Results 1 to 5 of 5

Thread: Passwords

Hybrid View

  1. #1
    Join Date
    Nov 2005
    Posts
    51
    Rep Power
    9

    Default Passwords

    Are there any charecter retriction, or length restrictions inherient in any area of zimbra... I'm asking because I'm reimplementing the getRandomPass sub in zmsetup as it hangs randomly in gentoo. Right now I'm using [A-Za-z0-9] and _-% # | for charecters with a defaultly 20 charecter long password. Will this break anything?

    Thanks,
    Ben

    BTW I'm working on porting the current CVS to a typical compiled rpm release for i686 Gentoo.

    Edit: Apparently % and | are no, no's
    Last edited by unilogic; 04-17-2006 at 09:31 PM.

  2. #2
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Might be best to keep the same list of chars we use today. I don't have that sub in front of me or do we call something else?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  3. #3
    Join Date
    Nov 2005
    Posts
    51
    Rep Power
    9

    Default

    You call the com.zimbra.cs.util.RandomPassword java class. Any idea were I can actually find the code for that class and see what its doing and why it hangs.
    Thanks,
    Ben

  4. #4
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    10

  5. #5
    Join Date
    Nov 2005
    Posts
    51
    Rep Power
    9

    Default

    For those interested I wrote this simple little password generator in perl to take place of the RandomPassword java class which seems to take its sweet time on random occassions. The code in part is originally from http://www.cgi-interactive-uk.com/ra...generator.html. I placed it in /opt/zimbra/bin and called it from zmsetup when needed. Works like a champ. There shouldn't be any problems with security. Although the password isn't truly random. Its pretty close though as the salt is never used twice, at least it shouldn't be since time is always increasing. On a side note, I have all services except tomcat running in gentoo. On a side, side note, if you ever do a cvs build use the default versions for third party apps... Itís a pain in the butt upgrading all the scripts for the new versions.

    Ben


    Code:
    #!/usr/bin/perl -w
    sub genRandomPass {
    
            my $password;
            my $_rand;
    
            my $password_min = $_[0];
            my $password_max = $_[1];
            
            if (!$password_min) {
              $password_min = 8;
            }
            if (!$password_max) {
                $password_max = 10;
            }
            
            if ( $password_max <= $password_min ) {
              print "Error: The password max length must be greater then the password min length\nUsage: zmpassgen <Max Length> <Min Length>";
              exit 1;
            }
            $range = $password_max - $password_min;
            srand(time() ^($$ + ($$ <<25)));
            my $password_length = int(rand($range)) + $password_min;
    
            my @chars = split(" ", "A B C D E F G H I J K L M N O P Q R S T U V W X Y Z a b c d e f g h i j k l m n o p q r s t u v w x y z _ . 0 1 2 3 4 5 6 7 8 9");
            
            srand(time() ^($$ + ($$ <<25)));
            for (my $i=0; $i <= $password_length ;$i++) {
                    $_rand = int(rand 64);
                    $password .= $chars[$_rand];
            }
            return $password;
    } 
    print genRandomPass($ARGV[0],$ARGV[1]);
    Last edited by unilogic; 04-19-2006 at 04:05 PM.

Similar Threads

  1. Migrating users with imapsync... without passwords?
    By misleb in forum Installation
    Replies: 6
    Last Post: 08-12-2007, 08:03 AM
  2. migration without passwords
    By alam in forum Migration
    Replies: 4
    Last Post: 07-31-2007, 10:15 AM
  3. Migrating Accounts from LDAP with {crypt} Passwords
    By shanson in forum Administrators
    Replies: 3
    Last Post: 03-11-2006, 03:09 PM
  4. Dump users & passwords
    By avisser in forum Administrators
    Replies: 1
    Last Post: 02-17-2006, 02:17 PM
  5. Migrating Accounts from LDAP with Encrypted Passwords
    By andreychek in forum Administrators
    Replies: 3
    Last Post: 12-16-2005, 02:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •