You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@directory.apache.org by "Martin Schuster (IFKL IT OS DSM CD)" <Ma...@infineon.com> on 2007/10/10 13:05:17 UTC
[Studio] upper/lowercase {crypt} at beginning of userPassword
I have a lot entries where the userPassword starts with
{crypt} (instead of the uppercase {CRYPT}).
DirectoryStudio tells me
Hash Method: Unsupported hash method
Is this a bug in DS, or should I convert the start of
all userPassword attributes to uppercase {CRYPT}?
tia,
--
Martin Schuster
Infineon Technologies IT-Services GmbH
Tel: +43 5 1777 3517
Martin.Schuster1@infineon.com
Postadresse:
Lakeside B05
9020 Klagenfurt, Austria
FB: LG Klagenfurt, FN 246787y
VISIT US AT http://www.infineon.com/austria
Re: [Studio] upper/lowercase {crypt} at beginning of userPassword
Posted by Pierre-Arnaud Marcelot <pa...@marcelot.net>.
Thanks for the Jira.
It's been fixed. ;)
Regards,
Pierre-Arnaud Marcelot
On 10/10/07, Martin Schuster (IFKL IT OS DSM CD) <
Martin.Schuster1@infineon.com> wrote:
>
> I _think_ I've found both in the RFCs (i.e. one RFC specifying
> lowercase hash methods, one specifying uppercase ones), and it
> looks like both are in use, so doing case-insensitive comparison
> would definitely be a good idea, imho.
>
> Emmanuel Lecharny wrote:
> > [...]
> > Can you fill a JIRA ?
> >
> Done, https://issues.apache.org/jira/browse/DIRSTUDIO-220
>
> --
> Martin Schuster
> Infineon Technologies IT-Services GmbH
>
> Tel: +43 5 1777 3517
> Martin.Schuster1@infineon.com
>
> Postadresse:
> Lakeside B05
> 9020 Klagenfurt, Austria
> FB: LG Klagenfurt, FN 246787y
>
> VISIT US AT http://www.infineon.com/austria
>
Re: [Studio] upper/lowercase {crypt} at beginning of userPassword
Posted by Emmanuel Lecharny <el...@gmail.com>.
Thanks Martin !
I think we will be able to deliver a version very soon (by end of
october, beginning of november) which will include this fix.
Have fun with Studio !
On 10/10/07, Martin Schuster (IFKL IT OS DSM CD)
<Ma...@infineon.com> wrote:
> I _think_ I've found both in the RFCs (i.e. one RFC specifying
> lowercase hash methods, one specifying uppercase ones), and it
> looks like both are in use, so doing case-insensitive comparison
> would definitely be a good idea, imho.
>
> Emmanuel Lecharny wrote:
> > [...]
> > Can you fill a JIRA ?
> >
> Done, https://issues.apache.org/jira/browse/DIRSTUDIO-220
>
> --
> Martin Schuster
> Infineon Technologies IT-Services GmbH
>
> Tel: +43 5 1777 3517
> Martin.Schuster1@infineon.com
>
> Postadresse:
> Lakeside B05
> 9020 Klagenfurt, Austria
> FB: LG Klagenfurt, FN 246787y
>
> VISIT US AT http://www.infineon.com/austria
>
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
Re: [Studio] upper/lowercase {crypt} at beginning of userPassword
Posted by "Martin Schuster (IFKL IT OS DSM CD)" <Ma...@infineon.com>.
I _think_ I've found both in the RFCs (i.e. one RFC specifying
lowercase hash methods, one specifying uppercase ones), and it
looks like both are in use, so doing case-insensitive comparison
would definitely be a good idea, imho.
Emmanuel Lecharny wrote:
> [...]
> Can you fill a JIRA ?
>
Done, https://issues.apache.org/jira/browse/DIRSTUDIO-220
--
Martin Schuster
Infineon Technologies IT-Services GmbH
Tel: +43 5 1777 3517
Martin.Schuster1@infineon.com
Postadresse:
Lakeside B05
9020 Klagenfurt, Austria
FB: LG Klagenfurt, FN 246787y
VISIT US AT http://www.infineon.com/austria
Re: [Studio] upper/lowercase {crypt} at beginning of userPassword
Posted by Emmanuel Lecharny <el...@gmail.com>.
Nope.
I think we should just do a equalsIngnorCase( HASH_METHOD_CRYPT ) in any case.
On 10/10/07, Pierre-Arnaud Marcelot <pa...@marcelot.net> wrote:
> Hi,
>
> I checked it and it seems using {crypt} is failing.
>
> > /** The constant used for the crypt hash, value <code>CRYPT</code> */
> > public static final String HASH_METHOD_CRYPT = "CRYPT"; //$NON-NLS-1$
>
> I found this code in the Password class
> (org.apache.directory.studio.ldapbrowser.core.model.Password).
>
> There's a test in the PasswordTest class for testing Crypt encrypted
> password:
> > /**
> > *
> > */
> > public void testPasswordCRYPTEncrypted()
> > {
> > Password password = new Password( "{CRYPT}qFkH8Z1woBlXw" );
> >
> > assertTrue( password.verify( "secret" ) );
> > }
>
>
> I Added another one with lowercase 'crypt':
> > /**
> > *
> > */
> > public void testPasswordCRYPTEncrypted2()
> > {
> > Password password = new Password( "{crypt}qFkH8Z1woBlXw" );
> >
> > assertTrue( password.verify( "secret" ) );
> > }
> >
>
> The first one passes, the second one fails.
>
> Is there an RFC for this somewhere ?
>
> Regards,
> P-A
>
>
> On 10/10/07, Emmanuel Lecharny <el...@gmail.com> wrote:
> > Hi Martin,
> >
> > I think you should use {crypt}, and not {CRYPT}, due to some code we
> > have in the server :
> >
> > ...
