[389-devel] Please review: Bug 518520 - pre hashed salted passwords do not work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

https://bugzilla.redhat.com/show_bug.cgi?id=518520
Resolves: bug 518520
Bug Description: pre hashed salted passwords do not work
Reviewed by: ???
Files: see diff
Branch: HEAD and 1.2
Fix Description: Pre-hashed passwords may not use the standard internal salt length. The old ldif base64 decode function would return the number of bytes in the decoded string - the new NSPR function does not. We can't use strlen on the decoded value since it is binary and may contain nulls. The solution is to use a 
   function to calculate exactly how many bytes the encode string will have
when decoded, taking into account padding. Since we know exactly how many bytes are decoded, and we know exactly how many bytes of that decoded value are the hash, the remainder must be the salt, however many bytes that is. 
   I tested this code with salt lengths from 1 to 99.
Platforms tested: RHEL5 x86_64
Flag Day: no
Doc impact: no
https://bugzilla.redhat.com/attachment.cgi?id=358138&action=diff

--
389-devel mailing list
389-devel@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-devel
[Index of Archives]     [Fedora Directory Announce]     [Fedora Users]     [Older Fedora Users Mail]     [Fedora Advisory Board]     [Fedora Security]     [Fedora Devel Java]     [Fedora Desktop]     [ATA RAID]     [Fedora Marketing]     [Fedora Mentors]     [Fedora Package Review]     [Fedora Art]     [Fedora Music]     [Fedora Packaging]     [CentOS]     [Fedora SELinux]     [Big List of Linux Books]     [KDE Users]     [Fedora Art]     [Fedora Docs]

  Powered by Linux