[Dovecot] bug in 99.13-rc2 in ldap md5 patch
Farkas Levente
lfarkas at bppiac.hu
Wed Dec 22 19:36:47 EET 2004
hi,
it takes me another hour do debug it again, although i already report it
for both joshua and timo. the original patch for openldap's md5 crypt
has a small bug. in passdb-ldap.c the schema is already PLAIN-MD5 since
that was set in the other part of the original patch in password-scheme.c.
do anybody use dovecot with ldap and md5 password?
i don't think so:-(
this patch would be useful to apply before the final 0.99.13.
anyway in the current 1.0 series the PLAIN-MD5 and LDAP-MD5 schema are
different. at least plain_md5_verify and plain_md5_generate differ from
ldap_md5_verify and ldap_md5_generate. why?
--
Levente "Si vis pacem para bellum!"
-------------- next part --------------
--- dovecot-0.99.13/src/auth/passdb-ldap.c.lfarkas 2004-12-22 17:06:25.000000000 +0100
+++ dovecot-0.99.13/src/auth/passdb-ldap.c 2004-12-22 17:06:56.000000000 +0100
@@ -109,12 +109,11 @@
}
/* Special case for OpenLDAP's MD5 type */
- if (strcasecmp(scheme, "MD5") == 0) {
+ if (strcasecmp(scheme, "PLAIN-MD5") == 0) {
buf = buffer_create_static(data_stack_pool, 16);
if (base64_decode(password, strlen(password), NULL, buf) == 1
&& buffer_get_used_size(buf) == 16) {
password = binary_to_hex(buffer_get_data(buf, NULL), 16);
- scheme = "PLAIN-MD5";
}
}
More information about the dovecot
mailing list