https://issues.apache.org/bugzilla/show_bug.cgi?id=45318
Summary: mod_authnz_ldap does not convert passwords to UTF-8
Product: Apache httpd-2
Version: 2.2.9
Platform: All
OS/Version: All
Status: NEW
Severity: minor
Priority: P2
Component: mod_authn_ldap
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
Created an attachment (id=22202)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=22202)
Patch to support converting passwords to UTF-8 in mod_authnz_ldap.c
Hello,
we are using basic authentication against an LDAPv3 server, which talks UTF-8.
The authentication fails, if a user has special characters in his password
(like the paragraph character ยง).
This is 0xA7 in ISO-8859-1 from the client, but should be 0xC2A7 in UTF-8 to
the directory server.
This happens with every character, which is not ASCII, because it is a two-byte
character then. (First bit is always 0 in UTF-8 for one-byte characters)
mod_authnz_ldap only converts usernames correctly (if given
"AuthLDAPCharsetConfig conf/charset.conv"), but not passwords!
I have written a patch against httpd 2.2.9.
See attachments.
========
LOG FILE
========
[Thu Jun 26 18:18:51 2008] [debug] mod_authnz_ldap.c(376): [client
10.192.120.192] [30522] auth_ldap authenticate: using URL
ldap://ldap.intranet.mycompany.com:38
9/ou=Users,o=MYCOMPANY,c=de?uid?sub
[Thu Jun 26 18:18:54 2008] [warn] [client 10.192.120.192] [30522] auth_ldap
authenticate: user J23259 authentication failed; URI /webhosting/
[ldap_simple_bin
d_s() to check user credentials failed][Invalid credentials]
[Thu Jun 26 18:18:54 2008] [error] [client 10.192.120.192] user J23259:
authentication failure for "/webhosting/": Password Mismatch
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
