[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: userPassword compare fix

To: lukeh@padl.com
Subject: Re: userPassword compare fix
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Sat, 28 Jan 2006 15:56:47 -0800
Cc: paolo.meschi@gmail.com, openldap-devel@OpenLDAP.org
In-reply-to: <200601282336.k0SNaqLM059693@au.padl.com>
References: <aa7373470601240750h6aea1278j@mail.gmail.com> <7.0.0.16.0.20060124094033.03912538@OpenLDAP.org> <43D682E9.4040509@boreham.org> <aa7373470601250520l13af1dd3w@mail.gmail.com> <7.0.0.16.0.20060125172354.0222c3b0@OpenLDAP.org> <39826.131.175.154.56.1138369079.squirrel@131.175.154.56> <aa7373470601280919q417b0689n@mail.gmail.com> <200601282336.k0SNaqLM059693@au.padl.com>

At 03:36 PM 1/28/2006, Luke Howard wrote:

>>With this overlay a user can compare a cleartext value to an hashed
>>userPassword value but also can compare the hashed value to the
>>userPassword. (So he could check also if "{crypt}qWe2pXud183" is the
>>stored password)
>
>Might be nicer to handle the latter case using SLAP_CB_CONTINUE.

Both parts of the compare should be done in the same transaction
to preserve X.500/LDAP ACID properties.

-- Kurt

Follow-Ups:
- Re: userPassword compare fix
  - From: "Oni (Paolo Meschi)" <paolo.meschi@gmail.com>

References:
- userPassword compare fix
  - From: "Oni (Paolo Meschi)" <paolo.meschi@gmail.com>
- Re: userPassword compare fix
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: userPassword compare fix
  - From: David Boreham <david_list@boreham.org>
- Re: userPassword compare fix
  - From: "Oni (Paolo Meschi)" <paolo.meschi@gmail.com>
- Re: userPassword compare fix
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: userPassword compare fix
  - From: "Pierangelo Masarati" <ando@sys-net.it>
- Re: userPassword compare fix
  - From: "Oni (Paolo Meschi)" <paolo.meschi@gmail.com>
- Re: userPassword compare fix
  - From: Luke Howard <lukeh@padl.com>

Prev by Date: Re: userPassword compare fix
Next by Date: Re: userPassword compare fix
Index(es):
- Chronological
- Thread