-25 21:10 Message generated for change (Comment added) made by christian_boltz You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- >Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 21:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2010-12-30 14:02:58
|
Bugs item #3034389, was opened at 2010-07-25 21:10 Message generated for change (Comment added) made by valkum You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 15:02 Message: I tested the pty fix but it doesn't work i got can't encrypt password with dovecotpw on my console with use of PFA-CLI ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 21:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2010-12-30 15:17:24
|
Bugs item #3034389, was opened at 2010-07-25 15:10 Message generated for change (Comment added) made by libertytrek You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- Comment By: Charles (libertytrek) Date: 2010-12-30 10:17 Message: Maybe someone could pose a question to Timo (dovecot author) and he could make a suggestion for how to handle this - or possibly even change the way 'doveadm -pw' works so this could be fixed properly in pfadmin? ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 09:02 Message: I tested the pty fix but it doesn't work i got can't encrypt password with dovecotpw on my console with use of PFA-CLI ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 15:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2010-12-30 17:44:01
|
Bugs item #3034389, was opened at 2010-07-25 21:10 Message generated for change (Comment added) made by valkum You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 18:44 Message: Another try: Snowleopard wrote this at proc_open He uses this for his GPG function: // Set up the descriptors $Descriptors = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"), 3 => array("pipe", "r") // This is the pipe we can feed the password into ); we could also try // Set up the descriptors $Descriptors = array( 0 => array("pty"), 1 => array("pty"), 2 => array("pty"), 3 => array("pty") // This is the pipe we can feed the password into ); But i think the securest and better way is to write a php lib for dovecot crypt methods ---------------------------------------------------------------------- Comment By: Charles (libertytrek) Date: 2010-12-30 16:17 Message: Maybe someone could pose a question to Timo (dovecot author) and he could make a suggestion for how to handle this - or possibly even change the way 'doveadm -pw' works so this could be fixed properly in pfadmin? ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 15:02 Message: I tested the pty fix but it doesn't work i got can't encrypt password with dovecotpw on my console with use of PFA-CLI ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 21:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2010-12-30 17:48:46
|
Bugs item #3034389, was opened at 2010-07-25 21:10 Message generated for change (Comment added) made by valkum You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 18:48 Message: Damn, checked it and it doesn't work ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 18:44 Message: Another try: Snowleopard wrote this at proc_open He uses this for his GPG function: // Set up the descriptors $Descriptors = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"), 3 => array("pipe", "r") // This is the pipe we can feed the password into ); we could also try // Set up the descriptors $Descriptors = array( 0 => array("pty"), 1 => array("pty"), 2 => array("pty"), 3 => array("pty") // This is the pipe we can feed the password into ); But i think the securest and better way is to write a php lib for dovecot crypt methods ---------------------------------------------------------------------- Comment By: Charles (libertytrek) Date: 2010-12-30 16:17 Message: Maybe someone could pose a question to Timo (dovecot author) and he could make a suggestion for how to handle this - or possibly even change the way 'doveadm -pw' works so this could be fixed properly in pfadmin? ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 15:02 Message: I tested the pty fix but it doesn't work i got can't encrypt password with dovecotpw on my console with use of PFA-CLI ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 21:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2010-12-30 18:28:44
|
Bugs item #3034389, was opened at 2010-07-25 21:10 Message generated for change (Comment added) made by valkum You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 19:28 Message: Timo said it was a bug in this version youve tested. A tty check is also done by getpass() so it is not the real problem. He said also that the tty check is gone in 2.0.8 For us it means that we need a way to suppress the output of /dev/tty which comes from dovecotpw and doveadm pw for use in cli,. