[Date Prev][Date Next] [Chronological] [Thread] [Top]

Debian Linux: Auth fails with 8char salt and --with-tls


I am maintaining {crypt} passwords with an 8 character salt for

The Debian OpenLDAP packages don't come with TLS support. If i recompile
the openldap2 deb with --with-tls then auth fails. Manager (rootdn) logins 
also fail if TLS is compiled in.

All the other hashing schemes work fine with TLS including clear-text
passwords and this seems to be happening _only_ on Debian systems. I
recompiled it on another debian box with the same result - auth fails. 

RedHat boxes don't exhibit this problem.

Even the OpenLDAP 2.0.21 tarballs compiled with TLS have the same
problem on the Debian boxes. This makes me wonder whether i have some
library issues.

This hash for "secret" with a 2 char salt (12) works with and
without TLS:

perl -e 'print("{CRYPT}".crypt("secret","12")."\n");'

While this hash for "secret" with an 8 char salt (12345678) works only
without TLS:

$ perl -e 'print("{CRYPT}".crypt("secret","\$1\$12345678\$")."\n");'

I am running Debian Unstable updated as of today and OpenLDAP 2.0.21
Debs. Can anyone explain whats happening here? Any other Debian user
seeing similar behavior?

Thank you for your time.

-- Shanu

All bridge hands are equally likely, but some are more equally likely
than others.
		-- Alan Truscott