https://bugs.openldap.org/show_bug.cgi?id=9367
Issue ID: 9367 Summary: back-mdb: encryption support Product: OpenLDAP Version: unspecified Hardware: All OS: All Status: UNCONFIRMED Severity: normal Priority: --- Component: backends Assignee: bugs@openldap.org Reporter: quanah@openldap.org Target Milestone: ---
Need to add encryption support to the back-mdb backend, depends on issue#9364
https://bugs.openldap.org/show_bug.cgi?id=9367
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- See Also| |https://bugs.openldap.org/s | |how_bug.cgi?id=9364 Target Milestone|--- |2.6.0
https://bugs.openldap.org/show_bug.cgi?id=9367
Quanah Gibson-Mount quanah@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends on| |9009 Severity|normal |enhancement Target Milestone|2.6.0 |2.7.0
Referenced Issues:
https://bugs.openldap.org/show_bug.cgi?id=9009 [Issue 9009] 2.7: Switch to LMDB v1.0
https://bugs.openldap.org/show_bug.cgi?id=9367
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Depends on| |9920
Referenced Issues:
https://bugs.openldap.org/show_bug.cgi?id=9920 [Issue 9920] MDB_PAGE_FULL with master3 (encryption) because there is no room for the authentication data (MAC)
https://bugs.openldap.org/show_bug.cgi?id=9367
Howard Chu hyc@openldap.org changed:
What |Removed |Added ---------------------------------------------------------------------------- Ever confirmed|0 |1 Status|UNCONFIRMED |IN_PROGRESS
--- Comment #1 from Howard Chu hyc@openldap.org --- https://git.openldap.org/openldap/openldap/-/merge_requests/721
Data races were reported first in ITS#9920.
https://bugs.openldap.org/show_bug.cgi?id=9367
--- Comment #2 from Quanah Gibson-Mount quanah@openldap.org --- (In reply to Howard Chu from comment #1)
https://git.openldap.org/openldap/openldap/-/merge_requests/721
Data races were reported first in ITS#9920.
You noted libsodium in the MR. I would note that the argon2 module supports both libsodium and libargon2. If it's possible, we probably want to support both of those here, too, so that people don't end up having to link against libsodium & libargon2 in slapd. At least for the argon2 module, libargon2 is better at this point in time in terms of the options available to it.
https://bugs.openldap.org/show_bug.cgi?id=9367
--- Comment #3 from Howard Chu hyc@openldap.org --- I noted libsodium because it's a complete crypto library. libargon2 is only a password hasher and as such is useless for database encryption.
Anyway it doesn't matter for the OpenLDAP build since it's only used in sample code, not an intrinsic part of LMDB or OpenLDAP.
https://bugs.openldap.org/show_bug.cgi?id=9367 Issue 9367 depends on issue 9920, which changed state.
Issue 9920 Summary: MDB_PAGE_FULL with master3 (encryption) because there is no room for the authentication data (MAC) https://bugs.openldap.org/show_bug.cgi?id=9920
What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |TEST
-
openldap-its@openldap.org