Closed skid9000 closed 2 years ago
the-djmaze
commented
2 years ago You're welcome!
In the plugin PDO driver settings you could change the update query.
Say something like: UPDATE ... password = REPLACE(password, '$2y$', '$2d$')
https://www.postgresqltutorial.com/postgresql-replace/
Does that solve it for you?
skid9000
commented
2 years ago Oh, that could work !
So like this it should be ok for the plugin ?
UPDATE credentials SET password = REPLACE(:newpass, '$2y$', '$2b$') WHERE <condition>
the-djmaze
commented
2 years ago Theoretically: yes
You have to try it.
skid9000
commented
2 years ago It works ! Thanks !
the-djmaze
commented
2 years ago As for others finding this issue:
There is no difference between 2a, 2x, 2y, and 2b. PHP just generates 2y. So just do the same as @skid9000 and change the SQL query.
First of all, thanks for this fork, and thanks for the change-password plugin ! I was a long time user of rainloop and just discovered this project and i love it.
Is your feature request related to a problem? Please describe. I use OpenSMTPD as my MDA and MTA, with Postgres implementation, it require bcrypt for password hashs, however, it needs them in the 2b format, it plain dosen't want 2y. The change-password plugin send 2y formated hash to the database.
Describe the solution you'd like It would be nice in the admin panel to have a check box named like "Use OpenBSD bcrypt implementation". As OpenBSD and PHP uses modern bcrypt, we could just change the header of the hash from $2y$ to $2b$ before sending the PDO request.