Question: legacy mosquitto hasher support

[suculent]

Hello, this looks really neat. Is it possible to use original password file from mosquitto right now?

Or would it require adding legacy hasher somewhere about here? https://github.com/iegomez/mosquitto-go-auth/blob/master/hashing/hashing.go

I've never written anything in Go, but this could be something good to start.

[iegomez]

Hey, @suculent! Sadly, no, it's not possible: pw utility generates hashes using PBKDF2, Argon2id or Bcrypt, none of which match Mosquitto's hash for passwords (https://github.com/eclipse/mosquitto/blob/master/src/mosquitto_passwd.c).

A somewhat easy way to support it would be adding a Mosquitto hasher that expects an option with the path to mosquitto_passwd, and just runs an external command with the given password input to get the hash as the command's output. It's doable, but it depends on mosquitto_passwd being installed, which is not ideal.

So if you can update your passwords file to contain hashes generated by any of the supported hashers, then that'd be my recommendation. If that's not possible, which absolutely may be the case, let me know and I'll try to add said option as soon as possible.

Cheers!

[suculent]

Hello, I've just realized that (as a result of security misconfiguration) I'll be able to recover original passwords for the most critical clients... so there's no hurry.

It would be nice to support old password format for migrations in cases where the security has been proper.

[iegomez]

Yeah, the biggest issue with supporting it is that's not a common hasher strategy but a very custom one, meaning it's not trivial to implement and could easily change. I will look into supporting the option I mentioned.

[mrdc]

Mosquitto hash is based on crypt(3) - it’s not so hard to implement.

[iegomez]

Yeah, it's based in but it's not exactly crypt(3), ergo non trivial, nor fixed. If it ever changes, then it's one more thing I have to maintain.
PRs are very welcome by the way. 🙂

[mrdc]

PRs are very welcome by the way. 🙂

Unfortunately, my solution is for Python :/
In general it's SHA512(SHA512(password)+salt). Then make the final string to write to password file: $6$%s1$%s2 where %s1 - random salt, %s2 - SHA512 hash, $6 means SHA512, $5 - SHA256.

[suculent]

Why would it change? It would be breaking backwards compatibility in MQTT which is a reason for this question.

…

16. 11. 2020 v 2:27, Ignacio Gómez ***@***.***>:  Yeah, it's based in but it's not exactly crypt(3), ergo non trivial, nor fixed. If it ever changes, then it's one more thing I have to maintain. PRs are very welcome by the way. 🙂 — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe.

[iegomez]

Well, I've had to deal with changes in Mosquitto before and am sure I'll have to do again. Anyway, I'll probably add direct support by implementing their hashing when I get the time.

[suculent]

Ok. Closing as I can actually use supported hashes even for legacy devices. There will be additional work as ACL’s can not stay file-based when passwords are read from redis. But never mind.