|
From: Aaron L. <aa...@ac...> - 2016-10-14 17:57:53
|
Hi,
I'm attaching a patch which should allow users to change their
$CONF['encrypt'] setting and still allow passwords in the database
encrypted with an older method to be used to login. Note that this is
only for 'dovecot:' methods, and may require some manual database
updates (i.e. if you used the 'md5crypt' method previously, you'll have
to prefix all the existing password entries in the database with
'{MD5-CRYPT}', since it only adds the '$1' prefix).
With those caveats out of the way, this seems to have allowed me to
update my password configuration (making the password encryption
stronger) without requiring all postfixadmin admins to immediately
recreate new passwords. Please let me know if you see any issues with
this patch - I'd love your feedback, and would like to see this upstream
if possible.
Thanks!
-Aaron
|
