[GH-ISSUE #49] defaults.mailbox.password_hash should not be required for schemes using crypt() #40

New issue

Closed

opened 2026-02-26 09:35:22 +03:00 by kerem · 2 comments

kerem commented

2026-02-26 09:35:22 +03:00

Owner

Originally created by @rimas-kudelis on GitHub (Sep 16, 2013).
Original GitHub issue: https://github.com/opensolutions/ViMbAdmin/issues/49

When using the crypt() function to hash the password, the salt is being saved in the hash.
This means that there is no need to have a preset salt in such cases, because it is always recoverable from the password. Using the same salt in less secure in this case.

Even more interesting, it seems that if the salt value would be changed in the config file, the end user would no longer be allowed to change their password using the "Mailbox password change" function (even though they would be able to log in using IMAP and other protocols), because in AuthController::changePasswordAction(), the users current password is checked against the configured hash, which would not match by then.

I think the requirement of pre-configured salt could be avoided for crypt() if the Mailbox class had a separate function allowing to check whether a given password is valid. It also seems to me that it would make sense if the hash scheme would be a property of the Mailbox object itself. Unfortunately, I've never worked with Doctrine or Zend, so I've no idea if it's possible to pass these settings to the Mailbox object during its initialization.

Originally created by @rimas-kudelis on GitHub (Sep 16, 2013). Original GitHub issue: https://github.com/opensolutions/ViMbAdmin/issues/49 When using the crypt() function to hash the password, the salt is being saved in the hash. This means that there is no need to have a preset salt in such cases, because it is always recoverable from the password. Using the same salt in less secure in this case. Even more interesting, it seems that if the salt value would be changed in the config file, the end user would no longer be allowed to change their password using the "Mailbox password change" function (even though they would be able to log in using IMAP and other protocols), because in `AuthController::changePasswordAction()`, the users current password is checked against the configured hash, which would not match by then. I think the requirement of pre-configured salt could be avoided for crypt() if the Mailbox class had a separate function allowing to check whether a given password is valid. It also seems to me that it would make sense if the hash scheme would be a property of the Mailbox object itself. Unfortunately, I've never worked with Doctrine or Zend, so I've no idea if it's possible to pass these settings to the Mailbox object during its initialization.

kerem closed this issue

2026-02-26 09:35:22 +03:00

kerem commented

2026-02-26 09:35:23 +03:00

Author

Owner

@dxtr commented on GitHub (Sep 18, 2013):

Oh, so this is why I can't use the "Mailbox password change" function?

@dxtr commented on GitHub (Sep 18, 2013): Oh, so this is why I can't use the "Mailbox password change" function?

kerem commented

2026-02-26 09:35:23 +03:00

Author

Owner

@barryo commented on GitHub (Feb 15, 2014):

Oh, so this is why I can't use the "Mailbox password change" function?

Nah, the crypt() implementation was broken.

All fixed in V3 via opensolutions/OSS-Framework@e6c0b8c8fc in V3.

@barryo commented on GitHub (Feb 15, 2014): > Oh, so this is why I can't use the "Mailbox password change" function? Nah, the crypt() implementation was broken. All fixed in V3 via opensolutions/OSS-Framework@e6c0b8c8fcef2d2a7516973d37fc0f539c578d91 in V3.