[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: sasl - cmusaslsecretDIGEST-MD5 - encrypted passwords in ldap

Heinz Hoelzl wrote:


i try to store md5 encryted passwords in ldap using the objectclass cmuSaslUser.
slapd searches the attribute cmusaslsecretDIGEST-MD5, but the bind fails.
what is the syntax for the hash stored in the cmusaslsecretDIGEST-MD5 attribute of the objectClass cmuSaslUser?

If I recall correctly from my SASL/postfix experiments, it has to be cleartext. As the challenge-response tokens are derived from the password, both client and server need it (or am I totally off here?). As a sidenote, can you confirm that on SASL binds the client always asks for cmusaslsecret<MECH>?