[Date Prev][Date Next] [Chronological] [Thread] [Top]

8-character limit on rootpw (ITS#323)



Full_Name: Walt Weber
Version: 1.2.7
OS: Solaris
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (207.124.96.30)


If slapd.conf is configured with a rootpw entry which exceeds 8 characters in
length, that password cannot be passed correctly using the -W argument to
ldapadd.

Processing of -W is done via getpass(3c), which is documented to pass only the
first 8 characters entered via the keyboard. This behavior differs from the
processing of the "-w <password>" argument, which uses strdup() and thus will
accept arbitrarily long strings.

The failure mode for ldapadd is terse - after accepting the password, it will
print the error message "ldap_bind: No such object" and exit.

Documentation on getpass() was checked under Solaris 2.5, HP/UX 10.20, and on
Irix 6.5 . Under Solaris 2.6, it is documented to return up to 256 characters.
Ain't standards grand ??? *grin*