[Dovecot] diacritic marks in password
Hugo Monteiro
hugo.monteiro at fct.unl.pt
Fri Jun 24 00:35:28 EEST 2011
On 06/22/2011 06:39 PM, Timo Sirainen wrote:
> On Wed, 2011-06-15 at 20:05 +0100, pch0317 wrote:
>> Hi,
>>
>> I have dovecot 2.0.beta6 (on RedHat 6) and my user uses thunderbird
>> 3.1.10 (on Windows XP).
>> I use authentication via LDAP (Windows server 2003 AD).
> With auth_bind=yes?
>
>> When user use in password diacritic marks (ą,ć,ę,ł,ń,ó) authentication
>> failed.
>>
>> What can I do?
> Not much from Dovecot's side, I'm afraid.
>
>
>
Hello,
I've stumbled across such a limitation myself, but i was using OpenLDAP
as ldap backend. I could even bind as the user, with ldapsearch, on the
command line.
Password data is stored in ldap as a base64 encoded utf-8 string. The
problem is that there is a long lasting bug in thunderbird that makes TB
_always_ use iso-8859-1 to enconde passwords, making them different from
what the ldap backend is expecting.
There was once someone that even provided the mozilla team with a patch,
but sadly they went on without applying it. Time went by and now, even
wanting to do the patching, the code changed so much that there would
have to be done a major code rewrite of the patch.
You can find out about all this in this bug report thread.
https://bugzilla.mozilla.org/show_bug.cgi?id=312593
In our case, we solved the problem by not allowing users to use
diacritics in passwords.
R's,
Hugo Monteiro.
--
fct.unl.pt:~# cat .signature
Hugo Monteiro
Email : hugo.monteiro at fct.unl.pt
Telefone : +351 212948300 Ext.15307
Web : http://hmonteiro.net
Divisão de Informática
Faculdade de Ciências e Tecnologia da
Universidade Nova de Lisboa
Quinta da Torre 2829-516 Caparica Portugal
Telefone: +351 212948596 Fax: +351 212948548
www.fct.unl.pt apoio at fct.unl.pt
fct.unl.pt:~# _
More information about the dovecot
mailing list