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 18:48 Message: Damn, checked it and it doesn't work ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 18:44 Message: Another try: Snowleopard wrote this at proc_open He uses this for his GPG function: // Set up the descriptors $Descriptors = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"), 3 => array("pipe", "r") // This is the pipe we can feed the password into ); we could also try // Set up the descriptors $Descriptors = array( 0 => array("pty"), 1 => array("pty"), 2 => array("pty"), 3 => array("pty") // This is the pipe we can feed the password into ); But i think the securest and better way is to write a php lib for dovecot crypt methods ---------------------------------------------------------------------- Comment By: Charles (libertytrek) Date: 2010-12-30 16:17 Message: Maybe someone could pose a question to Timo (dovecot author) and he could make a suggestion for how to handle this - or possibly even change the way 'doveadm -pw' works so this could be fixed properly in pfadmin? ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 15:02 Message: I tested the pty fix but it doesn't work i got can't encrypt password with dovecotpw on my console with use of PFA-CLI ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 21:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2011-03-18 20:11:47
|
Bugs item #3034389, was opened at 2010-07-25 21:10 Message generated for change (Comment added) made by tex0000 You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- Comment By: tex (tex0000) Date: 2011-03-18 21:11 Message: This is exactly the reason why I think that it's a _bad_ idea to rely on external binaries. If they are available at all they are going to break a some point in time. Why don't you implement the functionality in PHP? Have a look at http://git.gauner.org/vboxadm.git/blob/HEAD:/contrib/roundcube/plugins/vboxadm/vboxadm.php, the code there does exactly what you want to do. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 19:28 Message: Timo said it was a bug in this version youve tested. A tty check is also done by getpass() so it is not the real problem. He said also that the tty check is gone in 2.0.8 For us it means that we need a way to suppress the output of /dev/tty which comes from dovecotpw and doveadm pw for use in cli,. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 18:48 Message: Damn, checked it and it doesn't work ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 18:44 Message: Another try: Snowleopard wrote this at proc_open He uses this for his GPG function: // Set up the descriptors $Descriptors = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"), 3 => array("pipe", "r") // This is the pipe we can feed the password into ); we could also try // Set up the descriptors $Descriptors = array( 0 => array("pty"), 1 => array("pty"), 2 => array("pty"), 3 => array("pty") // This is the pipe we can feed the password into ); But i think the securest and better way is to write a php lib for dovecot crypt methods ---------------------------------------------------------------------- Comment By: Charles (libertytrek) Date: 2010-12-30 16:17 Message: Maybe someone could pose a question to Timo (dovecot author) and he could make a suggestion for how to handle this - or possibly even change the way 'doveadm -pw' works so this could be fixed properly in pfadmin? ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 15:02 Message: I tested the pty fix but it doesn't work i got can't encrypt password with dovecotpw on my console with use of PFA-CLI ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 21:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2011-11-25 14:23:42
|
Bugs item #3034389, was opened at 2010-07-25 12:10 Message generated for change (Comment added) made by mpexnetworks You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- Comment By: Lars Braeuer (mpexnetworks) Date: 2011-11-25 06:23 Message: I wrote a small bash wrapper script I placed in /usr/sbin/dovecotpw that calls doveadm pw. See the attached file. It's working fine for me without any change of postfixadmin for example. Haven't tested it with any other tools. ---------------------------------------------------------------------- Comment By: tex (tex0000) Date: 2011-03-18 13:11 Message: This is exactly the reason why I think that it's a _bad_ idea to rely on external binaries. If they are available at all they are going to break a some point in time. Why don't you implement the functionality in PHP? Have a look at http://git.gauner.org/vboxadm.git/blob/HEAD:/contrib/roundcube/plugins/vboxadm/vboxadm.php, the code there does exactly what you want to do. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 10:28 Message: Timo said it was a bug in this version youve tested. A tty check is also done by getpass() so it is not the real problem. He said also that the tty check is gone in 2.0.8 For us it means that we need a way to suppress the output of /dev/tty which comes from dovecotpw and doveadm pw for use in cli,. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 09:48 Message: Damn, checked it and it doesn't work ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 09:44 Message: Another try: Snowleopard wrote this at proc_open He uses this for his GPG function: // Set up the descriptors $Descriptors = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"), 3 => array("pipe", "r") // This is the pipe we can feed the password into ); we could also try // Set up the descriptors $Descriptors = array( 0 => array("pty"), 1 => array("pty"), 2 => array("pty"), 3 => array("pty") // This is the pipe we can feed the password into ); But i think the securest and better way is to write a php lib for dovecot crypt methods ---------------------------------------------------------------------- Comment By: Charles (libertytrek) Date: 2010-12-30 07:17 Message: Maybe someone could pose a question to Timo (dovecot author) and he could make a suggestion for how to handle this - or possibly even change the way 'doveadm -pw' works so this could be fixed properly in pfadmin? ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 06:02 Message: I tested the pty fix but it doesn't work i got can't encrypt password with dovecotpw on my console with use of PFA-CLI ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 12:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2011-11-25 14:26:02
