[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Debian Linux: Auth fails with 8char salt and --with-tls
On Fri, Feb 01, 2002 at 03:33:07PM +0530, Shanker Balan wrote:
> I am maintaining {crypt} passwords with an 8 character salt for
> authentication.
>
> The Debian OpenLDAP packages don't come with TLS support. If i recompile
> the openldap2 deb with --with-tls then auth fails. Manager (rootdn) logins
> also fail if TLS is compiled in.
>
> All the other hashing schemes work fine with TLS including clear-text
> passwords and this seems to be happening _only_ on Debian systems. I
> recompiled it on another debian box with the same result - auth fails.
>
> RedHat boxes don't exhibit this problem.
>
> Even the OpenLDAP 2.0.21 tarballs compiled with TLS have the same
> problem on the Debian boxes. This makes me wonder whether i have some
> library issues.
The version of libcrypto (from OpenSSL) which you're linking with
probably provides a function named "crypt" which doesn't perform the
md5-style crypt(). The version of "crypt" in libcrypt (from glibc)
does. Either force slapd to link with -lcrypt before -lcrypto, or
get libcrypto to stop providing the function, either by renaming it
or removing it altogether, and it should work properly.
HTH,
Nalin