[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: simple bind and crypt hash

To: "Kervin L. Pierre" <kervin@blueprint-tech.com>
Subject: Re: simple bind and crypt hash
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Sun, 20 Oct 2002 12:48:39 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <3DB205C8.8090700@blueprint-tech.com>

At 06:24 PM 2002-10-19, Kervin L. Pierre wrote:
>How does openldap hash the incoming bind password before comparing to the hash stored in ldap? ie.

Using crypt(3).

>How does it figure out the salt?

It passes the stored value, less the {CRYPT}, to crypt(3)...
crypt(3) figures it out.

>Does it use the password-crypt-salt-format to determine the salt?  The man page says salt format is only used with exop.

password-crypt-salt-format is only used in setting new passwords
via the LDAP Password Modify extended operation.

>I'm asking this because crypting the password and then setting the userpassword attribute to that hash doesn't seem to work.

Maybe the version of crypt(3) you are using is different than the
version used by slapd(8)...  not all versions are created equally.

Kurt

References:
- simple bind and crypt hash
  - From: "Kervin L. Pierre" <kervin@blueprint-tech.com>

Prev by Date: Re: client (non) verification of server SSL certs
Next by Date: TLS connect from remote host to slapd hangs
Index(es):
- Chronological
- Thread