Hi,
It may be useful for testing purpose to know if a generated password hash correspond to a given clear password. This can be useful to check if a hash generated by another program can be verified by Dovecot without any errors.
This patch adds the ability the verify a password hash using doveadm pw via the -V option.
$ doveadm pw -s SSHA.hex Enter new password: Retype new password: {SSHA.HEX}58b910d947c60b35be3e12b0d9897c1f87dfa450e6d5a75c
$ doveadm pw -s SSHA.hex -V{SSHA.HEX}58b910d947c60b35be3e12b0d9897c1f87dfa450e6d5a75c Enter new password: Retype new password: {SSHA.HEX}4fdf801f57870fb624bee60895c2308187837dfb3987ca06 (verified)
When the user specify a hash, it is checked in place of the usual verification process. This works with all schemes. Just be sure to escape special characters or use simple quotes.
$ doveadm pw -s MD5-CRYPT -V'{MD5-CRYPT}$1$R7thDyN.$E0G0czPE/h4S0Hn/b5oVW1'
Enter new password:
Retype new password:
{MD5-CRYPT}$1$rp8nVSqq$gDAPM5iqv1yhBoDZIWsQ4/ (verified)Lets print a failed check:
doveadm pw -s CRYPT -V{CRYPT}/uuE/AAAAAAAA
Enter new password:
Retype new password:
reverse password verification check failedFYI the word used for those test cases was "password".
Regards,
Jimmy Thrasibule <spack.world@gmail.com>