From 31805f165632f80f25ce3f2887bd9bda821771c8 Mon Sep 17 00:00:00 2001 From: Felix Kaechele Date: Thu, 11 Feb 2021 03:31:53 -0500 Subject: [PATCH] [Web] Implement all supported dovecot password schemas (#3974) When migrating from other Dovecot based installations it can be very convenient to just copy over existing hashed passwords. However, mailcow currently only supports a limited number of password schemes. This commit implements all password schemes that do not require challenge/response or OTP mechanisms. A convenient way to generate the regex with all supported schemas is `docker-compose exec dovecot-mailcow doveadm pw -l | awk -F' ' '{printf "/^{("; for(i=1;i<=NF-1;i++){printf "%s%s", sep, $i; sep="|"}; printf ")}/i\n"}'` Note that this will also include unsupported challenge/response and OTP schemas. Furthermore this increases the vsz_limit for the dovecot auth service to 2G for the use of ARGON2I and ARGON2ID schemas. Signed-off-by: Felix Kaechele --- data/conf/dovecot/dovecot.conf | 1 + data/web/inc/functions.inc.php | 155 ++++++++++++++----------- data/web/inc/functions.mailbox.inc.php | 4 +- 3 files changed, 90 insertions(+), 70 deletions(-) diff --git a/data/conf/dovecot/dovecot.conf b/data/conf/dovecot/dovecot.conf index 740e0e6c..f826eb46 100644 --- a/data/conf/dovecot/dovecot.conf +++ b/data/conf/dovecot/dovecot.conf @@ -382,6 +382,7 @@ service auth { mode = 0600 user = vmail } + vsz_limit = 2G } service managesieve-login { inet_listener sieve { diff --git a/data/web/inc/functions.inc.php b/data/web/inc/functions.inc.php index e3f28822..36bd3e9e 100644 --- a/data/web/inc/functions.inc.php +++ b/data/web/inc/functions.inc.php @@ -483,75 +483,94 @@ function alertbox_log_parser($_data){ } return false; } -function verify_hash($hash, $password) { - if (preg_match('/^{SSHA256}/i', $hash)) { - // Remove tag if any - $hash = preg_replace('/^{SSHA256}/i', '', $hash); - // Decode hash - $dhash = base64_decode($hash); - // Get first 32 bytes of binary which equals a SHA256 hash - $ohash = substr($dhash, 0, 32); - // Remove SHA256 hash from decoded hash to get original salt string - $osalt = str_replace($ohash, '', $dhash); - // Check single salted SHA256 hash against extracted hash - if (hash_equals(hash('sha256', $password . $osalt, true), $ohash)) { - return true; - } +function verify_salted_hash($hash, $password, $algo, $salt_length) +{ + // Decode hash + $dhash = base64_decode($hash); + // Get first 20 bytes of binary which equals a SSHA hash + $ohash = substr($dhash, 0, $salt_length); + // Remove SSHA hash from decoded hash to get original salt string + $osalt = str_replace($ohash, '', $dhash); + // Check single salted SSHA hash against extracted hash + if (hash_equals(hash($algo, $password . $osalt, true), $ohash)) { + return true; } - elseif (preg_match('/^{SSHA}/i', $hash)) { - // Remove tag if any - $hash = preg_replace('/^{SSHA}/i', '', $hash); - // Decode hash - $dhash = base64_decode($hash); - // Get first 20 bytes of binary which equals a SSHA hash - $ohash = substr($dhash, 0, 20); - // Remove SSHA hash from decoded hash to get original salt string - $osalt = str_replace($ohash, '', $dhash); - // Check single salted SSHA hash against extracted hash - if (hash_equals(hash('sha1', $password . $osalt, true), $ohash)) { - return true; - } - } - elseif (preg_match('/^{PLAIN-MD5}/i', $hash)) { - $hash = preg_replace('/^{PLAIN-MD5}/i', '', $hash); - if (md5($password) == $hash) { - return true; - } - } - elseif (preg_match('/^{SHA512-CRYPT}/i', $hash)) { - // Remove tag if any - $hash = preg_replace('/^{SHA512-CRYPT}/i', '', $hash); - // Decode hash - preg_match('/\\$6\\$(.*)\\$(.