[#8143] SHA encryption incompatible with Toltec connector
Summary SHA encryption incompatible with Toltec connector
Queue Kolab
Type Bug
State Assigned
Priority 1. Low
Owners wrobel@horde.org
Requester hopfgartner@marcher.at
Created 2009-04-02 (3824 days ago)
Due
Updated 2009-04-02 (3824 days ago)
Assigned 2009-04-02 (3824 days ago)
Resolved
Milestone
Patch No

Comments
hopfgartner@marcher.at 2009-04-02 08:16:23
as defined in "passwd/lib/Driver/kolab.php",

SHA encryption is used for storing the user_password in LDAP.



Since we use Toltec and it uses PLAIN encryption, this is incompatible.





         // And finally change the password.

         $new_details['userPassword'] = '{sha}' .

             base64_encode(pack('H*', sha1($new_password)));



         if (!ldap_mod_replace($ds, $userdn, $new_details)) {

             return PEAR::raiseError(ldap_error($ds));

         }





In backends.php I've defined the following, but since encryption is 
hardcoded into the Kolab-Driver this won't work:



$backends['kolab'] = array(

     'name' => 'Local Kolab Server',

     'preferred' => '',

     'password policy' => array(

         'minLength' => 3,

         'maxLength' => 8

     ),

     'driver' => 'kolab',

     'params' => array(

             'encryption' => 'plain'

             )

);







hopfgartner@marcher.at 2009-04-02 09:24:23
See the hardcode patch, I've made on it, to work.

I think, the better solution would be to use backends.php "param" value.



         // And finally change the password.

         //$new_details['userPassword'] = '{sha}' .

         //    base64_encode(pack('H*', sha1($new_password)));





         $new_details['userPassword'] = $new_password;