ntpasswd not UTF-8 safe?
josh.howlett at bristol.ac.uk
Tue Jul 25 11:57:22 CEST 2006
On 25 Jul 2006, at 10:33, 3APA3A wrote:
> Dear Josh Howlett,
> ntpwdhash currently only supports ASCII (7-bit) passwords and
> this is
> documented. Common 8-bit implementation with character sets
> support is
> extreamaly hard because of different charsets support on
> platforms. E.g. most *nix systems use KOI8-r encoding for Russian,
> Microsoft uses Windows-1251 as ANSI and cp866 as OEM encoding.
> simple implementation is to insert translation table from 8-bit
> you are going to use to 16-bit little endian Unicode in ntpwdhash
Thanks 3APA3A, this confirms what I thought.
> As for UTF-8 - yes, it's possible and it's easy to implement
> translation from UTF-8 to unicode within ntpwdhash,
Is iconv() the best approach?
> but it's not clear
> how to store and mark UTF-8 attributes within FreeRADIUS.
Okay, but in the context of rlm_mschap only, we don't have to worry
about this - right?
best regards, josh.
> --Tuesday, July 25, 2006, 12:51:16 PM, you wrote to freeradius-
> devel at lists.freeradius.org:
> JH> I don't think that the ntpasswd function in smbencrypt.c is
> safe with
> JH> multi-byte character encodings, such as UTF-8.
> JH> I think that the problem is in the conversion of the password to
> JH> Unicode, for the construction of the NT hash. The function
> assumes a
> JH> single-byte character-set encoding (which works fine for
> Latin1, etc)
> JH> but not for multi-byte encodings such as UTF-8.
> JH> I'm not quite sure what the best approach to fix this is; does
> JH> have any suggestions?
> JH> best regards, josh.
> JH> Josh Howlett, Networking Specialist, University of Bristol.
> JH> email: josh.howlett at bristol.ac.uk | phone: +44 (0)7867 907076 |
> JH> internal: 7850
> JH> -
> JH> List info/subscribe/unsubscribe? See
> JH> http://www.freeradius.org/list/devel.html
> Да, ему чертовски повезло. Эх и
> паршиво б ему пришлось если бы он
> выжил! (Твен)
Josh Howlett, Networking Specialist, University of Bristol.
email: josh.howlett at bristol.ac.uk | phone: +44 (0)7867 907076 |
More information about the Freeradius-Devel