PacketFence
Bug Tracking System

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0001569PacketFencesecuritypublic2012-10-15 10:522012-10-19 10:58
Reporterfdurand 
Assigned Tofgaudreault 
PrioritynormalSeveritymajorReproducibilityalways
StatusresolvedResolutionno change required 
PlatformLinuxOSOS Version
Product Version3.5.1 
Target VersionFixed in Version 
Summary0001569: Htaccess problem with password superior to 8 caracters
DescriptionWith htaccess authentication, packetfence just check the first 8 caracters.
Steps To ReproduceAdd a user in users.conf with a password more than 8 caracters and try to logging with only the first 8 caracters. It will match.
TagsNo tags attached.
fixed in git revision
fixed in mtn revision
Attached Files

- Relationships

-  Notes
(0003118)
fgaudreault (viewer)
2012-10-17 13:33

It's a limitation of the upstream algorithm. The only thing we can do is... dropping htpasswd :P
(0003123)
fgaudreault (viewer)
2012-10-19 10:58

We cannot do anything about it, it's a limitation of the htpasswd algorithm.

- Issue History
Date Modified Username Field Change
2012-10-15 10:52 fdurand New Issue
2012-10-17 13:33 fgaudreault Note Added: 0003118
2012-10-19 10:58 fgaudreault Note Added: 0003123
2012-10-19 10:58 fgaudreault Status new => resolved
2012-10-19 10:58 fgaudreault Resolution open => no change required
2012-10-19 10:58 fgaudreault Assigned To => fgaudreault


Copyright © 2000 - 2012 MantisBT Group
Powered by Mantis Bugtracker