Hello,
usually it should be possible to give a password like
{MD5}digest
to a userPassword attribute and openldap should be using it as an MD5 password hash. Instead, it is using it as a plain password. What is going wrong there?
Regards Marten
Marten Lehmann wrote:
Hello,
usually it should be possible to give a password like
{MD5}digest
to a userPassword attribute and openldap should be using it as an MD5 password hash. Instead, it is using it as a plain password. What is going wrong there?
Assuming the above is the verbatim value you're trying to use, I note that "digest" is not a valid MD5 value (see RFC 3112 and RFC 1321). Otherwise, what value is not being treated as expected? Can you post it?
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------
Hello,
Assuming the above is the verbatim value you're trying to use, I note that "digest" is not a valid MD5 value (see RFC 3112 and RFC 1321). Otherwise, what value is not being treated as expected? Can you post it?
the value I'm storing into the userPassword-attribut is
{MD5}$1$ime/LI2d$EAiFdaweZsL/TIlvBrDDw0
("testpw" as md5)
Authentication against the value fails. But maybe I'm looking at the wrong end?
Regards Marten
Marten Lehmann wrote:
Hello,
Assuming the above is the verbatim value you're trying to use, I note that "digest" is not a valid MD5 value (see RFC 3112 and RFC 1321). Otherwise, what value is not being treated as expected? Can you post it?
the value I'm storing into the userPassword-attribut is
{MD5}$1$ime/LI2d$EAiFdaweZsL/TIlvBrDDw0
("testpw" as md5)
Authentication against the value fails. But maybe I'm looking at the wrong end?
This doesn't look like a MD5 password; the value slapd expects is something like
slappasswd -h '{md5}' -s testpw {MD5}ju4+/d4ets9mOaWISDYr9A==
Your value looks much like some extension to crypt(3) that allows to use strong(er) encryption than usual crypt(3) by providing a specially crafted salt. In that case, assuming you compiled slapd with {CRYPT} support using the same crypt(3) that generated that hash you should be able to use that secret by using the {CRYPT} scheme instead of {MD5}. You need to realize, of course, that this data is not portable.
p. which is base64 encoded; the non-base64 string is expected to be 16 bytes long (128 bits).
p.
Ing. Pierangelo Masarati OpenLDAP Core Team
SysNet s.n.c. Via Dossi, 8 - 27100 Pavia - ITALIA http://www.sys-net.it ------------------------------------------ Office: +39.02.23998309 Mobile: +39.333.4963172 Email: pierangelo.masarati@sys-net.it ------------------------------------------
On Thu, Jan 04, 2007 at 09:55:25PM +0100, Pierangelo Masarati wrote:
| This doesn't look like a MD5 password; the value slapd expects is | something like | | slappasswd -h '{md5}' -s testpw | {MD5}ju4+/d4ets9mOaWISDYr9A== | | Your value looks much like some extension to crypt(3) that allows to use | strong(er) encryption than usual crypt(3) by providing a specially | crafted salt. In that case, assuming you compiled slapd with {CRYPT} | support using the same crypt(3) that generated that hash you should be | able to use that secret by using the {CRYPT} scheme instead of {MD5}. | You need to realize, of course, that this data is not portable.
That's a bit strong. The algorithm in question is the MD5Crypt algorithm, which originated in FreeBSD, and is now supported in FreeBSD, OpenBSD, Linux, Solaris, and Mac OS X, among others, presumably, as well as in Apache (though very slightly mutated in Apache, for no good reason). In addition, there are libraries available in lots of languages which implement this algorithm.
The MD5Crypt algorithm has a couple of nice properties which make it far stronger than simple MD5 usage.
First, it is salted, so as to resist dictionary attacks against leaked hash text.
Second, it incorporates 1000 rounds of md5 so as to try and increase the cpu requirements for a password match, again for the purpose of resisting attack against the hash text. This level of CPU intensity is hardly meaningful in current systems, but it is some small level of protection still.
A good discussion of secure password formats can be found at
http://www.openbsd.org/papers/bcrypt-paper.ps
for those interested.
It's a pity that OpenLDAP does not support MD5Crypt, but for the present purposes, it's probably more a pity that it is so easy for naive users to confuse MD5 hashing with MD5Crypt.
Jon
| p. | which is base64 encoded; the non-base64 string is expected to be 16 | bytes long (128 bits). | | p. | | Ing. Pierangelo Masarati | OpenLDAP Core Team | | SysNet s.n.c. | Via Dossi, 8 - 27100 Pavia - ITALIA | http://www.sys-net.it | ------------------------------------------ | Office: +39.02.23998309 | Mobile: +39.333.4963172 | Email: pierangelo.masarati@sys-net.it | ------------------------------------------
Jonathan Abbey wrote:
On Thu, Jan 04, 2007 at 09:55:25PM +0100, Pierangelo Masarati wrote:
| This doesn't look like a MD5 password; the value slapd expects is | something like | | slappasswd -h '{md5}' -s testpw | {MD5}ju4+/d4ets9mOaWISDYr9A== | | Your value looks much like some extension to crypt(3) that allows to use | strong(er) encryption than usual crypt(3) by providing a specially | crafted salt. In that case, assuming you compiled slapd with {CRYPT} | support using the same crypt(3) that generated that hash you should be | able to use that secret by using the {CRYPT} scheme instead of {MD5}. | You need to realize, of course, that this data is not portable.
