You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@directory.apache.org by "Emmanuel Lecharny (JIRA)" <ji...@apache.org> on 2009/06/13 11:11:07 UTC
[jira] Updated: (DIRSERVER-1375) Support variable length salts for
SSHA and SMD5
[ https://issues.apache.org/jira/browse/DIRSERVER-1375?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Emmanuel Lecharny updated DIRSERVER-1375:
-----------------------------------------
Fix Version/s: 1.5.5
We wrongly assumed that the Salt was 8 bytes long, when it's can be of variable size. It should not be a problem to allow shortest Salt to be used in ADS, as the hashed part is always 20 bytes for SHA1 (16 for MD5). it's just a matter of grabbing the rest of the bytes, and consider it as the salt.
I will implement that right now.
> Support variable length salts for SSHA and SMD5
> -----------------------------------------------
>
> Key: DIRSERVER-1375
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1375
> Project: Directory ApacheDS
> Issue Type: Improvement
> Components: ldap
> Affects Versions: 1.5.4
> Reporter: Stefan Reuter
> Fix For: 1.5.5
>
>
> ApacheDS requires the salt of SSHA passwords to be 8 bytes. OpenLDAP uses 4 bytes for the salt. Migrating from OpenLDAP to ApacheDS thus causes problems as users are unable to bind if their userpassword uses a salted password scheme.
> Please support variable length salts in ApacheDS so it is also possible to bind with a SSHA (or SMD5) password that contain a 4 byte salt.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.