[Date Prev][Date Next] [Chronological] [Thread] [Top]

Debian Linux: Auth fails with 8char salt and --with-tls

To: OpenLDAP-Software <openldap-software@OpenLDAP.org>
Subject: Debian Linux: Auth fails with 8char salt and --with-tls
From: Shanker Balan <shanu@exocore.com>
Date: Fri, 1 Feb 2002 15:33:07 +0530
Content-disposition: inline
Organisation: Exocore Consulting (P) Ltd <http://www.exocore.com>
User-agent: Mutt/1.3.27i

Hello:

I am maintaining {crypt} passwords with an 8 character salt for
authentication.

The Debian OpenLDAP packages don't come with TLS support. If i recompile
the openldap2 deb with --with-tls then auth fails. Manager (rootdn) logins 
also fail if TLS is compiled in.

All the other hashing schemes work fine with TLS including clear-text
passwords and this seems to be happening _only_ on Debian systems. I
recompiled it on another debian box with the same result - auth fails. 

RedHat boxes don't exhibit this problem.

Even the OpenLDAP 2.0.21 tarballs compiled with TLS have the same
problem on the Debian boxes. This makes me wonder whether i have some
library issues.

This hash for "secret" with a 2 char salt (12) works with and
without TLS:

perl -e 'print("{CRYPT}".crypt("secret","12")."\n");'
{CRYPT}12FJgqDtVOg7Q

While this hash for "secret" with an 8 char salt (12345678) works only
without TLS:

$ perl -e 'print("{CRYPT}".crypt("secret","\$1\$12345678\$")."\n");'
{CRYPT}$1$12345678$hj0uLpdidjPhbMMZeno8X/

I am running Debian Unstable updated as of today and OpenLDAP 2.0.21
Debs. Can anyone explain whats happening here? Any other Debian user
seeing similar behavior?

Thank you for your time.

-- Shanu

-- 
All bridge hands are equally likely, but some are more equally likely
than others.
		-- Alan Truscott

Follow-Ups:
- Re: Debian Linux: Auth fails with 8char salt and --with-tls
  - From: Nalin Dahyabhai <nalin@redhat.com>

Prev by Date: RE: AD to OpenLDAP
Next by Date: Re: openldap installation
Index(es):
- Chronological
- Thread