That's a bit strong. The algorithm in question is the MD5Crypt algorithm, which originated in FreeBSD, and is now supported in FreeBSD, OpenBSD, Linux, Solaris, and Mac OS X, among others, presumably, as well as in Apache (though very slightly mutated in Apache, for no good reason). In addition, there are libraries available in lots of languages which implement this algorithm.
The MD5Crypt algorithm has a couple of nice properties which make it far stronger than simple MD5 usage.
First, it is salted, so as to resist dictionary attacks against leaked hash text.
Second, it incorporates 1000 rounds of md5 so as to try and increase the cpu requirements for a password match, again for the purpose of resisting attack against the hash text. This level of CPU intensity is hardly meaningful in current systems, but it is some small level of protection still.
A good discussion of secure password formats can be found at
http://www.openbsd.org/papers/bcrypt-paper.ps
for those interested.
It's a pity that OpenLDAP does not support MD5Crypt, but for the present purposes, it's probably more a pity that it is so easy for naive users to confuse MD5 hashing with MD5Crypt.
OpenLDAP contains no cryptography code itself. If your native system's C library has a crypt() function that supports MD5Crypt, then configuring OpenLDAP with --enable-crypt will support it. Or, if you explicitly provide some other library that supplies the proper crypt() function, we'll use it. As far as we're concerned, "crypt" means "whatever your crypt() function does," it does not necessarily mean the original Unix 56 bit DES crypt.
Agreed, it's a shame that people don't understand the difference between "MD5" and "crypt based on MD5."
Jonathan Abbey wrote:
On Thu, Jan 04, 2007 at 09:55:25PM +0100, Pierangelo Masarati wrote:
| This doesn't look like a MD5 password; the value slapd expects is | something like | | slappasswd -h '{md5}' -s testpw | {MD5}ju4+/d4ets9mOaWISDYr9A== | | Your value looks much like some extension to crypt(3) that allows to use | strong(er) encryption than usual crypt(3) by providing a specially | crafted salt. In that case, assuming you compiled slapd with {CRYPT} | support using the same crypt(3) that generated that hash you should be | able to use that secret by using the {CRYPT} scheme instead of {MD5}. | You need to realize, of course, that this data is not portable.
That's a bit strong. The algorithm in question is the MD5Crypt algorithm, which originated in FreeBSD, and is now supported in FreeBSD, OpenBSD, Linux, Solaris, and Mac OS X, among others, presumably, as well as in Apache (though very slightly mutated in Apache, for no good reason). In addition, there are libraries available in lots of languages which implement this algorithm.
The MD5Crypt algorithm has a couple of nice properties which make it far stronger than simple MD5 usage.
First, it is salted, so as to resist dictionary attacks against leaked hash text.
Second, it incorporates 1000 rounds of md5 so as to try and increase the cpu requirements for a password match, again for the purpose of resisting attack against the hash text. This level of CPU intensity is hardly meaningful in current systems, but it is some small level of protection still.
A good discussion of secure password formats can be found at
http://www.openbsd.org/papers/bcrypt-paper.ps
for those interested.
It's a pity that OpenLDAP does not support MD5Crypt, but for the present purposes, it's probably more a pity that it is so easy for naive users to confuse MD5 hashing with MD5Crypt.
OpenLDAP does support MD5Crypt. For that matter use {crypt} and define a different salt method in your slapd.conf (see password-crypt-salt-format in slapd.conf man page).
Linux and *nix systems that support MD5Crypt usually support and recognize both ciphers out-of-the-box since they are in fact different at plain sight. If using {crypt} you can in fact mix old crypt and md5crypt in your database. The salt method defined in slapd.conf is only used for LDAP password modify extended operations.
Hugo Monteiro.
Jon
| p. | which is base64 encoded; the non-base64 string is expected to be 16 | bytes long (128 bits). | | p. | | Ing. Pierangelo Masarati | OpenLDAP Core Team | | SysNet s.n.c. | Via Dossi, 8 - 27100 Pavia - ITALIA | http://www.sys-net.it | ------------------------------------------ | Office: +39.02.23998309 | Mobile: +39.333.4963172 | Email: pierangelo.masarati@sys-net.it | ------------------------------------------
Hello,
This doesn't look like a MD5 password; the value slapd expects is something like
slappasswd -h '{md5}' -s testpw {MD5}ju4+/d4ets9mOaWISDYr9A==
it indead was a md5 hash generated by the perl-mdoule Crypt::PasswdMD5. I'm now generating it with Digest::MD5 -> md5_base64 and appending the missing "==". Authentication works now.
Regards Marten
openldap-software@openldap.org
-
Howard Chu -
Hugo Monteiro -
Jonathan Abbey -
Marten Lehmann -
Pierangelo Masarati