[paramiko] paramiko handling UTF-8
David Guerizec
david at guerizec.net
Tue Jan 22 01:12:33 PST 2008
Le Sunday 20 January 2008 22:41:10 Robey Pointer, vous avez écrit :
> On 12 Jan 2008, at 7:17, David Guerizec wrote:
> > Hello,
> >
> > Does anybody know what's the reason why paramiko is converting
> > passwords to
> > UTF-8 before sending them on the network ?
> >
> > I have seen that sometimes this is not what servers want, since
> > passwords can
> > be in any charsets.
>
> It looks like this is part of the SSH standard. RFC 4252 says, on page
> 10:
>
> Note that the ’plaintext password’ value is encoded in ISO-10646
> UTF-8. It is up to the server how to interpret the password and
> validate it against the password database. However, if the client
> reads the password in some other encoding (e.g., ISO 8859-1 - ISO
> Latin1), it MUST convert the password to ISO-10646 UTF-8 before
> transmitting, and the server MUST convert the password to the
> encoding used on that system for passwords.
>
> So it looks like at least I didn't make it up. :)
OK, I didn't see that. Well, in that case it seems that openssh doesn't follow
exactly the RFC, as I cannot login with an accentuated password if my term is
not in the right encoding...
> If some servers are expecting a different encoding, we could make
> auth_handler only do UTF-8 encoding on unicode strings. So if you
> passed in a string pre-encoded into a str (=bytes), it wouldn't change
> the encoding. Would that work?
I didn't have time to try this, but I guess that would work.
Regards,
--
David Guerizec
http://sshproxy-project.org/
More information about the paramiko
mailing list