Summary: | Password obfuscator fails to decrypt some passwords | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Claws Mail (GTK 2) | Reporter: | beavisjohn | ||||||
Component: | Other | Assignee: | users | ||||||
Status: | RESOLVED INVALID | ||||||||
Severity: | normal | ||||||||
Priority: | P3 | ||||||||
Version: | 3.7.9 | ||||||||
Hardware: | PC | ||||||||
OS: | Linux | ||||||||
Attachments: |
|
Description
beavisjohn
2011-05-17 20:09:21 UTC
Created attachment 983 [details]
A tool to generate passwords that fail to decrypt in claws-mail on Linux
Created attachment 1502 [details]
Do not write truncated LDAP passwords
I have had another look at this bug. The issue happens because
quoted printable encoding is used on obfuscated password. I have
changed it to use base64 and it works fine for my previously
problematic pasword.
The fix should support existing obfuscated passwords in
addrbook--index.xml file. Whenever a new LDAP password is set it will
be encoded using base64.
Old style passwords are marked with !|, new style uses !!. I
have not tested what happens when one has ! as a first character
in their LDAP password.
The 3.14.0 release implements a completely new password storage backend. |