[389-devel] Please review: Bug 518520 - pre hashed salted passwords do not work
Nathan Kinder
nkinder at redhat.com
Thu Aug 20 17:55:58 UTC 2009
On 08/20/2009 10:38 AM, Rich Megginson wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=518520
> Resolves: bug 518520
> Bug Description: pre hashed salted passwords do not work
> Reviewed by: ???
> Files: see diff
> Branch: HEAD and 1.2
> Fix Description: Pre-hashed passwords may not use the standard
> internal salt length. The old
> ldif base64 decode function would return the number of bytes in the
> decoded
> string - the new NSPR function does not. We can't use strlen on
> the decoded
> value since it is binary and may contain nulls. The solution is to
> use a
> function to calculate exactly how many bytes the encode string will
> have
> when decoded, taking into account padding. Since we know exactly
> how many
> bytes are decoded, and we know exactly how many bytes of that
> decoded value
> are the hash, the remainder must be the salt, however many bytes
> that is.
> I tested this code with salt lengths from 1 to 99.
> Platforms tested: RHEL5 x86_64
> Flag Day: no
> Doc impact: no
> https://bugzilla.redhat.com/attachment.cgi?id=358138&action=diff
ack
>
> --
> 389-devel mailing list
> 389-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-devel
More information about the 389-devel
mailing list