[Tickets #2865] Support for switching to a new password scheme
bugs@bugs.horde.org
bugs at bugs.horde.org
Mon Oct 31 15:10:41 PST 2005
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/?id=2865
-----------------------------------------------------------------------
Ticket | 2865
Updated By | ulrich-horde at topfen.net
Summary | Support for switching to a new password scheme
Queue | Passwd
Version | HEAD
State | Feedback
Priority | 2. Medium
Type | Enhancement
Owners |
+New Attachment | Driver.php.v2.patch
-----------------------------------------------------------------------
ulrich-horde at topfen.net (2005-10-31 15:10) wrote:
Oh, and one other thing. (It's not a security issue though, rather an
interoperability problem.)
In Auth::getCryptedPassword(), there are two password schemes that have
"{MD5}" as an identifier, neither of which have "md5" as the parameter
name. As the default scheme is hex-encoded MD5 and not base64-encoded,
this makes my patch not work with LDAP backends.
An updated version that also fixes the issue of not setting $encryption
if not finding a scheme identifier is attached.
More information about the bugs
mailing list