[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: password-hash {CLEARTEXT} with slapd 2.3.7
søn, 11.09.2005 kl. 13.01 skrev Adam Pordzik:
> Pierangelo Masarati wrote:
> > The code where the {CLEARTEXT} scheme is defined differs from that of
> > other schemes because the berval that contains the scheme name
> > intentionally has 0 length; I guess this was a hack to allow no scheme
>
> Do you mean liblutil/passwd.c ?
>
> > and {CLEARTEXT} somehow appear as the same scheme, but it broke at some
> > point. I'm not sure if setting that length to the actual length of
> > {CLEARTEXT} will break anything else, but it'll surely fix this issue.
> > I'd leave this to someone else.
>
> Sorry, I cannot locate the point, I don't know the sources good enough
> yet. Is there a blueprint, or map, helping me orient in the code?
>
> If you agree this as a bug, I'll drop an ITS on that.
>
> Tony, I dont understand what you want telling me: Omitting any password-hash
> defaults for me to SSHA. What is the way you use what?
I use {CLEARTEXT} as standard, since I use SASL MD5 auth. On my test rig
(only a few users, OL 2.3.7) I add a new user with ldapadd and his
(pete's) password is automatically coded in {CLEARTEXT}. Even though
I've had to comment out the line in slapd.conf for slapd to start at
all.
Why this is, I don't know.
> Samuel, what did you misconfigured? changes.txt mentions ITS#3846 in 2.3.5
> but there is to text on this ITS any more.
I should file an ITS, if I were you. It just doesn't affect this
particular rig.
--Tonni
--
mail: billy@billy.demon.nl
http://www.billy.demon.nl