hi, it takes me another hour do debug it again, although i already report it for both joshua and timo. the original patch for openldap's md5 crypt has a small bug. in passdb-ldap.c the schema is already PLAIN-MD5 since that was set in the other part of the original patch in password-scheme.c. do anybody use dovecot with ldap and md5 password? i don't think so:-( this patch would be useful to apply before the final 0.99.13. anyway in the current 1.0 series the PLAIN-MD5 and LDAP-MD5 schema are different. at least plain_md5_verify and plain_md5_generate differ from ldap_md5_verify and ldap_md5_generate. why? -- Levente "Si vis pacem para bellum!" -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: dovecot-ldap-md5-0.99.patch URL: <http://dovecot.org/pipermail/dovecot/attachments/20041222/ff5b7a73/attachment-0001.pl>
On Wed, 2004-12-22 at 18:36 +0100, Farkas Levente wrote:> it takes me another hour do debug it again, although i already report it > for both joshua and timo. the original patch for openldap's md5 crypt > has a small bug. in passdb-ldap.c the schema is already PLAIN-MD5 since > that was set in the other part of the original patch in password-scheme.c. > do anybody use dovecot with ldap and md5 password?Hmm. That's a bit kludgy fix since then {PLAIN-MD5} would work differently with LDAP. Maybe I'll just remove the special case from password-scheme.c instead?> anyway in the current 1.0 series the PLAIN-MD5 and LDAP-MD5 schema are > different. at least plain_md5_verify and plain_md5_generate differ from > ldap_md5_verify and ldap_md5_generate. why?hex vs. base64. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20041228/285142ac/attachment-0001.bin>
Timo Sirainen wrote:> On Wed, 2004-12-22 at 18:36 +0100, Farkas Levente wrote: > >>it takes me another hour do debug it again, although i already report it >> for both joshua and timo. the original patch for openldap's md5 crypt >>has a small bug. in passdb-ldap.c the schema is already PLAIN-MD5 since >>that was set in the other part of the original patch in password-scheme.c. >>do anybody use dovecot with ldap and md5 password? > > > Hmm. That's a bit kludgy fix since then {PLAIN-MD5} would work > differently with LDAP. Maybe I'll just remove the special case from > password-scheme.c instead?no this way it's correct. ldap's md5 is equal with plain-md5. in the scheme you should recognize it and use the plain-md5 algorithm. anyway it works for me with openldap and md5;-) -- Levente "Si vis pacem para bellum!"