Skip to content
Snippets Groups Projects
Select Git revision
0 results
Search by author
  • Any Author
0 authors
  1. Aug 30, 2021
    • Julian's avatar
      Restrict password alphabet to SASLprep-safe ASCII subset · cb2d7f35
      Julian authored 
      Prior to this change user passwords were not validated on change aside from
their length, but validated on login/bind by ldap3 with SASLprep. Instead of
using SASLprep on password change, this change restricts passwords to 7-bit
ASCII without control characters. Control characters are forbidden by
SASLprep. Multi-byte characters are uncommon in password, especially in those
generated by password managers. This ensures that passwords are always
SASLprep-safe without implementing the rather complex SASLprep algorithm. It
also allows us to fully describe the alphabet restrictions in the relevant
forms.

Fixes #100
      cb2d7f35
    • Julian's avatar
      Catch LDAPSASLPrepError on login · 3f6a67ea
      Julian authored 
      Ldap3 raises LDAPSASLPrepError on bind if the password contains characters
forbidden by SASLPrep (string preperation/normalization algorithm for user
names and passwords). Examples are carriage return ("\r") or newline ("\n")
characters. See #100.
      3f6a67ea
  3. Aug 14, 2021
  5. Jul 30, 2021
  7. Jul 29, 2021
  9. Jul 26, 2021
  11. Jul 23, 2021
  13. Jun 22, 2021
  15. Jun 17, 2021
  17. Jun 13, 2021
  19. Jun 12, 2021
  21. May 21, 2021
  23. May 15, 2021
  25. May 14, 2021
  27. May 11, 2021
  29. May 01, 2021
  31. Apr 05, 2021
  33. Mar 14, 2021
  35. Feb 27, 2021
  37. Feb 23, 2021
  39. Feb 19, 2021
  41. Feb 15, 2021
  43. Jan 29, 2021
  45. Nov 26, 2020
  47. Nov 04, 2020
  49. Nov 03, 2020
  51. Oct 26, 2020

Impressum - Datenschutzerklärung