Quanah noticed, and mentioned to me in IRC, that if you are using
cn=config and you set olcPasswordHash to a scheme provided by a module,
then slapd won't start, because it processes the global cn=config before
diving into the cn=module subtree(s). (It does work if you use
slapd.conf and specify moduleload before password-hash.)
I think this doesn't affect pw-netscape and pw-apr1 too badly, since
they are meant for importing existing hashes and shouldn't be used as
the scheme for new users; but users of pw-sha2 and pw-pbkdf2 are likely
to hit this.
I had already added pw-sha2 in git; I'm going to leave it as is for the
moment, pending reaction from upstream, but this should be considered
before uploading that.
thanks,
Ryan
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
