Fri, 10 Apr 2026 02:41:26 +0000 https://bugs.horde.org/ticket/1998 Ldap backend crypt-des instead of crypt encryption Hello, Please excuse my poor english, i will try to explain as precisely as possible Context : I am using debian/testing for our Academic webmail it is based on Horde2, IMP3 ... and sork-passwd Users are authentificated with IMAP and changes are applied in a LDAP backend (Netscape-SUN / iplanet) Events : Yesterday i decided to upgrade (lots of package including sork-passwd) Problem raised this morning : users passwd accepted to be changed but users never can login again after passwd change Problem cause: default encryption is now crypt-des and not crypt as before (no break in case 'crypt' instruction in /usr/share/horde2/passwd/lib/Driver.php) and passwd are no more readable in this format My solution: I have a look to the source php and find some differences with the working version, I made a patch and it is working now. Using crypt-des is a good thing but it should not the default behaviour when using the crypt parameter. I would have like to decide to apply or not. my working version is Driver.php and Driver.php.deb is the one from the debs webmail:/usr/share/horde2/passwd/lib# diff -U 7 Driver.php.deb Driver.php --- Driver.php.deb 2005-05-19 10:59:32.000000000 +0200 +++ Driver.php 2005-05-19 11:09:49.000000000 +0200 @@ -99,14 +99,20 @@ } break; case 'md5-base64': if ($encrypted == base64_encode(mHash(MHASH_MD5, $plaintext))) { return true; } break; case 'crypt': + $encrypted = substr($encrypted, 7); + $salt = substr($encrypted , 0, 2); + if ($encrypted == crypt($plaintext, $salt)) { + return true; + } + break; case 'crypt-des': $encrypted = preg_replace('|^{crypt}|', '', $encrypted); $salt = substr($encrypted, 0, 2); if ($encrypted == crypt($plaintext, $salt)) { return true; } break; @@ -166,14 +172,17 @@ switch ($this->_params['encryption']) { case "plain": break; case "sha": $newPassword = "{SHA}" . base64_encode(mHash(MHASH_SHA1, $newPassword)); break; case 'crypt': + // The salt is left out, generated by php + $newPassword = "{crypt}" . crypt($newPassword); + break; case 'crypt-des': $salt = substr(md5(mt_rand()), 0, 2); $newPassword = crypt($newPassword, $salt); break; case 'crypt-md5': $salt = '$1$' . substr(md5(mt_rand()), 0, 8) . '$'; $newPassword = crypt($newPassword, $salt); Hope it will help, Anyway, congratulation for your excellent job on this project, Laurent Le Moine laurent.le-moine@ac-dijon.fr Rectorat de l'Académie de Dijon (France) Thu, 19 May 2005 10:02:01 +0000 https://bugs.horde.org/ticket/1998#t8339 (maintainer of Debian package speaking) Drivers.php doesn't contain any Debian-specific changes in the Debian package. Patch should thus apply cleanly to your version. Waiting for your comments on the patch to integrate it into the Debian package. Thu, 19 May 2005 12:18:46 +0000 https://bugs.horde.org/ticket/1998#t8342 The code is drastically different in CVS. Please see if you have the same issue with the current code. Sat, 21 May 2005 04:14:25 +0000 https://bugs.horde.org/ticket/1998#t8402 No feedback. Mon, 11 Jul 2005 10:15:26 +0000 https://bugs.horde.org/ticket/1998#t9635