El 5/12/19 a les 1:38, William Brown ha escrit:
> Because this is salted, you need to provide the same salt to do the match here. Your
MD5 was unsalted is why the match works, so you'll need to do much more work now to do
the same "match".
> In other words you need to do (in psuedo code)
> ...
> It should go without saying, but it's a security risk
to have userPassword as a field readable and to do matches like this, so I strongly
encourage you to consider updating or modifying the application in question to do binds
instead :)
> Does that help?
Yes it did ! From now on new users are created with the new format
that is also fully 389-ds compatible.
I also added a warning on startup for legacy setups and a recommendation
in the docs.
thank you guys