debian/ubuntu php 5.3 crypt problem

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

debian/ubuntu php 5.3 crypt problem

nksupport
hi list!

probably encountered by many, and mentioned a few times on this mailing
list, but AFAIK never actually fixed - i just downloaded the latest
stable release 2.0.1 and tried it with PHP 5.3.6-13ubuntu3.3 in Ubuntu
11.10.

Create the default DB, log in with siteadmin/CHANGE, change the
password. It fails right away and won't let you in any more.

The below thread mentions a hack to disable salt. Doesn't seem like the
right thing to do, and didn't help me either.

http://users.exim4u.org/Fwd-Re-crypt-field-not-been-populated-during-user-creation-td2796396.html 




A short dig into the code shows that crypt_password('any string') with
the default MD5 method returns a 200 symbol line instead of the old 48
symbols, probably due to the new MD5 code in PHP 5.3.

The problem here is the default exim4u database schema:

         crypt            varchar(48)                       default NULL,

The default field size is simply too short - the new encrypted password
was not saved properly, which killed it.

Increase crypt to varchar(255) and it'll work right away. No code
hacking necessary.

I believe this should be updated in the installation SQL file as well.

Regards, Nick Keefen, NK Support
http://www.nksupport.com/

_______________________________________________
users mailing list
[hidden email]
https://exim4u.org/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: debian/ubuntu php 5.3 crypt problem

gldickens3
Administrator
Hi Nick,

Thanks for the email and suggestions.  I will be investigating your
recommendations and will definitely consider implementing them into the
Exim4U trunk.  However, FWIW, I just completed a Debian installation
last week and I did not encounter these issues at all.
My recent Debian install is on Debian 6.0 Squeeze with PHP 5.3.3-7 and
the installation went perfectly without the problems that you reported.  
Previously, I have also completed installations with
RedHat/CentOS/Scientific Linux 5.X, FreeBSD 8.0 and Ubuntu 10.04 without
encountering these issues.  So, I am mystified how/why some folks are
running into this issue and some are not.  Could it possibly be
differences in our php configurations, php.ini, etc...  Its hard to fix
something that I have been unable to reproduce.

In any event, thanks again for the suggestions.  It may be worth
implementing if it does indeed avoid these problems for all installations.

Gordon



On 12/20/2011 08:44 AM, Nick Keefen wrote:

> hi list!
>
> probably encountered by many, and mentioned a few times on this mailing
> list, but AFAIK never actually fixed - i just downloaded the latest
> stable release 2.0.1 and tried it with PHP 5.3.6-13ubuntu3.3 in Ubuntu
> 11.10.
>
> Create the default DB, log in with siteadmin/CHANGE, change the
> password. It fails right away and won't let you in any more.
>
> The below thread mentions a hack to disable salt. Doesn't seem like the
> right thing to do, and didn't help me either.
>
> http://users.exim4u.org/Fwd-Re-crypt-field-not-been-populated-during-user-creation-td2796396.html
>
>
>
>
> A short dig into the code shows that crypt_password('any string') with
> the default MD5 method returns a 200 symbol line instead of the old 48
> symbols, probably due to the new MD5 code in PHP 5.3.
>
> The problem here is the default exim4u database schema:
>
>           crypt            varchar(48)                       default NULL,
>
> The default field size is simply too short - the new encrypted password
> was not saved properly, which killed it.
>
> Increase crypt to varchar(255) and it'll work right away. No code
> hacking necessary.
>
> I believe this should be updated in the installation SQL file as well.
>
> Regards, Nick Keefen, NK Support
> http://www.nksupport.com/
>
> _______________________________________________
> users mailing list
> [hidden email]
> https://exim4u.org/mailman/listinfo/users


_______________________________________________
users mailing list
[hidden email]
https://exim4u.org/mailman/listinfo/users
Reply | Threaded
Open this post in threaded view
|

Re: debian/ubuntu php 5.3 crypt problem

gldickens3
Administrator
In reply to this post by nksupport
Hi Nick,

I have incorporated your recommended changes to the schema in the trunk
here:

http://exim4u.org/svn/exim4u_src/trunk/mysql_setup/mysql.sql

I have also added a script to update existing installations:

http://exim4u.org/svn/exim4u_src/trunk/mysql_migrate/mysql_expand_crypt.sql

Thanks for the feedback and recommendations!

Gordon


On 12/20/2011 08:44 AM, Nick Keefen wrote:

> hi list!
>
> probably encountered by many, and mentioned a few times on this mailing
> list, but AFAIK never actually fixed - i just downloaded the latest
> stable release 2.0.1 and tried it with PHP 5.3.6-13ubuntu3.3 in Ubuntu
> 11.10.
>
> Create the default DB, log in with siteadmin/CHANGE, change the
> password. It fails right away and won't let you in any more.
>
> The below thread mentions a hack to disable salt. Doesn't seem like the
> right thing to do, and didn't help me either.
>
> http://users.exim4u.org/Fwd-Re-crypt-field-not-been-populated-during-user-creation-td2796396.html
>
>
>
>
> A short dig into the code shows that crypt_password('any string') with
> the default MD5 method returns a 200 symbol line instead of the old 48
> symbols, probably due to the new MD5 code in PHP 5.3.
>
> The problem here is the default exim4u database schema:
>
>           crypt            varchar(48)                       default NULL,
>
> The default field size is simply too short - the new encrypted password
> was not saved properly, which killed it.
>
> Increase crypt to varchar(255) and it'll work right away. No code
> hacking necessary.
>
> I believe this should be updated in the installation SQL file as well.
>
> Regards, Nick Keefen, NK Support
> http://www.nksupport.com/
>
> _______________________________________________
> users mailing list
> [hidden email]
> https://exim4u.org/mailman/listinfo/users


_______________________________________________
users mailing list
[hidden email]
https://exim4u.org/mailman/listinfo/users