Linux

如何使用 sql 驅動程序設置圓形密碼外掛和使用隨機鹽加密的 mysql?

  • September 18, 2019

我有一個安裝和配置為http://flurdy.com/docs/postfix/index.html的郵件伺服器。我使用帶有兩個欄位=和=maildb的表的 mysql 數據庫。使用如下查詢更新密碼:users``id``'user@domain.com'``crypt``'salted_md5_hash'

UPDATE users SET crypt = ENCRYPT('apassword', CONCAT('$5$', MD5(RAND()))) WHERE id = 'user@domain.tld';

Roundcube 1.0-RC 根據http://trac.roundcube.net/wiki/Howto_Install安裝

如何設置圓形立方體密碼外掛以與上述安裝一起使用?

編輯roundcube mainconfig.inc.php並將外掛名稱**“密碼”**添加到外掛數組()中,如下所示,以啟動外掛:

// List of active plugins (in plugins/ directory)
$config['plugins'] = array('password');

您還可以記下 roundcube 用於連接到**“roundcube”** mysql 數據庫的 DSN$config['db_dsnw'] = 'mysql://user:pass@localhost/roundcube'

cd 進入.../roundcube_www_root/plugins/password/並創建config.inc.php

# cp config.inc.php.dist config.inc.php
# vi config.inc.php

編輯密碼外掛中的以下行config.inc.php

<?php

$config['password_driver'] = 'sql';
$config['password_confirm_current'] = true;
$config['password_minimum_length'] = 8;
$config['password_require_nonalpha'] = false;
$config['password_log'] = false;
$config['password_login_exceptions'] = null;
// If the server is accessed via fqdn, replace localhost by the fqdn:
$config['password_hosts'] = array('127.0.0.1');
$config['password_force_save'] = true;

// SQL Driver options
$config['password_db_dsn'] = 'mysql://user:pass@localhost/maildb';

// SQL Update Query with encrypted password using random 8 character salt
$config['password_query'] = 'UPDATE users SET crypt=ENCRYPT(%p,CONCAT(_utf8\'$5$\',RIGHT(MD5(RAND()),8),_utf8\'$\')) WHERE id=%u LIMIT 1';

...

要使用SHA-512密碼雜湊而不是SHA-256,請將 設置$id$$6$(另請參見man 3 crypt):

$config['password_query'] = 'UPDATE users SET crypt=ENCRYPT(%p,CONCAT(_utf8\'$6$\',RIGHT(MD5(RAND()),8),_utf8\'$\')) WHERE id=%u LIMIT 1';

請參閱.../plugins/password/README.../plugins/password/config.inc.php.dist了解更多資訊。

假設您將使用相同的 mysql 使用者作為密碼外掛來更新密碼,您必須將’maildb’ 中表**‘users’SELECTUPDATE**權限授予’ roundcube mysql 使用者:

# mysql -u root -p
mysql > GRANT SELECT,UPDATE ON maildb.users TO 'roundcube'@'localhost';
mysql > FLUSH PRIVILEGES;
mysql > quit
# 

就是這樣。如果遇到問題,請跟踪 roundcube 錯誤日誌:

# tail -f ../../logs/error

引用自:https://serverfault.com/questions/575389