> > if ( "crypt".equals( algorithm ) )
> > ...
> >
> > This is a _bad_ piece of code, and will be fixed to :
> >
> > ...
> > if ( "crypt".equalsignorecase( algorithm ) )
> > ...
> >
> > Now, we may have the opposite pb in Studio.
> >
> > I gonna check that.
> >
> > Can you fill a JIRA ?
> >
> > Thanks !
> >
> > On 10/10/07, Martin Schuster (IFKL IT OS DSM CD)
> > <Ma...@infineon.com> wrote:
> > > I have a lot entries where the userPassword starts with
> > > {crypt} (instead of the uppercase {CRYPT}).
> > >
> > > DirectoryStudio tells me
> > > Hash Method: Unsupported hash method
> > >
> > > Is this a bug in DS, or should I convert the start of
> > > all userPassword attributes to uppercase {CRYPT}?
> > >
> > > tia,
> > > --
> > > Martin Schuster
> > > Infineon Technologies IT-Services GmbH
> > >
> > > Tel: +43 5 1777 3517
> > > Martin.Schuster1@infineon.com
> > >
> > > Postadresse:
> > > Lakeside B05
> > > 9020 Klagenfurt, Austria
> > > FB: LG Klagenfurt, FN 246787y
> > >
> > > VISIT US AT http://www.infineon.com/austria
> > >
> >
> >
> > --
> > Regards,
> > Cordialement,
> > Emmanuel Lécharny
> > www.iktek.com
> >
>
>
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com
Re: [Studio] upper/lowercase {crypt} at beginning of userPassword
Posted by Pierre-Arnaud Marcelot <pa...@marcelot.net>.
Hi,
I checked it and it seems using {crypt} is failing.
/** The constant used for the crypt hash, value <code>CRYPT</code> */
> public static final String HASH_METHOD_CRYPT = "CRYPT"; //$NON-NLS-1$
I found this code in the Password class (
org.apache.directory.studio.ldapbrowser.core.model.Password).
There's a test in the PasswordTest class for testing Crypt encrypted
password:
> /**
> *
> */
> public void testPasswordCRYPTEncrypted()
> {
> Password password = new Password( "{CRYPT}qFkH8Z1woBlXw" );
>
> assertTrue( password.verify( "secret" ) );
> }
I Added another one with lowercase 'crypt':
> /**
> *
> */
> public void testPasswordCRYPTEncrypted2()
> {
> Password password = new Password( "{crypt}qFkH8Z1woBlXw" );
>
> assertTrue( password.verify( "secret" ) );
> }
>
The first one passes, the second one fails.
Is there an RFC for this somewhere ?
Regards,
P-A
On 10/10/07, Emmanuel Lecharny <el...@gmail.com> wrote:
>
> Hi Martin,
>
> I think you should use {crypt}, and not {CRYPT}, due to some code we
> have in the server :
>
> ...
> if ( "crypt".equals( algorithm ) )
> ...
>
> This is a _bad_ piece of code, and will be fixed to :
>
> ...
> if ( "crypt".equalsignorecase( algorithm ) )
> ...
>
> Now, we may have the opposite pb in Studio.
>
> I gonna check that.
>
> Can you fill a JIRA ?
>
> Thanks !
>
> On 10/10/07, Martin Schuster (IFKL IT OS DSM CD)
> <Ma...@infineon.com> wrote:
> > I have a lot entries where the userPassword starts with
> > {crypt} (instead of the uppercase {CRYPT}).
> >
> > DirectoryStudio tells me
> > Hash Method: Unsupported hash method
> >
> > Is this a bug in DS, or should I convert the start of
> > all userPassword attributes to uppercase {CRYPT}?
> >
> > tia,
> > --
> > Martin Schuster
> > Infineon Technologies IT-Services GmbH
> >
> > Tel: +43 5 1777 3517
> > Martin.Schuster1@infineon.com
> >
> > Postadresse:
> > Lakeside B05
> > 9020 Klagenfurt, Austria
> > FB: LG Klagenfurt, FN 246787y
> >
> > VISIT US AT http://www.infineon.com/austria
> >
>
>
> --
> Regards,
> Cordialement,
> Emmanuel Lécharny
> www.iktek.com
>
Re: [Studio] upper/lowercase {crypt} at beginning of userPassword
Posted by Emmanuel Lecharny <el...@gmail.com>.
Hi Martin,
I think you should use {crypt}, and not {CRYPT}, due to some code we
have in the server :
...
if ( "crypt".equals( algorithm ) )
...
This is a _bad_ piece of code, and will be fixed to :
...
if ( "crypt".equalsignorecase( algorithm ) )
...
Now, we may have the opposite pb in Studio.
I gonna check that.
Can you fill a JIRA ?
Thanks !
On 10/10/07, Martin Schuster (IFKL IT OS DSM CD)
<Ma...@infineon.com> wrote:
> I have a lot entries where the userPassword starts with
> {crypt} (instead of the uppercase {CRYPT}).
>
> DirectoryStudio tells me
> Hash Method: Unsupported hash method
>
> Is this a bug in DS, or should I convert the start of
> all userPassword attributes to uppercase {CRYPT}?
>
> tia,
> --
> Martin Schuster
> Infineon Technologies IT-Services GmbH
>
> Tel: +43 5 1777 3517
> Martin.Schuster1@infineon.com
>
> Postadresse:
> Lakeside B05
> 9020 Klagenfurt, Austria
> FB: LG Klagenfurt, FN 246787y
>
> VISIT US AT http://www.infineon.com/austria
>
--
Regards,
Cordialement,
Emmanuel Lécharny
www.iktek.com