[Date Prev][Date Next]
Re: (ITS#5983) ldappasswd returns "Additional info: password hash failed" in Solaris 10 SPARC
- To: openldap-its@OpenLDAP.org
- Subject: Re: (ITS#5983) ldappasswd returns "Additional info: password hash failed" in Solaris 10 SPARC
- From: email@example.com
- Date: Thu, 5 Mar 2009 07:05:52 GMT
- Auto-submitted: auto-generated (OpenLDAP-ITS)
sorry, if I was misunderstood. I am not asking to do my legwork. Just
trying to understand what is going wrong. Sorry, if it seemed that way.
I installed Sun Studio 12 (latest) and the problem is the same. I don't
think Sun Studio is not working compiler. Just looks very unlikely. IT
compiles everything without single problem. both 32 and 64 bit memory
Perhaps I was not entirely clear. Weird thing is that it is only not
working when changing password using ldappasswd and hash is set to SMD5
SSHA or CRYPT. If I manually change the password setting userPassword
after generating it with slappasswd using say SSHA, it works fine. I
mean user can bind using password that is stored in SSHA or SMD5. That
tells me that slapd can still do encryption properly and check against
hashes in question. At some point it needs to generate a hash and does
it properly. Only when slapd is asked to change a password with
ldappasswd it is unable to generate proper hash. Unless process is
entirely different when changing password and authorizing against password.
I am not insisting it is a bug in slapd code. But I am running out of
ideas what else could be wrong and was just hoping that somebody else is
using openldap on the same architecture and perhaps experienced
> firstname.lastname@example.org wrote:
>> as I have pointed out in earlier post not only it doesn't work when I
>> compile it myself but also the one that was downloaded form
>> sunfreeware.com. It is not possible to tell what version of gcc was
>> used to compile openldap that is distributed but explanation that it
>> doesn't work because of compiler bug seems to me highly unlikely.
>> Unless you can specifically point to which bug in gcc on SPARC
>> contributes to this erratic behaviour of openldap.
> It's not our responsibility to do your legwork for you. You can easily email
> the maintainers at sunfreeware.com and ask them. Since they currently host gcc
> 3.4.6 on their site it's a safe bet they're still using gcc 3.4.x overall.
> Fyi, I have just now built the 2.4.15 source using gcc 4.0.3 on SPARC/Solaris
> and all of the hash mechanisms work fine. I don't have a gcc 3.x build handy
> on my system, nor do I see any reason to install a known-bad compiler just to
> further demonstrate what has already been plainly documented by other folks.
>> Either way, thanks for comments.
>> On Mon, Mar 2, 2009 at 5:56 PM,<email@example.com> wrote:
>>> firstname.lastname@example.org wrote:
>>>> email@example.com wrote:
>>>>> I have just compiled and tested 2.4.15 and result is same: cleartext,
>>>>> md5 and sha works, smd5, ssha and crypt doesn't.
>>>>> Solaris 10 SPARC latest, gcc 3.4.3, Berkeley DB 4.7.25, opessl 0.9.8j.
>>>> I have no chance to test on that arch. You should figure our why those
>>>> hashes are not supported. Did you enable crypt (--enable-crypt)?
>>> gcc 3.4.3 was released November 4 2004 http://gcc.gnu.org/gcc-3.4/
>>> and is known to have many bugs. It's also already known that old gcc releases
>>> have other problems on Sparc. (E.g. ITS#5875.)
>>> Please use a working compiler.
>>> As a workaround, recompile the offending functions with optimization disabled.
>>> That usually helps in cases like this.
>>> There is no bug in OpenLDAP Software here, this ITS will be closed.
>>> -- Howard Chu
>>> CTO, Symas Corp. http://www.symas.com
>>> Director, Highland Sun http://highlandsun.com/hyc/
>>> Chief Architect, OpenLDAP http://www.openldap.org/project/