Full_Name: Norbert Klasen Version: head-20001120 OS: Linux URL: ftp://ftp.openldap.org/incoming/norbert.klasen-20001120.patch Submission from: (NULL) (134.2.3.103) I've added the lanmanger hash algorithm as used by Windows to libraries/liblutil/passwd.c This is to faciliate transition from a Windows NT Domain (or W2k AD) to OpenLDAP. With the pwdump tool (http://www.webspan.net/~tas/pwdump2/) one can dump the needed password hashes from the NT SAM. I've also written a small Perl script to convert the output of pwdump to a ldif file, which can be loaded into the server: ftp://ftp.openldap.org/norbert.klasen-20001120.migrate_pwdump.pl This script could go into contrib or alternatively I can put it on our webserver. -- Norbert Klasen DFN Directory Services tel: +49 7071 29 70335 ZDV, Universit�t T�bingen fax: +49 7071 29 5912 W�chterstr. 76, 72074 T�bingen http://www.directory.dfn.de Germany norbert.klasen@zdv.uni-tuebingen.de
The patch includes code based upon Samba 2.0.7. Samba license is such that we cannot accept code derived from Samba. I suggest you look for a public domain or non-restrictive implementation of the borrowed code. You could likely write such code from scratch. Kurt At 07:04 PM 11/20/00 +0000, klasen@zdv.uni-tuebingen.de wrote: >Full_Name: Norbert Klasen >Version: head-20001120 >OS: Linux >URL: ftp://ftp.openldap.org/incoming/norbert.klasen-20001120.patch >Submission from: (NULL) (134.2.3.103) > > >I've added the lanmanger hash algorithm as used by Windows to >libraries/liblutil/passwd.c >This is to faciliate transition from a Windows NT Domain (or W2k AD) to >OpenLDAP. >With the pwdump tool (http://www.webspan.net/~tas/pwdump2/) one can dump the >needed password hashes from the NT SAM. I've also written a small Perl script to > >convert the output of pwdump to a ldif file, which can be loaded into the >server: >ftp://ftp.openldap.org/norbert.klasen-20001120.migrate_pwdump.pl >This script could go into contrib or alternatively I can put it on our >webserver. > >-- >Norbert Klasen >DFN Directory Services tel: +49 7071 29 70335 >ZDV, Universität Tübingen fax: +49 7071 29 5912 >Wächterstr. 76, 72074 Tübingen http://www.directory.dfn.de >Germany norbert.klasen@zdv.uni-tuebingen.de
On Tue, Nov 21, 2000 at 09:06:01PM +0000, Kurt@openldap.org wrote: > The patch includes code based upon Samba 2.0.7. Samba license > is such that we cannot accept code derived from Samba. I > suggest you look for a public domain or non-restrictive > implementation of the borrowed code. You could likely write > such code from scratch. ...or get the original author to allow it to be licensed under the OpenLDAP License. -- -----------=======-=-======-=========-----------=====------------=-=------ / Ben Collins -- ...on that fantastic voyage... -- Debian GNU/Linux \ ` bcollins@debian.org -- bcollins@openldap.org -- bcollins@linux.com ' `---=========------=======-------------=-=-----=-===-======-------=--=---'
At 03:55 AM 11/22/00 +0000, bcollins@debian.org wrote: >On Tue, Nov 21, 2000 at 09:06:01PM +0000, Kurt@openldap.org wrote: >> The patch includes code based upon Samba 2.0.7. Samba license >> is such that we cannot accept code derived from Samba. I >> suggest you look for a public domain or non-restrictive >> implementation of the borrowed code. You could likely write >> such code from scratch. > >...or get the original author to allow it to be licensed under the >OpenLDAP License. To clarify this option, if the original author provide a copy under a less restrictive license, this copy would be acceptable. Given that only a simple routine which implements (what I assume is) a publicly documented algorithm, implementation from scratch might actually be easier than attempting to sort out who the original author of the samba code actual is. Kurt
Hi Kurt, > The patch includes code based upon Samba 2.0.7. Samba license > is such that we cannot accept code derived from Samba. I > suggest you look for a public domain or non-restrictive > implementation of the borrowed code. You could likely write > such code from scratch. Ok, I found a reliable source (rfc2433) and wrote the str_to_key funktion myself. I also used hash_lanman in chk_lanman to avoid some redundancy. You might want to strip the included parts of rfc2422. -- Norbert Klasen DFN Directory Services tel: +49 7071 29 70335 ZDV, Universität Tübingen fax: +49 7071 29 5912 Wächterstr. 76, 72074 Tübingen http://www.directory.dfn.de Germany norbert.klasen@zdv.uni-tuebingen.de
Upps, ITS doesn't seem to take mime messages very well, so I also uploaded the patch: ftp://ftp.openldap.org/incoming/norbert.klasen-20001122-lmhash.patch -- Norbert Klasen DFN Directory Services tel: +49 7071 29 70335 ZDV, Universität Tübingen fax: +49 7071 29 5912 Wächterstr. 76, 72074 Tübingen http://www.directory.dfn.de Germany norbert.klasen@zdv.uni-tuebingen.de
Committed. At 05:15 PM 11/22/00 +0000, klasen@zdv.uni-tuebingen.de wrote: >Upps, ITS doesn't seem to take mime messages very well, so I also >uploaded the patch: >ftp://ftp.openldap.org/incoming/norbert.klasen-20001122-lmhash.patch > >-- >Norbert Klasen >DFN Directory Services tel: +49 7071 29 70335 >ZDV, Universität Tübingen fax: +49 7071 29 5912 >Wächterstr. 76, 72074 Tübingen http://www.directory.dfn.de >Germany norbert.klasen@zdv.uni-tuebingen.de
moved from Incoming to Contrib
changed notes changed state Open to Test
changed state Test to Closed
LMHASH portion committed.