Theunis De Klerk wrote:
>> Were these applications that pre-hashed the SSHA passwords, then sent
>> the pre-hashed SSHA password to the server, when adding a user or
>> modifying the password? If so, then it could be that the legacy SSHA
>> handling was broken.
>>
>
> Here is an example of the perl code I used to create the password.
>
> <snip>
> my $password = 'thepassword';
> use Digest::SHA1;
> use MIME::Base64;
> my $ctx = Digest::SHA1->new;
> $ctx->add($password);
> $ctx->add('salt');
> my $hashedPasswd = '{SSHA}' . encode_base64($ctx->digest . 'salt' ,'');
> </snip>
>
> i.e: the way not to do it.
>
thanks - https://bugzilla.redhat.com/show_bug.cgi?id=518520
> --
> 389 users mailing list
> 389-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20090820/c30e6193/attachment.bin
