Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenLDAP containers have password hashing modules outside normal library directory, leading to inability to use modern hashing #63605

Closed
denefoster opened this issue Mar 6, 2024 · 4 comments
Closed

OpenLDAP containers have password hashing modules outside normal library directory, leading to inability to use modern hashing #63605

denefoster opened this issue Mar 6, 2024 · 4 comments
Assignees
@javsalgar
Labels
openldap solved stale 15 days without activity tech-issues The user has a technical issue about an application triage Triage is needed

Comments

@denefoster
Copy link

denefoster commented Mar 6, 2024
edited by carrodher
Loading

Name and Version

bitnami/openldap:2.6

What architecture are you using?

amd64

What steps will reproduce the bug?

Run container, attempt to enable pw-sha2 module:

dn: cn=module{0},cn=config
changetype: modify
add: olcModuleLoad
olcModuleLoad: pw-sha2

What is the expected behavior?

The module loads, and SSHA-256 and onwards is available for use

What do you see instead?

The module fails to load, meaning users are stuck with SSHA, which is a long deprecated and insecure hashing algorithm.

Additional information

the hashing libraries are in the image, in /opt/bitnami/openldap/libexec while all of the in-use library files live in /opt/bitnami/openldap/lib. Just need to copy the hashing libs into the same folder.
@denefoster denefoster added the tech-issues The user has a technical issue about an application label Mar 6, 2024
@github-actions github-actions bot added the triage Triage is needed label Mar 6, 2024
@carrodher
Copy link
Member

Thank you for bringing this issue to our attention. We appreciate your involvement! If you're interested in contributing a solution, we welcome you to create a pull request. The Bitnami team is excited to review your submission and offer feedback. You can find the contributing guidelines here.

Your contribution will greatly benefit the community. Feel free to reach out if you have any questions or need assistance.

@github-actions GitHub Actions
Copy link

This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback.

@github-actions github-actions bot added the stale 15 days without activity label Mar 22, 2024
@github-actions GitHub Actions
Copy link

Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary.

@bitnami-bot bitnami-bot closed this as not planned Won't fix, can't repro, duplicate, stale Mar 27, 2024
@mistial-dev
Copy link

@denefoster My pull request #70398 handles this in a different way that's a bit more compatible, and doesn't require the pw-sha2 module.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@javsalgar javsalgar

Labels
openldap solved stale 15 days without activity tech-issues The user has a technical issue about an application triage Triage is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@denefoster @javsalgar @bitnami-bot @carrodher @mistial-dev