On Mon, Jun 18, 2001 at 06:30:56PM -0500, Mail01 test wrote:
> I ran into another problem this weekend while attempting to upgrade to a
> recent (latest?) version of Qmail-LDAP. It seems that we have a small
> number of old users whose passwords are stored in the NS-MTA-MD5 (Netscape)
> format. As far as I can tell, the checkpassword.c file still contains the
> necessary code to deal with this format. We have changed from a 1.x version
> of OpenLDAP to 2.0.6, but since all of our other accounts work, this would
> not seem to be a problem.
>
> Has anyone else run into a problem like this? Qmail-LDAP version is
> 05/01/2001, qmail is 1.03. We are working to have people change these
> passwords, but as many of them are for individuals outside of the company,
> it will take some time.
>
The NS-MTA Code was modified in the last release because the (original
Netscape) code was a security nightmare (there was a potential buffer
overflow in it). (Side note, it is not possible in qmail to trigger this
bufferoverflow but it is still bad programming style).
Perhaps we broke something in it. My and Andres problem is we can no
longer generate those Passwords, so if you can generate some passwords and
send me the hashes and the cleartext I can check if everithing is OK.
--
:wq Claudio
