id,summary,reporter,owner,description,type,status,priority,component,severity,resolution,keywords,cc,release
5485,LDAP Plugin not working with all SSHA variants,ian@ianbmacdonald.com,eblot,Our central LDAP is a Debian Lenny system running MDS (Mandriva Directory Server). In some cases SSHA passwords are not being accepted by Trac LDAP_ however they work correctly for all other applications authenticating to the LDAP.  Below are some SSHA examples for the password "password"_ some which work_ and the longer variants which fail. The issue is that all our passwords are set using the MDS admin tool_ which also sets Samba hashes for NT in the directory schema at the same time.  This longer_ possibly more secure SSHA variants below are compatible with all LDAP clients and applications except for Trac. \r\n\r\n\r\n'''Working Examples:'''[[BR]]\r\n\r\n{SSHA}ERdvT2vhmoUDOvovkgxZxTB/tbbxNVRh  (generated using slappasswd)[[BR]]\r\n{SSHA}/rmnnVkCVnGbOQx7H2uIrPdhz4FqHDSb  (generated using passwd via pam_ldap exop)[[BR]]\r\n\r\n\r\n'''\r\nNot Working Examples:'''[[BR]]\r\n\r\n{SSHA}zjR1uYpPNn7zdYalptR5qjs/Lrk1QnRYcU9CcW1zZ2l0TkdW  (generated in Luma LDAP browser)[[BR]]\r\n{SSHA}z8ye3oLGySzT90/h+wEDM5rpIyljeE5FbkUxY2thOGtjNVBlZXBDZA==  (generated in MDS Admin interface)[[BR]]\r\n\r\n,defect,closed,normal,LdapPlugin,major,duplicate,ldap ssha mds,,0.11