Timo Sirainen wrote:
On Wed, 2004-12-29 at 11:40 +0100, Farkas Levente wrote:
Hmm. That's a bit kludgy fix since then {PLAIN-MD5} would work differently with LDAP. Maybe I'll just remove the special case from password-scheme.c instead?
no this way it's correct. ldap's md5 is equal with plain-md5. in the scheme you should recognize it and use the plain-md5 algorithm. anyway it works for me with openldap and md5;-)
Um. LDAP's MD5 = base64-encoded, Dovecot's PLAIN-MD5 = hex-encoded I think. So with your patch it would be impossible to use hex-encoded MD5 passwords in LDAP because it decodes {PLAIN-MD5} in base64.
I think the LDAP kludges should affect only that if {MD5} password doesn't begin with $1$, it would be assumed to be base64-encoded MD5 password.
may be. i just patch the original patch to work. but as i debug dovecot it seems the auth process first reach passdb-ldap.c's line 111 as scheme == PLAIN-MD5 (where the password is converted) and just after that password-scheme.c's line 190... so the schema already plain-md5 in passdb-ldap.c and without my patch it's not working:-(
-- Levente "Si vis pacem para bellum!"