|
Bugs item #3034389, was opened at 2010-07-25 12:10 Message generated for change (Comment added) made by mpexnetworks You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- Comment By: Lars Braeuer (mpexnetworks) Date: 2011-11-25 06:25 Message: I couldn't find a way to add an attachment other than opening a new issue, so here's the script: cat <<EOF >> /tmp/dovecotpw #!/bin/bash # MPeXnetworks - Lars Braeuer 11/2011 # Rebuild dovecotpw's original command line options, which are: #usage: dovecotpw [-l] [-p plaintext] [-s scheme] [-u user] [-V] # -l List known password schemes # -p plaintext New password # -s scheme Password scheme # -u user Username (if scheme uses it) # -V Internally verify the hash while getopts ":l:p:s:u:V:" opt; do case "$opt" in l) list=" -l" ;; p) plaintext=" -p $OPTARG" ;; s) scheme=" -s $OPTARG" ;; u) user=" -u $OPTARG" ;; V) verify=" -V" ;; esac done /usr/bin/doveadm pw ${list}${plaintext}${scheme}${user}${verify} exit $? EOF Move it to /usr/sbin/dovecotpw afterwards, if you are sure you are not overwriting an existing dovecotpw! ---------------------------------------------------------------------- Comment By: Lars Braeuer (mpexnetworks) Date: 2011-11-25 06:23 Message: I wrote a small bash wrapper script I placed in /usr/sbin/dovecotpw that calls doveadm pw. See the attached file. It's working fine for me without any change of postfixadmin for example. Haven't tested it with any other tools. ---------------------------------------------------------------------- Comment By: tex (tex0000) Date: 2011-03-18 13:11 Message: This is exactly the reason why I think that it's a _bad_ idea to rely on external binaries. If they are available at all they are going to break a some point in time. Why don't you implement the functionality in PHP? Have a look at http://git.gauner.org/vboxadm.git/blob/HEAD:/contrib/roundcube/plugins/vboxadm/vboxadm.php, the code there does exactly what you want to do. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 10:28 Message: Timo said it was a bug in this version youve tested. A tty check is also done by getpass() so it is not the real problem. He said also that the tty check is gone in 2.0.8 For us it means that we need a way to suppress the output of /dev/tty which comes from dovecotpw and doveadm pw for use in cli,. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 09:48 Message: Damn, checked it and it doesn't work ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 09:44 Message: Another try: Snowleopard wrote this at proc_open He uses this for his GPG function: // Set up the descriptors $Descriptors = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"), 3 => array("pipe", "r") // This is the pipe we can feed the password into ); we could also try // Set up the descriptors $Descriptors = array( 0 => array("pty"), 1 => array("pty"), 2 => array("pty"), 3 => array("pty") // This is the pipe we can feed the password into ); But i think the securest and better way is to write a php lib for dovecot crypt methods ---------------------------------------------------------------------- Comment By: Charles (libertytrek) Date: 2010-12-30 07:17 Message: Maybe someone could pose a question to Timo (dovecot author) and he could make a suggestion for how to handle this - or possibly even change the way 'doveadm -pw' works so this could be fixed properly in pfadmin? ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 06:02 Message: I tested the pty fix but it doesn't work i got can't encrypt password with dovecotpw on my console with use of PFA-CLI ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 12:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2011-11-25 20:50:24
|
Bugs item #3034389, was opened at 2010-07-25 12:10 Message generated for change (Comment added) made by christian_boltz You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 Status: Open Resolution: None Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- >Comment By: Christian Boltz (christian_boltz) Date: 2011-11-25 12:50 Message: (Sourceforge trackers are somewhat special - IIRC they only allow the person who opened a tracker item to upload files. Like it or not...) Thanks for the script, but it shouldn't be needed. Instead, use $CONF['dovecotpw'] = '/path/to/doveadm pw' For the records: doveadm from dovecot 2.0.0 to 2.0.7 will not work because they check if the input comes from a tty. You have to use at least dovecot 2.0.8. ---------------------------------------------------------------------- Comment By: Lars Braeuer (mpexnetworks) Date: 2011-11-25 06:25 Message: I couldn't find a way to add an attachment other than opening a new issue, so here's the script: cat <<EOF >> /tmp/dovecotpw #!