non-ascii password in kerberos authentication
Xu Qiang
Qiang.Xu at fujixerox.com
Thu Nov 1 01:50:18 EDT 2007
> -----Original Message-----
> From: Sam Hartman [mailto:hartmans at mit.edu]
> Sent: Wednesday, October 31, 2007 10:35 PM
> To: Xu Qiang
> Cc: jaltman at secure-endpoints.com; Su Huang (FXSGSC) Yi; Ken
> Raeburn; krbdev at MIT.EDU
> Subject: Re: non-ascii password in kerberos authentication
>
>
> See src/lib/crypto/arcfour/arcfour_s2k.c.
Good news, Sam. It works now.
The code Suhuang changed is as follows:
==========================================================
static void asctouni(unsigned char *unicode, unsigned char *ascii, size_t len)
{
size_t counter;
for (counter=0;counter<len;counter++) {
if (ascii[counter]==0xA4) { /* change the currency sign to euro sign, with little endian byte order */
unicode[2*counter]=0xAC;
unicode[2*counter + 1]=0x20;
}
else { /* original */
unicode[2*counter]=ascii[counter];
unicode[2*counter + 1]=0x00;
}
}
}
==========================================================
The light you shedding is crucial to solve this problem for us.
> If internationalization is important to you, you should consider
> joining the Kerberos Consortium and funding development of Kerberos
> internationalization. Currently I' have not seen a lot of interest in
> funding that work.
Although in administration we belong to FujiXerox, our printers using MIT code is from Xerox Corp in the United States. And Stephen has contacted Xerox CTO on this issue.
Suhuang and I are only small small engineers at the end of hierarchy.
Thank you so much,
Xu Qiang
More information about the krbdev
mailing list