[Dovecot] bug in 99.13-rc2 in ldap md5 patch
Farkas Levente
lfarkas at bppiac.hu
Wed Dec 29 13:15:02 EET 2004
Timo Sirainen wrote:
> On Wed, 2004-12-29 at 11:40 +0100, Farkas Levente wrote:
>
>>>Hmm. That's a bit kludgy fix since then {PLAIN-MD5} would work
>>>differently with LDAP. Maybe I'll just remove the special case from
>>>password-scheme.c instead?
>>
>>no this way it's correct. ldap's md5 is equal with plain-md5. in the
>>scheme you should recognize it and use the plain-md5 algorithm.
>>anyway it works for me with openldap and md5;-)
>
>
> Um. LDAP's MD5 = base64-encoded, Dovecot's PLAIN-MD5 = hex-encoded I
> think. So with your patch it would be impossible to use hex-encoded MD5
> passwords in LDAP because it decodes {PLAIN-MD5} in base64.
>
> I think the LDAP kludges should affect only that if {MD5} password
> doesn't begin with $1$, it would be assumed to be base64-encoded MD5
> password.
may be. i just patch the original patch to work. but as i debug dovecot
it seems the auth process first reach passdb-ldap.c's line 111 as scheme
== PLAIN-MD5 (where the password is converted) and just after that
password-scheme.c's line 190... so the schema already plain-md5 in
passdb-ldap.c and without my patch it's not working:-(
--
Levente "Si vis pacem para bellum!"
More information about the dovecot
mailing list