OpenLDAP
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest

Viewing Incoming/7986
Full headers

From: shifeng.hu@ericsson.com
Subject: -y option issue during read the password from a file
Compose comment
Download message
State:
0 replies:
0 followups:

Major security issue: yes  no

Notes:

Notification:


Date: Fri, 21 Nov 2014 11:47:14 +0000
From: shifeng.hu@ericsson.com
To: openldap-its@OpenLDAP.org
Subject: -y option issue during read the password from a file
Full_Name: Shifeng Hu
Version: openldap2-2.4.26-0.26.1
OS: SUSE 11 
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (195.235.15.200)


Dear There
Our server is using LDAP, but I found there was an issue when I use -y file
option to set the password of LDAP User.
the User password was defined in server system as 7 characters without any "\0"
when I try to use ldapsearch or ldapmodify with the option -y to give the
password
I am for sure the password in file is exactly same with I set.
And I did a capture for LDAP, I saw there is a \0 in the suffix of password,
this means
the tool adds an additional '\0' in the last. then I got the error output li%0
below
ldap_bind: Invalid credentials (49)

As I check the src in the file "libraries\liblutil\passfile.c"

	passwd->bv_len = nread;
	passwd->bv_val[nread] = '\0';
is this necessary for a \0


BR//shifeng
Thanks!
Up to top level
Build   Contrib   Development   Documentation   Historical   Incoming   Software Bugs   Software Enhancements   Web  

Logged in as guest


The OpenLDAP Issue Tracking System uses a hacked version of JitterBug

______________
© Copyright 2013, OpenLDAP Foundation, info@OpenLDAP.org