[Date Prev][Date Next] [Chronological] [Thread] [Top]

userPassword's

To: openldap-software@OpenLDAP.org, support@padl.com
Subject: userPassword's
From: malyprogservices@flashmail.com
Date: Fri, 26 Jan 2001 10:47:47 -0800

Hi,

I remember nss_ldap only recognizing a userPassword if it starts with
"{CRYPT}". I'm unsure whether that was fixed or not, but let's say I
have "userPassword: {MD5}$1$.......", an MD5 password. Could that
password be used both for nss_ldap (assuming I hack the code so it takes
the password as the string after the first '}') to read and use with
crypt() (assuming crypt() supports MD5) to allow user logins to a shell,
and also for binding as an authenticated user in OpenLDAP (so they can
modify entries that the have access to)? Somewhere I thought I
read/heard that the MD5 hash is different for LDAP auth and crypt(). Is
this true?

Thanks.


--
Tomas Maly
"IT Freak"
MontaVista Software
(408) 328-8429
tmaly@mvista.com

Follow-Ups:
- Re: userPassword's
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>

Prev by Date: Complex access control lists
Next by Date: RE: ADSI distributed queries CONVERT failures w/ OpenLDAP
Index(es):
- Chronological
- Thread