> From: Sam Varshavchik <[EMAIL PROTECTED]>
> Date: Sun, 24 Feb 2002 16:46:16 -0500
> To: [EMAIL PROTECTED]
> Subject: [courier-users] Re: webmail doesn't like asterisk in password?
>
> marc lindahl writes:
>
>> Has anyone used webmail (sqwebmail) with a password with an asterisk (*) in
>> it? I had a test account set up with a * in the password and couldn't sign
>> in with webmail - then I changed the password to have a '.' instead of a '*'
>> and it worked. I can also log into IMAP (or log into a shell) with the
>> '*'-containing password (indicating it's not PAM, etc.).
>>
>
> Yes. Certain characters in passwords are prohibited.
I found a function called badstr() in auth.c - it looks like it's being used
to qualify both the username in verifyuid() and username and password in
login() and login_changepwd().
My questions is:
Are there other places in other files where the password is being
checked/filtered?
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