/bin/bash # MPeXnetworks - Lars Braeuer 11/2011 # Rebuild dovecotpw's original command line options, which are: #usage: dovecotpw [-l] [-p plaintext] [-s scheme] [-u user] [-V] # -l List known password schemes # -p plaintext New password # -s scheme Password scheme # -u user Username (if scheme uses it) # -V Internally verify the hash while getopts ":l:p:s:u:V:" opt; do case "$opt" in l) list=" -l" ;; p) plaintext=" -p $OPTARG" ;; s) scheme=" -s $OPTARG" ;; u) user=" -u $OPTARG" ;; V) verify=" -V" ;; esac done /usr/bin/doveadm pw ${list}${plaintext}${scheme}${user}${verify} exit $? EOF Move it to /usr/sbin/dovecotpw afterwards, if you are sure you are not overwriting an existing dovecotpw! ---------------------------------------------------------------------- Comment By: Lars Braeuer (mpexnetworks) Date: 2011-11-25 06:23 Message: I wrote a small bash wrapper script I placed in /usr/sbin/dovecotpw that calls doveadm pw. See the attached file. It's working fine for me without any change of postfixadmin for example. Haven't tested it with any other tools. ---------------------------------------------------------------------- Comment By: tex (tex0000) Date: 2011-03-18 13:11 Message: This is exactly the reason why I think that it's a _bad_ idea to rely on external binaries. If they are available at all they are going to break a some point in time. Why don't you implement the functionality in PHP? Have a look at http://git.gauner.org/vboxadm.git/blob/HEAD:/contrib/roundcube/plugins/vboxadm/vboxadm.php, the code there does exactly what you want to do. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 10:28 Message: Timo said it was a bug in this version youve tested. A tty check is also done by getpass() so it is not the real problem. He said also that the tty check is gone in 2.0.8 For us it means that we need a way to suppress the output of /dev/tty which comes from dovecotpw and doveadm pw for use in cli,. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 09:48 Message: Damn, checked it and it doesn't work ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 09:44 Message: Another try: Snowleopard wrote this at proc_open He uses this for his GPG function: // Set up the descriptors $Descriptors = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"), 3 => array("pipe", "r") // This is the pipe we can feed the password into ); we could also try // Set up the descriptors $Descriptors = array( 0 => array("pty"), 1 => array("pty"), 2 => array("pty"), 3 => array("pty") // This is the pipe we can feed the password into ); But i think the securest and better way is to write a php lib for dovecot crypt methods ---------------------------------------------------------------------- Comment By: Charles (libertytrek) Date: 2010-12-30 07:17 Message: Maybe someone could pose a question to Timo (dovecot author) and he could make a suggestion for how to handle this - or possibly even change the way 'doveadm -pw' works so this could be fixed properly in pfadmin? ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 06:02 Message: I tested the pty fix but it doesn't work i got can't encrypt password with dovecotpw on my console with use of PFA-CLI ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 12:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |
From: SourceForge.net <no...@so...> - 2012-05-28 19:14:47
|
Bugs item #3034389, was opened at 2010-07-25 12:10 Message generated for change (Comment added) made by christian_boltz You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: Core Group: v2.3.1 >Status: Closed >Resolution: Works For Me Priority: 5 Private: No Submitted By: Christian Boltz (christian_boltz) Assigned to: Nobody/Anonymous (nobody) Summary: dovecot 2.0 breaks dovecotpw encryption Initial Comment: copied from http://sourceforge.net/tracker/index.php?func=detail&aid=3032816&group_id=191583&atid=937964 ***** mickaelnguyen ***** Also, dovecot 2.0 (which is nearing release, see http://dovecot.org/list/dovecot-news/2010-July/000162.html) will break this setting, because dovecotpw has been removed and its functionality integrated in doveadm. So the command to encrypt a password goes from dovecotpw -s 'CRYPT-METHOD' to doveadm pw -s 'CRYPT-METHOD' Maybe something to look into for 2.3.2 :D~ ***** christian_boltz ***** Oh, nice - I like it when external programs come with incompatible changes :-/ Well, at least it's a new major version ;-) $CONF['dovecotpw'] = '/path/to/doveadm -pw' could work... (untested, feedback welcome) If this works, I'll add a comment to config.inc.php in the 2.3 branch. (I'd like to avoid a bigger change in this branch.) ***** mickaelnguyen ***** It doesn't work. After a bit of tinkering, it appears that doveadm does a check on whether it's stdin is a tty or not (It outputs "Fatal: stdin isn't a TTY") Guess we can't fix this without "bigger changes". :( ---------------------------------------------------------------------- >Comment By: Christian Boltz (christian_boltz) Date: 2012-05-28 12:14 Message: I'm closing this as "works for me". To summarize the previous comments: If you use dovecot 2.x, you'll have to set $CONF['dovecotpw'] = '/path/to/doveadm pw' doveadm from dovecot 2.0.0 to 2.0.7 will not work because it checks if the input comes from a tty. You have to use at least dovecot 2.0.8. dovecot 1.x is still supported - in this case, just use $CONF['dovecotpw'] = "/usr/sbin/dovecotpw" > Have a look at > http://git.gauner.org/vboxadm.git/blob/HEAD:/contrib/roundcube/plugins/vboxadm/vboxadm.php, > the code there does exactly what you want to do. I had a short look - it might be a nice start, but it doesn't seem to support all encryption schemes available in dovecot - and in some cases, it also uses dovecotpw/doveadm pw... ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2011-11-25 12:50 Message: (Sourceforge trackers are somewhat special - IIRC they only allow the person who opened a tracker item to upload files. Like it or not...) Thanks for the script, but it shouldn't be needed. Instead, use $CONF['dovecotpw'] = '/path/to/doveadm pw' For the records: doveadm from dovecot 2.0.0 to 2.0.7 will not work because they check if the input comes from a tty. You have to use at least dovecot 2.0.8. ---------------------------------------------------------------------- Comment By: Lars Braeuer (mpexnetworks) Date: 2011-11-25 06:25 Message: I couldn't find a way to add an attachment other than opening a new issue, so here's the script: cat <<EOF >> /tmp/dovecotpw #!/bin/bash # MPeXnetworks - Lars Braeuer 11/2011 # Rebuild dovecotpw's original command line options, which are: #usage: dovecotpw [-l] [-p plaintext] [-s scheme] [-u user] [-V] # -l List known password schemes # -p plaintext New password # -s scheme Password scheme # -u user Username (if scheme uses it) # -V Internally verify the hash while getopts ":l:p:s:u:V:" opt; do case "$opt" in l) list=" -l" ;; p) plaintext=" -p $OPTARG" ;; s) scheme=" -s $OPTARG" ;; u) user=" -u $OPTARG" ;; V) verify=" -V" ;; esac done /usr/bin/doveadm pw ${list}${plaintext}${scheme}${user}${verify} exit $? EOF Move it to /usr/sbin/dovecotpw afterwards, if you are sure you are not overwriting an existing dovecotpw! ---------------------------------------------------------------------- Comment By: Lars Braeuer (mpexnetworks) Date: 2011-11-25 06:23 Message: I wrote a small bash wrapper script I placed in /usr/sbin/dovecotpw that calls doveadm pw. See the attached file. It's working fine for me without any change of postfixadmin for example. Haven't tested it with any other tools. ---------------------------------------------------------------------- Comment By: tex (tex0000) Date: 2011-03-18 13:11 Message: This is exactly the reason why I think that it's a _bad_ idea to rely on external binaries. If they are available at all they are going to break a some point in time. Why don't you implement the functionality in PHP? Have a look at http://git.gauner.org/vboxadm.git/blob/HEAD:/contrib/roundcube/plugins/vboxadm/vboxadm.php, the code there does exactly what you want to do. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 10:28 Message: Timo said it was a bug in this version youve tested. A tty check is also done by getpass() so it is not the real problem. He said also that the tty check is gone in 2.0.8 For us it means that we need a way to suppress the output of /dev/tty which comes from dovecotpw and doveadm pw for use in cli,. ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 09:48 Message: Damn, checked it and it doesn't work ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 09:44 Message: Another try: Snowleopard wrote this at proc_open He uses this for his GPG function: // Set up the descriptors $Descriptors = array( 0 => array("pipe", "r"), 1 => array("pipe", "w"), 2 => array("pipe", "w"), 3 => array("pipe", "r") // This is the pipe we can feed the password into ); we could also try // Set up the descriptors $Descriptors = array( 0 => array("pty"), 1 => array("pty"), 2 => array("pty"), 3 => array("pty") // This is the pipe we can feed the password into ); But i think the securest and better way is to write a php lib for dovecot crypt methods ---------------------------------------------------------------------- Comment By: Charles (libertytrek) Date: 2010-12-30 07:17 Message: Maybe someone could pose a question to Timo (dovecot author) and he could make a suggestion for how to handle this - or possibly even change the way 'doveadm -pw' works so this could be fixed properly in pfadmin? ---------------------------------------------------------------------- Comment By: Valkum (valkum) Date: 2010-12-30 06:02 Message: I tested the pty fix but it doesn't work i got can't encrypt password with dovecotpw on my console with use of PFA-CLI ---------------------------------------------------------------------- Comment By: Christian Boltz (christian_boltz) Date: 2010-07-25 12:19 Message: A user comment on http://php.net/manual/en/function.proc-open.php (from 2007-12-27) suggests that using 'pty' might work. Please open functions.inc.php, search for "$spec = array(" (around line 1213 in 2.3.1) and replace it (including the following 3 lines) with: $spec = array( 0 => array('pty'), 1 => array('pty'), 2 => array('pty') ); Does this help? Otherwise we'll probably have to use "doveadm pw -p foobar" with the password on the commandline. However I don't like this idea because the password will be visible in the processlist for a short time then :-( ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=937964&aid=3034389&group_id=191583 |