[Date Prev][Date Next]
NS-MTA-MD5 broken in HEAD, RELENG_2_1, RELENG_2_2 (ITS#2899)
Full_Name: John Morrissey
Submission from: (NULL) (126.96.36.199)
The length check on passwd->bv_len for NS-MTA-MD5 hashes is incorrect. An
MS-MTA-MD5 password consists of 32 hex digits of MD5 hash (LUTIL_MD5_BYTES * 2)
followed by 32 hex digits of salt. Checking this 64-byte length for 32 bytes
causes authentication of this type of has to fail.
Patch is at http://horde.net/~jwm/software/misc/openldap-fix-nsmta-bustage.patch.
I chose to use LUTIL_MD5_BYTES*2+32 instead of LUTIL_MD5_BYTES*4 because I don't
think it's semantically correct to assume that the salt length correlates with
the length of an MD5 hash.