[Fedora-directory-devel] Please Review: (204626) Password syntax checking is performed also on hashed values
Nathan Kinder
nkinder at redhat.com
Fri Jan 16 16:31:55 UTC 2009
https://bugzilla.redhat.com/show_bug.cgi?id=204626
Resolves: bug 204626
Bug Description: The password syntax checking is still performed
against pre-hashed passwords. In addition, we are allowing anyone
to store pre-hashed passwords, which we should not do when syntax
checking is enabled since it allows one to override the syntax rules.
Reviewed by: ???
Files: see diff
Branch: HEAD
Fix Description: This patch simply checks if a password is pre-hashed in
the password syntax checking code. It will reject a pre-hashed password
if syntax checking is enabled, with the exception of replicated operations
and those initiated by the root DN. The non-rejected cases will not be
subject to syntax checking.
Platforms tested: F9
Flag Day: no
Doc impact: yes. A note about pre-hashed passwords not being allowed
when using password syntax checking needs to be added.
https://bugzilla.redhat.com/attachment.cgi?id=329221&action=diff
More information about the Fedora-directory-devel
mailing list