[Dovecot] Authentication Problem MD5 hashs
Fabrizio Steiner
fabrizio.steiner at vweb.ch
Fri Mar 31 04:43:35 EEST 2006
Hello
I've migrated to dovecot-1.0beta3 and I have taken over the password
files from an older system. For some reason the md5 hashs have "[" chars
in the salt.
For example like this $1$[xxxXX[E$bg/d4JdSSf2kTL8sXXxXXX
Now the problem is that in the file src/auth/db-passwd-file.c on line 43
for libpam-pwdfile compatibility it will be searched for "[" to find the
type of the password hash. Then only the hash up to this point will be
used in future for comparing the passwords.
The problem line.
p = pass == NULL ? NULL : strchr(pass, '[');
I changed the behavior to always use the complete hash out of the file
because I don't use pam.
Does anyone know if [ chars are allowed in md5 hashs?
Kind Regards
Fabrizio Steiner
More information about the dovecot
mailing list