[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8023) slappasswd with sha2 overlay can generate hashes but not salted hashes

I have now made progress in narrowing down the cause further.=0A=0AI have=
 noticed that it is a regression between FreeBSD 9.x -> FreeBSD 10.x. For=
 this reason, I will move any updates on this to the FreeBSD bug tracker,=
 rather than the OpenLDAP one, as the bug is platform specific.=0A=0AFutu=
re news will be posted here: https://bugs.freebsd.org/bugzilla/show_bug.c=
gi?id=3D197004=0A=0AThank you for your time,=0A=0A-Jonathan=0A=0AJanuary =
22 2015 2:25 PM, freebsd@jonathanprice.org wrote: =0A> Sorry for the slow=
 response, but I have made some progress with the issue.=0A> =0A> (as an =
aside, I installed a build from LTB, and unfortunately it does not=0A> co=
ntain this overlay)=0A> =0A> I have detailed my findings (including some =
trawling through the source)=0A> over on the FreeBSD bug tracker, as I su=
spect it could well be a platform=0A> related issue. Nonetheless, it migh=
t be worth reading:=0A> https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=
=3D197004=0A> =0A> January 14 2015 4:31 PM, "Quanah Gibson-Mount" <quanah=
@zimbra.com> wrote:=0A> =0A>> --On Wednesday, January 14, 2015 11:00 AM +=
0000 freebsd@jonathanprice.org=0A>> wrote:=0A>> =0A>>> Hi,=0A>>> =0A>>> I=
 tried 2.4.39 under FreeBSD and still had the same issue.=0A>>> =0A>>> I =
have also tried the packages for both CentOS 7 and Debian Wheezy, but=0A>=
>> unfortunately neither of them include the SHA2 overlay by default.=0A>=
>> =0A>>> Finally, I tried installing zimbra-core and zimbra-ldap under C=
entOS.=0A>>> When I used this installation, it worked successfully.=0A>>>=
 =0A>>> I ran slapd -V on the zimbra installation, and it's 2.4.39. Howev=
er,=0A>>> based on it still not working on 2.4.39 on FreeBSD it appears t=
o have=0A>>> narrowed it down to two reasons: - An issue with the packagi=
ng under=0A>>> FreeBSD=0A>>> - The functionality is specific to Zimbra=0A=
>>> =0A>>> The next step in the process to narrow this down is to do a ma=
nual=0A>>> compilation on CentOS, including the SHA2 overlay. If this wor=
ks, then it=0A>>> would confirm it to be a FreeBSD issue, and if it doesn=
't work that would=0A>>> strongly suggest that Zimbra has modified someth=
ing.=0A>> =0A>> You could simply grab the LTB project builds. I'm pretty =
sure they build=0A>> out the contrib modules.=0A>> =0A>> In any case, I a=
lready noted that Zimbra doesn't patch anything in OpenLDAP=0A>> that wou=
ld affect this area.=0A>> =0A>> --Quanah=0A>> =0A>> --=0A>> =0A>> Quanah =
Gibson-Mount=0A>> Platform Architect=0A>> Zimbra, Inc. =0A>> ____________=
___________________=0A>> =0A>> Zimbra :: the leader in open source messag=
ing and collaboration