View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0004137 | SOGo | Backend General | public | 2017-04-09 15:40 | 2018-04-27 12:56 |
| Reporter | skrupellos | Assigned To | ludovic | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | resolved | Resolution | fixed | ||
| Product Version | 3.2.8 | ||||
| Fixed in Version | 3.2.9 | ||||
| Summary | 0004137: Lockout after password change using sha256-crypt/sha512-crypt (at least with OpenLDAP backend) | ||||
| Description | A user can lock it self out by changing their password. | ||||
| Steps To Reproduce | 1) Use an OpenLDAP authentication backend. 2) Configure: 3) Login 4) Change password 5) Logout ... now you can't login again. | ||||
| Additional Information | this is caused, because the LDAP attribute "userPassword" is set to "{sha512-crypt}$6$...". Correct would be "{crypt}$6$...", at least for OpenLDAP. See https://github.com/Skrupellos/sogo-patches/blob/v3.2.8/05-fix_crypt.patch for minimal fix. Maybe other authentication sources also need this kind of fix. | ||||
| Tags | No tags attached. | ||||
|
sogo: master 63cb8014 2017-05-08 10:44 Details Diff |
(fix) make sure to use crypt as the scheme for md5/sha256/sha512 (fixes 0004137) |
Affected Issues 0004137 |
|
| mod - SoObjects/SOGo/LDAPSource.m | Diff File | ||
| mod - SoObjects/SOGo/SQLSource.m | Diff File | ||
|
sogo: v2 c3121c50 2017-05-08 10:44 Details Diff |
(fix) make sure to use crypt as the scheme for md5/sha256/sha512 (fixes 0004137) |
Affected Issues 0004137 |
|
| mod - SoObjects/SOGo/LDAPSource.m | Diff File | ||
| mod - SoObjects/SOGo/SQLSource.m | Diff File | ||
|
sogo: master b0e59f9a 2018-04-27 08:55 Details Diff |
Revert "(fix) make sure to use crypt as the scheme for md5/sha256/sha512 (fixes 0004137)" This reverts commit 63cb80142b1dcdb581ace018a5c715ed42a73eab. |
Affected Issues 0004137 |
|
| mod - SoObjects/SOGo/LDAPSource.m | Diff File | ||
| mod - SoObjects/SOGo/SQLSource.m | Diff File | ||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2017-04-09 15:40 | skrupellos | New Issue | |
| 2017-05-08 14:42 | ludovic | Note Added: 0011793 | |
| 2017-05-08 14:44 | ludovic | Changeset attached | => sogo master 63cb8014 |
| 2017-05-08 14:44 | ludovic | Assigned To | => ludovic |
| 2017-05-08 14:44 | ludovic | Resolution | open => fixed |
| 2017-05-08 14:45 | ludovic | Changeset attached | => sogo v2 c3121c50 |
| 2017-05-08 14:47 | ludovic | Status | new => resolved |
| 2017-05-08 14:47 | ludovic | Fixed in Version | => 3.2.9 |
| 2018-04-27 12:56 | ludovic | Changeset attached | => sogo master b0e59f9a |
