[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4366) userPassword compare fix

To: openldap-its@OpenLDAP.org
Subject: (ITS#4366) userPassword compare fix
From: paolo.meschi@gmail.com
Date: Tue, 24 Jan 2006 15:50:44 GMT

Full_Name: Paolo Meschi
Version: 2.X HEAD
OS: Linux
URL: http://www.paolomeschi.com/patches/openldap/openldap-userpassword-compare.patch
Submission from: (NULL) (82.60.63.158)


Trying to compare the userPassword attribute, that contains a crypted password
(like this: {crypt}qWe2pXud183), with the cleartext password, OpenLDAP returned
me LDAP_COMPARE_FALSE. However, if I put a cleartext password in userPassword,
it returns LDAP_COMPARE_TRUE.
So, as I can see OpenLDAP doesn't crypt (with the proper function) the password
passed by the client before compare it, as many other LDAP servers (like Sun
Directory Services) do.

This patch should fix this behaviour: 
http://www.paolomeschi.com/patches/openldap/openldap-userpassword-compare.patch

(A copy of this mail has been sent to the devel mailing list)

Prev by Date: Re: (ITS#4364) syncrepl consumer logfilter can cause DOS on provider
Next by Date: (ITS#4367) 2.2 should be marked historic
Index(es):
- Chronological
- Thread