[horde] Patch - New "Encryption" type added to framework Auth.phpfor MS Active Directory unicodePwd encoding.

Jan Schneider jan at horde.org
Tue May 4 04:27:39 PDT 2004 

Zitat von LRM <lrm at ionline.com.br>:

> ALLRIGHT I'VE FOUND IT
>
> Removed base_64 encoding of the password string, Active Directory accepted
> it, AND SUCCESSFULLY CHANGED THE PASSWORD. Woot! :D

Great.

> I'm going to include the solution and remake the patch to have passwd fully
> integrated into Active Directory asap.
>
> Thank God.
>
> LRM
>
> -----Original Message-----
> From: horde-bounces at lists.horde.org [mailto:horde-bounces at lists.horde.org]
> On Behalf Of LRM
> Sent: Monday, May 03, 2004 8:57 PM
> To: horde at lists.horde.org
> Subject: RE: [horde] Patch - New "Encryption" type added to framework
> Auth.phpfor MS Active Directory unicodePwd encoding.
>
>
> Jan,
>
> First, thanks for the replies and suggestions so far, I really appreciate it
> and if you can follow my findings a bit more maybe you can help me get out
> of this cursed attempt to integrate passwd change on Active Directory,
> you'll see why I'm going nuts here if u get some time to read this ;-)
>
> Indeed, I'm kinda amazed by the differences you observed:
>
> Using mb_convert_encoding to encode "newPassword" string produces:
>
> 00000000h: 22 00 6E 00 65 00 77 00 50 00 61 00 73 00 73 00 ;".n.e.w.P.a.s.s.
> 00000010h: 77 00 6F 00 72 00 64 00 22 00                   ;w.o.r.d.".
>
> Base_64 this and you get: IgBuAGUAdwBQAGEAcwBzAHcAbwByAGQAIgA=
>
>
> Using String::convertCharset to encode "newPassword" string produces:
>
> 00000000h: 22 00 6E 00 65 00 77 00 50 00 61 00 73 00 73 00 ;".n.e.w.P.a.s.s.
> 00000010h: 77 00 6F 00 72 00 64 00 22 00 78                ;w.o.r.d.".x
>
> Base_64 this and you get: IgBuAGUAdwBQAGEAcwBzAHcAbwByAGQAIgB4
>
> So I'm guessing String::convertCharset is doing some additional formatting
> or something, but the resulting base64 string is not valid for unicodePwd
> attribute of MS AD, as I've tested with LDIFE.

Yeah, the iconv part of String::convertCharset() appends a "x" at the end of
the string before the converting, to workaround a bug in iconv. *But* this
character should be stripped from the converted string after the
conversion. Due to a bug in String::convertCharset() this didn't work
correctly when the target charset was multibyte.
This should be fixed now. Even if it works now for you, can you please test
with an updated framework if that extra character disappears now?

Jan.

--
http://www.horde.org - The Horde Project
http://www.ammma.de - Neue Wege des Lernens
http://www.tip4all.de - Deine private Tippgemeinschaft

More information about the horde mailing list