Error with special characters in users passwords

Bug #1042263 reported by Guillaume
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
mod-auth-mysql (Ubuntu)
New
Medium
Unassigned

Bug Description

Hello,

I'm running Ubuntu server 10.04 AMD64 with libapache2-mod-auth-mysql (4.3.9-12ubuntu1).
Encryption is set to PHP_MD5.

Accounts passwors are md5 encoded using PHP and stored in a mysql database (5.1.63-0ubuntu0.10.04.1).
The database is in UTF-8 (utf8_general_ci) so the mysql connection.

If, a password doesn't contain any special caracter (accentued one : eg. àéèùïë ...), auth will work fine.
It it contain one or more, it doesn't work (auth is refused).

I tested the auth using PHP and MD5, but it seems that auth-mysql PHP_MD5 either doesn't like special chars and/or utf-8.

I can't upgrade this server to precise yet so I don't know if it works under Ubuntu 12.04 but looking at the changelog, it shouldn't work as well.

Is there a way to fix it ?

EDIT: Problem still occurs on Ubuntu server 12.04 AMD 64 with libapache2-mod-auth-mysql 4.3.9-13ubuntu3 and mysql server 5.5.24-0ubuntu0.12.04.1.

Regards,

Guillaume

Guillaume (e1msih)
description: updated
description: updated
Revision history for this message
Guillaume (e1msih) wrote :

Ok, it's not ubuntu/server related.

With Chrome, the htaccess auth will work just fine with accentued characters in the password field.
With Firefox (14 and superior) it won't work.
With IE9, it won't work either.

What could be causing this problem ?
Would this still be related to mod-auth-mysql in any way ?

Revision history for this message
Guillaume (e1msih) wrote :

And if I specify the auth parameter in the url, like http://user:passwod@ip it will work regardless the browser used.

Dave Walker (davewalker)
Changed in mod-auth-mysql (Ubuntu):
importance: Undecided → Medium
Revision history for this message
Guillaume (e1msih) wrote :

Ok, I finally found time to upgrade a vm to precise and the problem still occurs :)

description: updated
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.