[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#6139) slapd: password-hash rejects multiple values

Full_Name: SATOH Fumiyasu
Version: 2.4.16
OS: Linux
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

My /etc/openldap/slapd.conf has the following line:
  password-hash {CRYPT} {SSHA}

On OpenLDAP 2.4.16, slapd (slaptest) rejects this config:

  # /usr/sbin/slaptest
  /etc/openldap/slapd.conf: line 36: <password-hash> extra cruft after <hash>.
  slaptest: bad configuration file!

On OpenLDAP 2.3.43, slapd (slaptest) accept this config.

The slapd.conf(5) (included in OpenLDAP 2.3.43/2.4.16) manpage said:

       password-hash <hash> [<hash>...]
              This option configures one or more hashes to
              be  used  in  generation  of  user passwords
              stored in the userPassword attribute  during
              processing  of LDAP Password Modify Extended
              Operations (RFC 3062).