[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Antw: Re: Openldap support SHA-256 or SHA-3.
>>> Quanah Gibson-Mount <quanah@symas.com> schrieb am 14.01.2020 um 17:01 in
Nachricht <AF994E73E7CA71E6735A3267@[192.168.1.144]>:
>
> ‑‑On Tuesday, January 14, 2020 9:08 AM +0100 Ulrich Windl
> <Ulrich.Windl@rz.uni‑regensburg.de> wrote:
>>> The OS is completely and utterly irrelvant to the discussion. It has no
>>> knowledge of the internal hashing mechanism used by OpenLDAP.
>>
>> So you are assuming all systems are using the extended operation to
>> authenticate? Acually I've see code that reads the LDAP user's password
>> and then "combines" that with a password the user has entered.
>> In the former case the password encoding matters. I'm not saying the
>> pattern is good, but I've seen it.
>
> Then the application is dependent on clear text passwords, not hashed
> passwords, and again is irrelevant to this discussion.
If it were cleartext, there would not be issues with the hash algorithm used
IMHO.
No, we were talking about SSHA and sucessors.
>
> ‑‑Quanah
>
>
> ‑‑
>
> Quanah Gibson‑Mount
> Product Architect
> Symas Corporation
> Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
> <http://www.symas.com>