Web interface password -- characters permitted

Matt Broughton walterwego at macosx.com.invalid
Mon Jul 24 12:25:32 PDT 2006


In article <25988-cups.general at news.easysw.com>,
 Michael Sweet <mike at easysw.com> wrote:

> Matt Broughton wrote:
> > There was a recent thread on the Apple discussion boards about what 
> > characters are acceptable in a password.  It would appear that any 
> > "non-English" character used in password will not be accepted by the web 
> > interface authentication.  
> > 

> > Is this a limitation of the CUPS? 
> 
> My guess would be this is either a PAM bug on Mac OS X or an issue
> of the wrong encoding (character set) being used for the characters.
> 
> AFAIK, the HTTP spec doesn't discuss what character set is required,
> however all URIs need to use UTF-8 so I'd guess that the username and
> password should be passed as UTF-8, and the PAM module on OSX needs
> to convert the password from UTF-8 as needed (I don't know if they
> use UTF-8 or UTF-16 to do the actual password hash...)
> 
> There is also the issue of NFC vs NFD (and NFKC and NFKD)
> representations - a single character can be represented as a base
> character + zero or more composition characters.
> 
> Anyways, I would file a bug report with Apple about this...

Thank you for your quick response and clarification.  I was not sure if 
it was a PAM issue, a CUPS issue, or a Mac OS issue.  A report has been 
filed with Apple.

Matt

-- 
Matt Broughton
Only relatives are absolute.




More information about the cups mailing list