[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8878) PBKDF2 Is Broken (1 in 64 hashes)

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8878) PBKDF2 Is Broken (1 in 64 hashes)
From: quanah@symas.com
Date: Thu, 08 Nov 2018 14:53:03 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

--On Tuesday, July 17, 2018 5:35 AM +0000 jroose@gmail.com wrote:

> This is a significant bug in this module, because it causes the hash
> algorithm to fail to be replicable by outside hash implementations 1 out
> of every 64 hashes on average.

Thanks for the report.  This is now fixed in git master:

- Log -----------------------------------------------------------------
commit d40a832db011985d6a6b787a88dd802b02d5d5dc
Author: Ond??ej Kuzn??k <ondra@openldap.org>
Date:   Thu Nov 8 11:09:38 2018 +0000

    ITS#8878 Include the first character in the transformation

-----------------------------------------------------------------------

--Quanah



--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

Prev by Date: Re: (ITS#8914) OpenLDAP and OpenSSL v1.1.1
Next by Date: (ITS#8932) Fix slapd-config to honor rdnNormalize return code
Index(es):
- Chronological
- Thread