[Dovecot] diacritic marks in password
Hi,
I have dovecot 2.0.beta6 (on RedHat 6) and my user uses thunderbird 3.1.10 (on Windows XP). I use authentication via LDAP (Windows server 2003 AD).
When user use in password diacritic marks (ą,ć,ę,ł,ń,ó) authentication failed.
What can I do?
Thanks
On 2011-06-15 3:05 PM, pch0317 wrote:
I have dovecot 2.0.beta6
<snip>
What can I do?
Upgrade (2.0b6 is WAY too old to even think about trying to debug), then if you're still having problems come back again and provide your config details and maybe some logs of a failed auth attempt...
--
Best regards,
Charles
On Miércoles 15 Junio 2011 21:11:13 Charles Marcus escribió:
On 2011-06-15 3:05 PM, pch0317 wrote:
I have dovecot 2.0.beta6
<snip>
What can I do?
Upgrade (2.0b6 is WAY too old to even think about trying to debug), then if you're still having problems come back again and provide your config details and maybe some logs of a failed auth attempt...
It's not even the current version in RH; now it's 2.0.9.
Joseba Torre. Vicegerencia de TICs, área de Explotación
On Wed, 2011-06-15 at 20:05 +0100, pch0317 wrote:
Hi,
I have dovecot 2.0.beta6 (on RedHat 6) and my user uses thunderbird 3.1.10 (on Windows XP). I use authentication via LDAP (Windows server 2003 AD).
With auth_bind=yes?
When user use in password diacritic marks (ą,ć,ę,ł,ń,ó) authentication failed.
What can I do?
Not much from Dovecot's side, I'm afraid.
On 06/22/2011 06:39 PM, Timo Sirainen wrote:
On Wed, 2011-06-15 at 20:05 +0100, pch0317 wrote:
Hi,
I have dovecot 2.0.beta6 (on RedHat 6) and my user uses thunderbird 3.1.10 (on Windows XP). I use authentication via LDAP (Windows server 2003 AD). With auth_bind=yes?
When user use in password diacritic marks (ą,ć,ę,ł,ń,ó) authentication failed.
What can I do? Not much from Dovecot's side, I'm afraid.
Hello,
I've stumbled across such a limitation myself, but i was using OpenLDAP as ldap backend. I could even bind as the user, with ldapsearch, on the command line. Password data is stored in ldap as a base64 encoded utf-8 string. The problem is that there is a long lasting bug in thunderbird that makes TB _always_ use iso-8859-1 to enconde passwords, making them different from what the ldap backend is expecting. There was once someone that even provided the mozilla team with a patch, but sadly they went on without applying it. Time went by and now, even wanting to do the patching, the code changed so much that there would have to be done a major code rewrite of the patch. You can find out about all this in this bug report thread.
https://bugzilla.mozilla.org/show_bug.cgi?id=312593
In our case, we solved the problem by not allowing users to use diacritics in passwords.
R's,
Hugo Monteiro.
-- fct.unl.pt:~# cat .signature
Hugo Monteiro Email : hugo.monteiro@fct.unl.pt Telefone : +351 212948300 Ext.15307 Web : http://hmonteiro.net
Divisão de Informática Faculdade de Ciências e Tecnologia da Universidade Nova de Lisboa Quinta da Torre 2829-516 Caparica Portugal Telefone: +351 212948596 Fax: +351 212948548 www.fct.unl.pt apoio@fct.unl.pt
fct.unl.pt:~# _
participants (5)
-
Charles Marcus
-
Hugo Monteiro
-
Joseba Torre
-
pch0317
-
Timo Sirainen