You know what?… That’s a good idea. I’m so used to rolling my own (since 2005-ish) that I just keep doing things the same way. We do have some custom schema files to add, but that shouldn’t be a problems. I’ll give the Symas or LTB packages a try.
Thanks, Scott
On Apr 5, 2023, at 11:30 AM, Quanah Gibson-Mount quanah@fast-mail.org wrote:
--On Wednesday, April 5, 2023 11:38 AM -0700 Scott Classen <sclassen@lbl.gov mailto:sclassen@lbl.gov> wrote:
Hello,
According to: servers/slapd/pwmods/README.argon2
Building
- Customize the OPENLDAP variable in Makefile to point to the OpenLDAP
source root.
For initial testing you might also want to edit DEFS to define SLAPD_ARGON2_DEBUG, which enables logging to stderr (don't leave this on in production, as it prints passwords in cleartext).
Run 'make' to produce argon2.so
Copy argon2.so somewhere permanent.
Edit your slapd.conf (eg. /etc/ldap/slapd.conf), and add:
moduleload ...path/to/argon2.so
- Restart slapd.
When I run make from within servers/slapd/pwmods/ I get the following error:
[user@machine openldap-2.6.4]# cd servers/slapd/pwmods/ [user@machine pwmods]# make make: *** No rule to make target 'dummyvalue', needed by 'all-common'. Stop.
I'm not sure what "dummyvalue" is supposed to be so I commented out line 288 in servers/slapd/pwmods/Makefile
You might want to consider using the already built packages from Symas or the LTB project rather than rolling your own, both have argon2 support.
https://ltb-project.org/download.html
However, the documentation you're reading is out of date, argon2 is just part of the normal build process now if you enable it with:
--enable-argon2
Perhaps file an ITS that that document needs updating, since it's incorrect.
--Quanah