[Dovecot] doveadm password check

Professa Dementia professa at dementianati.com
Mon Mar 11 21:49:37 EET 2013

On 3/11/2013 12:20 PM, Thomas Pries wrote:
> Hi,
> I want to write some php code that users can change there dovecot
> password via a roundcube plugin. I'm using php function crypt(...) to
> generate the hashes and everything works well so far.
> I'm using doveadm pw to generate testhashes e.g.:
> srv:~ # doveadm pw -r 5 -s BLF-CRYPT -p abc
> {BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y
> I expected an "ok" when using -t the hash when entering abc as a
> password, but I got:
> srv:~ # doveadm pw -r 5 -s BLF-CRYPT -t
> \{BLF-CRYPT}$2a$05$W82/Vw4ZEcHBC00M8cNwe.g8fOHuAeV7L5Q/q4W6VWl9V5kjoiz8y
> Enter password to verify:
> doveadm(root): Fatal: reverse password verification check failed:
> Password mismatch

There are several bugs dealing with what you are doing.  They are 
currently in the works and will be fixed in a future release of Dovecot.

1) Crypt hashes should not have the {...} prefix.  The $2a$ is the 
prefix that specifies the Eksblowfish crypt hash, just like $1$ 
specifies the MD5 crypt hash.  doveadm blindly puts the {...} in front 
of all hashes, which is a bug.  When the program goes to verify the 
hash, it passes the entire string including the {...} part to crypt, 
which fails, since it does not know what to do with it.

2) The Eksblowfish hash (the $2a$) was originally written on OpenBSD by 
Niels Provos and David Mazières and was called Bcrypt (Bcrypt is the 
correct name, not BLF-CRYPT as is used in Dovecot).  It was rewritten by 
Alexander Peslyak.  This rewritten version became more popular with 
Linux distros.  This version, however, turned out to have a bug, which 
Peslyak later fixed, but it means that $2a$ hashes were incompatible 
based on which library they used: the original OpenBSD, or the buggy 
Peslyak one.  A new hash type, $2y was used to specify the correct hash. 
  Even OpenBSD switched to the new system to maintain compatibility, 
even though their original libraries were correct.

Depending on whether your Eksblowfish (Bcrypt) libraries have been 
updated or not, there could be a problem with the $2a$ hash.

First try to remove the {BLF-CRYPT} from your hash.  It is not needed, 
and may be enough for it to verify.  If it still does not verify, then 
you may have an issue with your crypt libraries.  You might, then try 
changing the $2a$ to $2y$ and see if that makes the Eksblowfish 
libraries happy.


More information about the dovecot mailing list