--On Wednesday, September 26, 2007 4:50 PM +0200 Pawel Palucha
<[EMAIL PROTECTED]> wrote:
Package: slapd
Version: 2.3.38-1
Severity: normal
When binding to slapd I can pass any password that starts with correct
password and it is accepted (for example, if password is '1234', also
'12345' is accepted). Checked with python bindings and apache ldap_auth
module. {CRYPT} is used to hash passwords.
Hello,
I cannot reproduce this. I used:
/opt/zimbra/openldap/sbin/slappasswd -s 1234 -c 1234
to generate the crypt(3) password. How did you generate your passwords?
Note that I am not using Debian's build, but as an upstream developer I'm
very interested in making sure this is not an OpenLDAP bug. ;)
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
