[Users] [Bug 3157] Problem with long password in LDAP config
Bjørn T Johansen
btj at havleik.no
Thu Jul 30 23:59:15 CEST 2015
On Wed, 29 Jul 2015 08:54:27 +0000
noreply at thewildbeast.co.uk wrote:
> http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3157
>
> --- Comment #1 from Ricardo Mones <mones at users.sourceforge.net> ---
> Does it work if you use 15 character password *without* comma?
>
> The comma is a reserved char for attribute values in LDAP and must be escaped.
>
> But it also could be the AD is setting some maximum length check on the
> password.
>
No, it does not... I had a look at the source code and claws-mail are using the following method to encrypt:
ecb_crypt(des_key, buf, len, DES_ENCRYPT);
where the len = strlen(buf) and I think here is the problem... According to the man page for this method, the len paramenter is wrong... The man page
states:
The third argument, datalen, is the length in bytes of data, which must be a multiple of 8.
So my password that is 14 characters will not encrypt... I made a small test application where I used the same method and I was not able to encrypt
my password using 14 as my length... But when I used 64 as length, my password were enrypted and I could decrypt it again...
But I solved my problem by inserting my plain password inside the address book config file, since claws-mail do not decrypt the password if it does
not start with !| :)
But this should probably be fixed anyhow...
BTJ
More information about the Users
mailing list