*)/i', $hash, $hash_array); - $osalt = $hash_array[1]; - $ohash = $hash_array[2]; - if (hash_equals(crypt($password, '$6$' . $osalt . '$'), $hash)) { - return true; - } - } - elseif (preg_match('/^{SSHA512}/i', $hash)) { - $hash = preg_replace('/^{SSHA512}/i', '', $hash); - // Decode hash - $dhash = base64_decode($hash); - // Get first 64 bytes of binary which equals a SHA512 hash - $ohash = substr($dhash, 0, 64); - // Remove SHA512 hash from decoded hash to get original salt string - $osalt = str_replace($ohash, '', $dhash); - // Check single salted SHA512 hash against extracted hash - if (hash_equals(hash('sha512', $password . $osalt, true), $ohash)) { - return true; - } - } - elseif (preg_match('/^{MD5-CRYPT}/i', $hash)) { - $hash = preg_replace('/^{MD5-CRYPT}/i', '', $hash); - if (password_verify($password, $hash)) { - return true; - } - } - elseif (preg_match('/^{BLF-CRYPT}/i', $hash)) { - $hash = preg_replace('/^{BLF-CRYPT}/i', '', $hash); - if (password_verify($password, $hash)) { - return true; + return false; +} + +function verify_hash($hash, $password) +{ + if (preg_match('/^{(.+)}(.+)/i', $hash, $hash_array)) { + $scheme = strtoupper($hash_array[1]); + $hash = $hash_array[2]; + switch ($scheme) { + case "ARGON2I": + case "ARGON2ID": + case "BLF-CRYPT": + case "CRYPT": + case "DES-CRYPT": + case "MD5-CRYPT": + case "MD5": + case "SHA256-CRYPT": + case "SHA512-CRYPT": + return password_verify($password, $hash); + + case "CLEAR": + case "CLEARTEXT": + case "PLAIN": + return $password == $hash; + + case "LDAP-MD5": + $hash = base64_decode($hash); + return hash_equals(hash('md5', $password, true), $hash); + + case "PBKDF2": + $components = explode('$', $hash); + $salt = $components[2]; + $rounds = $components[3]; + $hash = $components[4]; + return hash_equals(hash_pbkdf2('sha1', $password, $salt, $rounds), $hash); + + case "PLAIN-MD4": + return hash_equals(hash('md4', $password), $hash); + + case "PLAIN-MD5": + return md5($password) == $hash; + + case "PLAIN-TRUNC": + $components = explode('-', $hash); + if (count($components) > 1) { + $trunc_len = $components[0]; + $trunc_password = $components[1]; + + return substr($password, 0, $trunc_len) == $trunc_password; + } else { + return $password == $hash; + } + + case "SHA": + case "SHA1": + case "SHA256": + case "SHA512": + // SHA is an alias for SHA1 + $scheme = $scheme == "SHA" ? "sha1" : strtolower($scheme); + $hash = base64_decode($hash); + return hash_equals(hash($scheme, $password, true), $hash); + + case "SMD5": + return verify_salted_hash($hash, $password, 'md5', 16); + + case "SSHA": + return verify_salted_hash($hash, $password, 'sha1', 20); + + case "SSHA256": + return verify_salted_hash($hash, $password, 'sha256', 32); + + case "SSHA512": + return verify_salted_hash($hash, $password, 'sha512', 64); + + default: + return false; } } return false; diff --git a/data/web/inc/functions.mailbox.inc.php b/data/web/inc/functions.mailbox.inc.php index fff41900..c724ffac 100644 --- a/data/web/inc/functions.mailbox.inc.php +++ b/data/web/inc/functions.mailbox.inc.php @@ -1055,7 +1055,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) { return false; } // support pre hashed passwords - if (preg_match('/^({SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5})/i', $password)) { + if (preg_match('/^{(ARGON2I|ARGON2ID|BLF-CRYPT|CLEAR|CLEARTEXT|CRYPT|DES-CRYPT|LDAP-MD5|MD5|MD5-CRYPT|PBKDF2|PLAIN|PLAIN-MD4|PLAIN-MD5|PLAIN-TRUNC|PLAIN-TRUNC|SHA|SHA1|SHA256|SHA256-CRYPT|SHA512|SHA512-CRYPT|SMD5|SSHA|SSHA256|SSHA512)}/i', $password)) { $password_hashed = $password; } else { @@ -2557,7 +2557,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) { continue; } // support pre hashed passwords - if (preg_match('/^({SSHA256}|{SSHA}|{SHA512-CRYPT}|{SSHA512}|{MD5-CRYPT}|{PLAIN-MD5})/i', $password)) { + if (preg_match('/^{(ARGON2I|ARGON2ID|BLF-CRYPT|CLEAR|CLEARTEXT|CRYPT|DES-CRYPT|LDAP-MD5|MD5|MD5-CRYPT|PBKDF2|PLAIN|PLAIN-MD4|PLAIN-MD5|PLAIN-TRUNC|PLAIN-TRUNC|SHA|SHA1|SHA256|SHA256-CRYPT|SHA512|SHA512-CRYPT|SMD5|SSHA|SSHA256|SSHA512)}/i', $password)) { $password_hashed = $password; } else {