[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
trouble with {APR1}
- To: openldap-technical@openldap.org
- Subject: trouble with {APR1}
- From: Ryan Tandy <ryan@nardis.ca>
- Date: Thu, 17 Jul 2014 23:05:16 -0700
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nardis.ca; s=google; h=message-id:date:from:user-agent:mime-version:to:subject :content-type; bh=f6Kx3uZEauQ/dSc8Sedivo9k5kVqsuT+sH9Pb5Ie5QA=; b=hp8Wzr9oGNZdka9997Xvsb5hwtp187iU4C53IhVAu1fCm27G0hgPJ0Ry6J6OZ3ogjm KF0heK8ud+bf8E27nzUfanmvHPFmW8ZBqJ83996gDpNuYUFCsOFUeZX57NdV54wkail6 A8FPzcyEJTYLDjn8WFusE0yZ1A1j4oAyrUMgU=
- User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Icedove/24.6.0
Hi list,
In ITS#7869 I reported what I thought was a bug in the pw-apr1 contrib
passwd module. Howard has proven me wrong quite conclusively, but I
still can't make it work; so having wasted more than enough of his time,
I thought I'd waste some of yours. ;)
In short, I'm starting from pristine git master sources:
./configure --enable-modules
make -j8 && sudo make STRIP= install
building and installing pw-apr1:
cd contrib/slapd-modules/passwd
make PROGRAMS="pw-apr1.la" && sudo make PROGRAMS="pw-apr1.la" install
adding config and data (attached), starting slapd, and trying:
ldapwhoami -H ldap://:9001 -x -D uid=test1,dc=example,dc=com -w seekrit
As per Howard's last message on the ITS, that should be correct, but:
ldap_bind: Invalid credentials (49)
The three entries should all have the same password. The {SSHA} one
works for me, but neither of the first two.
The module is loaded and being called, gdb confirms it.
My environment is a minimal 64-bit Debian unstable system. Base system
plus build-essential and libltdl-dev, no other optional dependencies,
never had any OpenLDAP bits installed before. Tried under stable
(wheezy) also; same behaviour. (Is there possibly some other package
whose presence or absence might affect things?)
Can someone point out a silly build or config mistake, or suggest
something else I might have done that messed this up?
thanks for reading,
Ryan
dn: cn=config
objectClass: olcGlobal
dn: cn=module,cn=config
objectClass: olcModuleList
olcModuleLoad: pw-apr1
dn: cn=schema,cn=config
objectClass: olcSchemaConfig
include: file:///usr/local/etc/openldap/schema/core.ldif
include: file:///usr/local/etc/openldap/schema/cosine.ldif
dn: olcDatabase=mdb,cn=config
objectClass: olcMdbConfig
olcSuffix: dc=example,dc=com
olcDbDirectory: .
dn: dc=example,dc=com
objectClass: domain
dn: uid=test1,dc=example,dc=com
objectClass: account
objectClass: simpleSecurityObject
userPassword: {APR1}FK7q3pAf80k0Wh9BYZJ0FHBlcHBlcm9u
dn: uid=test2,dc=example,dc=com
objectClass: account
objectClass: simpleSecurityObject
userPassword: {BSDMD5}TvI7yUE++iEAGjN3LfD3l3BlcHBlcm9u
dn: uid=test3,dc=example,dc=com
objectClass: account
objectClass: simpleSecurityObject
userPassword: {SSHA}G/7YIyIO+SHwRUuVBn7PTNGy88TJkKUu