On 25 Jul 2006, at 10:33, 3APA3A wrote:
Dear Josh Howlett,
ntpwdhash currently only supports ASCII (7-bit) passwords and this is documented. Common 8-bit implementation with character sets support is extreamaly hard because of different charsets support on different platforms. E.g. most *nix systems use KOI8-r encoding for Russian, while Microsoft uses Windows-1251 as ANSI and cp866 as OEM encoding. Most simple implementation is to insert translation table from 8-bit charset you are going to use to 16-bit little endian Unicode in ntpwdhash code itself.
Thanks 3APA3A, this confirms what I thought.
As for UTF-8 - yes, it's possible and it's easy to implement translation from UTF-8 to unicode within ntpwdhash,
Is iconv() the best approach?
but it's not clear how to store and mark UTF-8 attributes within FreeRADIUS.
Okay, but in the context of rlm_mschap only, we don't have to worry about this - right? best regards, josh.
--Tuesday, July 25, 2006, 12:51:16 PM, you wrote to freeradius- devel@lists.freeradius.org:
JH> I don't think that the ntpasswd function in smbencrypt.c is safe with JH> multi-byte character encodings, such as UTF-8.
JH> I think that the problem is in the conversion of the password to JH> Unicode, for the construction of the NT hash. The function assumes a JH> single-byte character-set encoding (which works fine for Latin1, etc) JH> but not for multi-byte encodings such as UTF-8.
JH> I'm not quite sure what the best approach to fix this is; does anyone JH> have any suggestions?
JH> best regards, josh.
JH> Josh Howlett, Networking Specialist, University of Bristol. JH> email: josh.howlett@bristol.ac.uk | phone: +44 (0)7867 907076 | JH> internal: 7850
JH> - JH> List info/subscribe/unsubscribe? See JH> http://www.freeradius.org/list/devel.html
-- ~/ZARAZA Да, ему чертовски повезло. Эх и паршиво б ему пришлось если бы он выжил! (Твен)
Josh Howlett, Networking Specialist, University of Bristol. email: josh.howlett@bristol.ac.uk | phone: +44 (0)7867 907076 | internal: 7850