[
https://issues.apache.org/jira/browse/DIRSERVER-1375?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Emmanuel Lecharny updated DIRSERVER-1375:
-----------------------------------------
Fix Version/s: 1.5.5
We wrongly assumed that the Salt was 8 bytes long, when it's can be of variable
size. It should not be a problem to allow shortest Salt to be used in ADS, as
the hashed part is always 20 bytes for SHA1 (16 for MD5). it's just a matter of
grabbing the rest of the bytes, and consider it as the salt.
I will implement that right now.
> Support variable length salts for SSHA and SMD5
> -----------------------------------------------
>
> Key: DIRSERVER-1375
> URL: https://issues.apache.org/jira/browse/DIRSERVER-1375
> Project: Directory ApacheDS
> Issue Type: Improvement
> Components: ldap
> Affects Versions: 1.5.4
> Reporter: Stefan Reuter
> Fix For: 1.5.5
>
>
> ApacheDS requires the salt of SSHA passwords to be 8 bytes. OpenLDAP uses 4
> bytes for the salt. Migrating from OpenLDAP to ApacheDS thus causes problems
> as users are unable to bind if their userpassword uses a salted password
> scheme.
> Please support variable length salts in ApacheDS so it is also possible to
> bind with a SSHA (or SMD5) password that contain a 4 byte salt.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
