Hello Jakob, thanks for the hint! I created a new crypted password from an iso-8859-15 environment and wrote it to the database. Now I can login from horde frontend! But not not anymore from telnet or other clients.... :D This gives me a headache..... So I guess the only solution is to hack the authlib to check if the password is coming in utf-8 or iso?
regards Stefan Jakob Bohm schrieb: > On 10/5/2012 4:56 PM, Stefan König wrote: >> Hello list, >> >> I hope I am posting to the correct mailing list :) >> Until yesterday I was running a courier imap server with authlib mysql >> backend using cleartext passwords. >> This worked fine, even with German special characters (ä ü ö ß) in >> passwords. >> Then I switched to encrypted passwords und used authpasswd to encrypt >> all plaintext PWs (crypt-md5). >> >> I heard from several people, that their PW is not working anymore and >> they all contain one or more of the above characters. >> They all try to login using the Horde IMP Webmail frontend. >> And now to the interesting part. I found out, that when entering the >> password via "telnet localhost 143" for testing, it works. >> But when entering it into the webmail frontend it doesn't. >> Using tcpdump I saw, that using telnet (on my UTF8 console!) the special >> character is transmitted using 2byte, like it is common in UTF-8. Using >> the horde webmail, it is transmitted to the imap server in ISO-8559-15, >> which uses 1byte! >> Switching apache and/or php to UTF8 does not change that. Horde devs >> say, it is not a Horde problem ;) >> >> Now the big question: Is there a switch or config option to change the >> authlib and/or the imap server so, that it accepts both utf8 and iso >> 8559 charsets in password? Or maybe only the last one? >> >> I hope someone can help or point me into the right direction! >> > I think the trick is to set your current locale to an ISO-8859-15 > based locale when doing the conversion from plain text to MD5 > passwords. > > So if you have not yet deleted all backups of the plain text > passwords, then simply extract the plaintext passwords from a > backup, convert them to ISO-8859-15 and pass them to authpasswd > in that encoding. > > Another alternative is to hack in a call to iconv() in a privately > compiled copy of authlib, checking both the received (unconverted) > and the iso-8859-15 to utf-8 converted copies of the received > password against the database. > > Enjoy > > Jakob ------------------------------------------------------------------------------ Don't let slow site performance ruin your business. Deploy New Relic APM Deploy New Relic app performance management and know exactly what is happening inside your Ruby, Python, PHP, Java, and .NET app Try New Relic at no cost today and get our sweet Data Nerd shirt too! http://p.sf.net/sfu/newrelic-dev2dev _______________________________________________ Courier-imap mailing list Courier-imap@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
