On 06/03/16 20:00, Howard Chu wrote:

daniel@pocock.pro wrote:

...

Full_Name: Daniel Pocock Version: OS: Debian URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (2001:1620:b22::2042)

There are a few protocols that use a HA1[1] password hash, such as HTTP DIGEST[1], SIP DIGEST[2] and TURN[3] (which uses HMAC rather than DIGEST)

Is there a standard LDAP attribute name for storing a HA1 value or should it be stored in a regular userPassword attribute as described in the manual[4]?

The ITS is not for usage questions. You already asked this and were answered on the discussion mailing list.

http://www.openldap.org/lists/openldap-technical/201507/msg00073.html

There is nothing here that requires any OpenLDAP development activity. It's all already handled by the SASL Digest mechanism, as I already noted in the above email.

Closing this ITS.

I didn't open this feature request to ask for somebody to implement it, I'm simply trying to track a number of items that I'm working on myself. Normally I open a bug/feature request in anything I work on in case somebody else wants to work on the same thing, it helps avoid duplication.

The email thread doesn't fully resolve the issue, it does appear to require some plugin to be created for the server side, especially if the LDAP server doesn't keep plain text passwords. Given the fairly generic nature of the DIGEST algorithm, I also felt that when implemented, this code should be contributed to the OpenLDAP repository and not hosted elsewhere.

Regards,

Daniel