Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 112554 - openldap-2.2.28 has no {CLEARTEXT} password-hash
Summary: openldap-2.2.28 has no {CLEARTEXT} password-hash
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: Robin Johnson
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-11-14 14:18 UTC by Chandler Carruth
Modified: 2006-01-13 10:05 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
Patch posted to openldap mailing list. (openldap-2.2.28-cleartext_password-hash.patch,1.82 KB, patch)
2005-11-14 14:21 UTC, Chandler Carruth
Details | Diff
Updated ebuild to apply patch. (openldap-2.2.28-r2.ebuild,12.94 KB, text/plain)
2005-11-14 14:22 UTC, Chandler Carruth
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Chandler Carruth 2005-11-14 14:18:04 UTC
openldap-2.2.28 has no {CLEARTEXT} option for password-hash. This option is
necessary for some openldap/kerberos5 interactions. This is an acknowledged bug,
and was fixed in openldap-2.3.8, but the fix has not been backported officially
to  2.2.28. A patch providing the fix against 2.2.28 was posted to the openldap
mailing list.

Reproducible: Always
Steps to Reproduce:
1. emerge =net-nds/openldap-2.2.28
2. configure "/etc/openldap/slapd.conf" with "password-hash {CLEARTEXT}"
3. /etc/init.d/slapd start

Actual Results:  
The logger outputs something similar to this:

Nov 14 14:09:24 hermes slapd[25115]: @(#) $OpenLDAP: slapd 2.2.28 (Nov 14 2005
11:45:52) $  root@hermes:/root
Nov 14 14:09:24 hermes slapd[25115]: bdb_db_init: Initializing BDB database    
 Nov 14 14:09:24 hermes slapd[25115]: /etc/openldap/db.conf: line 28: password
scheme "{CLEARTEXT}" not available
Nov 14 14:09:24 hermes slapd[25115]: /etc/openldap/db.conf: line 28: no valid
hashes found
Nov 14 14:09:24 hermes slapd[25115]: slapd stopped.
Nov 14 14:09:24 hermes slapd[25115]: connections_destroy: nothing to destroy.

Expected Results:  
slapd should have successfully started.

Portage 2.0.53_rc7 (hardened/x86/2.6, gcc-3.4.4, glibc-2.3.6-r0, 2.6.13-hardened
i686)
=================================================================
System uname: 2.6.13-hardened i686 Intel(R) Xeon(TM) CPU 2.80GHz
Gentoo Base System version 1.12.0_pre10
dev-lang/python:     2.3.4-r1, 2.4.2
sys-apps/sandbox:    1.2.13
sys-devel/autoconf:  2.13, 2.59-r7
sys-devel/automake:  1.4_p6, 1.5, 1.6.3, 1.7.9-r1, 1.8.5-r3, 1.9.6-r1
sys-devel/binutils:  2.16.1
sys-devel/libtool:   1.5.20-r1
virtual/os-headers:  2.6.11-r2
ACCEPT_KEYWORDS="x86 ~x86"
AUTOCLEAN="yes"
CBUILD="i686-pc-linux-gnu"
CFLAGS="-march=pentium4 -O3 -fomit-frame-pointer -ftracer -fforce-addr -pipe"
CHOST="i686-pc-linux-gnu"
CONFIG_PROTECT="/etc /usr/kde/2/share/config /usr/kde/3/share/config
/usr/share/config /var/qmail/control"
CONFIG_PROTECT_MASK="/etc/gconf /etc/terminfo /etc/env.d"
CXXFLAGS="-march=pentium4 -O3 -fomit-frame-pointer -ftracer -fforce-addr -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="autoconfig ccache distcc distlocks sandbox sfperms strict"
GENTOO_MIRRORS="http://gentoo.mirrors.pair.com/"
MAKEOPTS=""
PKGDIR="/usr/portage//packages/x86/"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage/"
PORTDIR_OVERLAY="/usr/local/portage"
SYNC="rsync://rsync.namerica.gentoo.org/gentoo-portage"
USE="acpi apache2 berkdb crypt dlloader fam ftp gd gdbm gif hardened jpeg
kerberos ldap mx mysql ncurses nptl nptlonly pam perl pic png python readline
sqlite sse sse2 ssl tcpd truetype unicode usb utf8 vhosts x86 xml xml2 zlib
userland_GNU kernel_linux elibc_glibc"
Unset:  ASFLAGS, CTARGET, LANG, LC_ALL, LDFLAGS, LINGUAS
Comment 1 Chandler Carruth 2005-11-14 14:18:55 UTC
Including kerberos CC as requested by Seemant.
Comment 2 Chandler Carruth 2005-11-14 14:21:03 UTC
Created attachment 72903 [details, diff]
Patch posted to openldap mailing list.

This patch was posted as a backport of the fix in 2.3.8, I have editted it to
more cleanly be applied as with other patches for this package. I have tested
this and can verify that it compiles correctly, and runs correctly.
Comment 3 Chandler Carruth 2005-11-14 14:22:02 UTC
Created attachment 72904 [details]
Updated ebuild to apply patch.

This is an ebuild to apply the given patch.
Comment 4 Benjamin Smee (strerror) (RETIRED) gentoo-dev 2006-01-13 10:05:07 UTC
fixed in cvs