[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#7278) [PATCH] SHA-2: Add support salted SHA-2 password hashes

At Mon, 11 Jun 2012 21:30:18 +0200,
Michael Ströder wrote:
> >> Do I have to tweak the Makefile?
> > 
> > Add -fPIC to $CCFLAGS in Makefile if you are using GCC.
> I hoped that this would not be necessary and the module work include something
> detected via autoconf before.

Can you try the following Makefile?


> Anyway it does not work for me. If I set password-hash {SSHA512} such a
> userPassword value is added to the entry but the bind does not work.
> Also if I generate a salted SHA-2 userPassword with my web2ldap it does not
> work. (I did interop-tests web2ldap<->OpenDJ before with salted SHA-2 hashes.)
> SHA-2 hashes without salt seem to work.

I've confirmed that slapd-sha2 works on Debian GNU/Linux unstable (x86-64),
Solaris 10 (SPARC) and AIX 6.1 (POWER).

Can you try the following command line with the latest master source
or http://www.openldap.org/its/index.cgi?findid=7284 patch?

  $ slappasswd -o module-load=slapd-sha2 -h '{SSHA512}'

-- Name: SATOH Fumiyasu (fumiyas @ osstech co jp)
-- Business Home: http://www.OSSTech.co.jp/
-- GitHub Home: https://GitHub.com/fumiyas/