[Users] [Bug 3157] Problem with long password in LDAP config

Bjørn T Johansen btj at havleik.no
Thu Jul 30 23:59:15 CEST 2015

On Wed, 29 Jul 2015 08:54:27 +0000
noreply at thewildbeast.co.uk wrote:

> http://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=3157
> --- Comment #1 from Ricardo Mones <mones at users.sourceforge.net> ---
> Does it work if you use 15 character password *without* comma?
> The comma is a reserved char for attribute values in LDAP and must be escaped. 
> But it also could be the AD is setting some maximum length check on the
> password.

No, it does not... I had a look at the source code and claws-mail are using the following method to encrypt:

ecb_crypt(des_key, buf, len, DES_ENCRYPT);

where the len = strlen(buf) and I think here is the problem... According to the man page for this method, the len paramenter is wrong... The man page

The  third  argument, datalen, is the length in bytes of data, which must be a multiple of 8.

So my password that is 14 characters will not encrypt... I made a small test application where I used the same method and I was not able to encrypt
my password using 14 as my length... But when I used 64 as length, my password were enrypted and I could decrypt it again...

But I solved my problem by inserting my plain password inside the address book config file, since claws-mail do not decrypt the password if it does
not start with !|  :)

But this should probably be fixed anyhow...


More information about the Users mailing list