[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ask help about using the md5 password of openldap to cvs password

To: ËïÓñÐÂ <syx@dhc.com.cn>
Subject: Re: ask help about using the md5 password of openldap to cvs password
From: Wil Cooley <wcooley@nakedape.cc>
Date: Mon, 25 Mar 2002 10:57:09 -0800
Cc: openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <20020325193525.5D5A.SYX@dhc.com.cn>; from syx@dhc.com.cn on Mon, Mar 25, 2002 at 07:53:38PM +0800
Organization: Naked Ape Consulting <http://nakedape.cc>
References: <20020325193525.5D5A.SYX@dhc.com.cn>
User-agent: Mutt/1.2.5.1i

Also Sprach ËïÓñÐÂ <syx@dhc.com.cn> on Mon, Mar 25, 2002 at 03:53:38AM PST
> In my system,i have a openldap server.My linux system use pam.d(nss) get
> all user and group info.
> 
> Now i want to build a cvs server with passwd authentication.
> The cvs passwd file knows crypt and md5 password I get from the
> /etc/shadow file.
> 
> But the openldap use other password with md5.The crypt password from
> ldap works well,the md5 password doesn't.
> 
> I want to use java(jsp) make a cvs password file from openldap server with
> md5 password.
> How can i do?
> 
> I've got:
> linux md5 password = bb:$1$YXNkZmdo$3BR2ismHazeVy/UshG5oRw:
> openldap md5 password = {MD5}ovfWqqSt/SApu6Qfv/+79Q==  (with no salt)
> openldap md5 password = {SMD5}ovfWqqSt/SApu6Qfv/+79xxxxxxx  (with salt)
> 
> How can i convert a openldap (s)md5 password to a linux md5 password?
> 
> Sorry for my poor english.

There is a difference between the MD5 password that crypt() locally
with generate (a BSD-derived feature) and the one that LDAP uses
with '{MD5}'.  The first should be tagged with '{crypt}' in LDAP and
the underlying libcrypt needs to understand that if the hash starts
with '$1$' then it's an MD5 hash; this is true for most Linux and
BSD systems, but I don't know how well commerical UNIX systems do
with it.  The '{MD5}' hash is different although the algorithm is
the same.  I don't think you can convert easily between the two.
So if you want to use the one that CVS will understand, you need
to figure out how to generate one (the man pages for crypt(3) and
encrypt(3) don't mention MD5) and insert it into directory with
'{crypt}' password type.  (The only way I know to create one is by
using 'passwd' and copying the hash from /etc/shadow or /etc/passwd,
but you might be able to do it the 'openssl' command.)

Wil
-- 
W. Reilly Cooley                           wcooley@nakedape.cc
Naked Ape Consulting                        http://nakedape.cc
irc.linux.com                                     #orlug,#lnxs

After all, all he did was string together a lot of old, well-known quotations.
		-- H.L. Mencken, on Shakespeare

Attachment: pgpClfWFTJ4jB.pgp
Description: PGP signature

Follow-Ups:
- Re: ask help about using the md5 password of openldap to cvs password
  - From: 孙玉新 <syx@dhc.com.cn>

References:
- ask help about using the md5 password of openldap to cvs password
  - From: 孙玉新 <syx@dhc.com.cn>

Prev by Date: Win2000,AD
Next by Date: I can not understand the error messages
Index(es):
- Chronological
- Thread