[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pamldap
Subject:    [pamldap] MD5 password hashing...
From:       Justin Hahn <jhahn () profitlogic ! com>
Date:       2001-01-31 22:15:02
[Download RAW message or body]

Hi,

I've been setting up LDAP authentication and I'd like to use MD5 hashed
passwords. However, there's a
small problem. According to the code, the pam_ldap module is sending  MD5
hashed passwords in the form

{crypt}$1$...
where ... is replaced by an md5 hashed password, with the same encoding used
as for crypted passwords (IIRC)

However, when, say, authentication takes places now the crypt string is
causing the authentication to try
to actually CRYPT the passwords, and hence I always get password mismatch...

What I'd like to do is have a string passed back to the server that looks
like this:

{MD5}...

where ... is the hashed password. However, I don't quite see how to use the
MD5 implementation
to do that. I'm more than willing to generate a patch.

Also, if this works, it should be pretty trivial to build a SHA module by
"borrowing" code from openldap
to do this... I'm sure somebody would find that desirable.

----
Justin Hahn              ProfitLogic
jhahn@profitlogic.com    11 Cambridge Center
Systems Administrator    Cambridge, MA 02142
o: 617-218-1986          www.profitlogic.com
m: 401-954-6974
f: 617-218-1901

[prev in list] [next in list] [prev in thread] [next in thread]