[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: crypt´ed passwords ?



At 09:04 PM 2/7/01 +0100, aj-openldap-software@dungeon.inka.de wrote:
>i´m useing the current debian unstable slapd daeon.
>in the config file i wrote:
>password-hash SSHA
>
>so slapds should crypt the passwords, i thought.

slapd will hash passwords if one uses ldappasswd(1) or
other tool implementing the change password extended
operation.  Otherwise you need use a client which itself
provides the hashed value like was done in 1.2.

>i changed the password (via my php4-ldap core fragment:
>$entry["userPassword"]  =$HTTP_POST_VARS["pw1"];
>$r=@ldap_modify($ds,"cn=" . $PHP_AUTH_USER . ",$dn",$entry);
>
>but the passwort is stored in plaintext (search returns
>the password without any changes, no crypt).
>
>what did i do wrong ? am i supposed to store the password already
>crypt´ed ? is there a code fragment for php to do ssha crypt ?
>what crypt method is suggested if i´m programming in php ?

See the 1.2 faq for details on how to implement client
side hashing.

Kurt