[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Debian Linux: Auth fails with 8char salt and --with-tls

To: Shanker Balan <shanu@exocore.com>
Subject: Re: Debian Linux: Auth fails with 8char salt and --with-tls
From: Nalin Dahyabhai <nalin@redhat.com>
Date: Fri, 15 Feb 2002 11:37:39 -0500
Cc: openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <20020201100307.GA11347@exocore.com>; from shanu@exocore.com on Fri, Feb 01, 2002 at 03:33:07PM +0530
Organization: Red Hat, Inc.
References: <20020201100307.GA11347@exocore.com>
User-agent: Mutt/1.2.5.1i

On Fri, Feb 01, 2002 at 03:33:07PM +0530, Shanker Balan wrote:
> I am maintaining {crypt} passwords with an 8 character salt for
> authentication.
> 
> The Debian OpenLDAP packages don't come with TLS support. If i recompile
> the openldap2 deb with --with-tls then auth fails. Manager (rootdn) logins 
> also fail if TLS is compiled in.
> 
> All the other hashing schemes work fine with TLS including clear-text
> passwords and this seems to be happening _only_ on Debian systems. I
> recompiled it on another debian box with the same result - auth fails. 
> 
> RedHat boxes don't exhibit this problem.
> 
> Even the OpenLDAP 2.0.21 tarballs compiled with TLS have the same
> problem on the Debian boxes. This makes me wonder whether i have some
> library issues.

The version of libcrypto (from OpenSSL) which you're linking with
probably provides a function named "crypt" which doesn't perform the
md5-style crypt().  The version of "crypt" in libcrypt (from glibc)
does.  Either force slapd to link with -lcrypt before -lcrypto, or
get libcrypto to stop providing the function, either by renaming it
or removing it altogether, and it should work properly.

HTH,

Nalin

References:
- Debian Linux: Auth fails with 8char salt and --with-tls
  - From: Shanker Balan <shanu@exocore.com>

Prev by Date: Re: replication question...
Next by Date: Re: Got it working
Index(es):
- Chronological
- Thread