Hi Nick,
I’ve tested the proposed OpenLDAP packages on Ubuntu 24.04 (noble) using
the -proposed repository, and the PBKDF2 module works correctly in my
tests.
Tests performed:
Direct test with slappasswd:
slappasswd -o module-load="pw-pbkdf2.so 210000" -h {PBKDF2-SHA512}
This command works as expected and produces a valid hash, for example:
{PBKDF2-SHA512}210000$AcnLZ...
Test via LDAP configuration:
I added the following line to ldap.conf:
moduleload pw-pbkdf2.so 210000
After changing a user’s password, the value stored in the userPassword
attribute is correctly generated using PBKDF2, for example:
{PBKDF2-SHA512}210000$PCC...
Based on these tests, the pw-pbkdf2 module appears to be correctly built and
functional in noble-proposed.
Please let me know if you need additional tests or a different
validation scenario.
Best regards,
Filippo
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2125685
Title:
pbkdf2 needs configurable hashing rounds for FIPS 140-3
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/2125685/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
