[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ask help about using the md5 password of openldap to cvs password

> > In my system,i have a openldap server.My linux system use pam.d(nss) get
> > all user and group info.
> > 
> > Now i want to build a cvs server with passwd authentication.
> > The cvs passwd file knows crypt and md5 password I get from the
> > /etc/shadow file.
> > 
> > But the openldap use other password with md5.The crypt password from
> > ldap works well,the md5 password doesn't.
> > 
> > I want to use java(jsp) make a cvs password file from openldap server with
> > md5 password.
> > How can i do?
> > 
> > I've got:
> > linux md5 password = bb:$1$YXNkZmdo$3BR2ismHazeVy/UshG5oRw:
> > openldap md5 password = {MD5}ovfWqqSt/SApu6Qfv/+79Q==  (with no salt)
> > openldap md5 password = {SMD5}ovfWqqSt/SApu6Qfv/+79xxxxxxx  (with salt)
> > 
> > How can i convert a openldap (s)md5 password to a linux md5 password?
> > 
> > Sorry for my poor english.
> There is a difference between the MD5 password that crypt() locally
> with generate (a BSD-derived feature) and the one that LDAP uses
> with '{MD5}'.  The first should be tagged with '{crypt}' in LDAP and
> the underlying libcrypt needs to understand that if the hash starts
> with '$1$' then it's an MD5 hash; this is true for most Linux and
> BSD systems, but I don't know how well commerical UNIX systems do
> with it.  The '{MD5}' hash is different although the algorithm is
> the same.  I don't think you can convert easily between the two.
> So if you want to use the one that CVS will understand, you need
> to figure out how to generate one (the man pages for crypt(3) and
> encrypt(3) don't mention MD5) and insert it into directory with
> '{crypt}' password type.  (The only way I know to create one is by
> using 'passwd' and copying the hash from /etc/shadow or /etc/passwd,
> but you might be able to do it the 'openssl' command.)

But i have some users info in my ldap server.
I want my cvsserver to use all same user info.
I can't change all user's password with  '{crypt}' password type.