[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLdap Clear-text Password in Debug Mode
- To: openldap-technical@openldap.org
- Subject: OpenLdap Clear-text Password in Debug Mode
- From: Rich Alford <ralford100@gmail.com>
- Date: Mon, 30 Nov 2015 14:20:44 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=icDn4Mry6M+QN3uEwdMx6Xlk/gfpPI+lm2J/z4wFE40=; b=S2Jf9Nmg+S107L7MK4w9V6kOb7pDdXBgvTMXNAoQjCbV7SZ8/+emKOfrTVESBrN9KB pNCKOIRGgyvb+5sFeL3HoJO6bwhymeYxwLfjQDzc/4nLAD7PngyGv290HbVB6aWfP45V jW+6vmVKmBLFJS4Qh6ohOonxO/CVZCNHALvxYTbAJkd3wI5WgeN3gw1FrHY1nH6jTZpO VdsNoC2qWUoywanxSHu8arkABXKyYPRTsoJQZqD4PyUDXms4853fx4MdbYDaKJa0VXKr JKZJWunlyCghnkxP0kDxvq1cl14Vnw5CN1IQASLCluQ9bJZfws/HTzL9s5T0UnTzak8M +bXA==
Hi All:
I'm not sure if this issue results from my ignorance of OpenLdap, or it's not
capable of resolving. Regardless, any direction you can provide would be
greatly appreciated:
I have a basic OpenLdap installation with TLS encryption. Passwords are
hashed in the ldap directory. The user password travels from client to server
encrypted as it should, then gets unencrypted by slapd, and IF IN DEBUG MODE
gets displayed in *clear-text*. Theoretically, the password should be
hashed on the client, sent across the network, to be compared against the
hashed passwords in the database.
What am I missing??
Thank you,
Rich