- Jun 22, 2020
-
-
Quanah Gibson-Mount authored
-
- Jun 01, 2020
-
-
Quanah Gibson-Mount authored
-
- Apr 21, 2020
-
-
The defaults vary by crypto library and possibly even version, so it's not worth trying to keep them accurate.
-
-
-
-
* use 'crypto_pwhash_str_alg(..., crypto_pwhash_ALG_ARGON2ID13)' to set the algorithm to Argon2. According to libsodium's documentation, the original 'crypto_pwhash_str()' only guarantees a "memory-hard, CPU-intensive hash function", but not necessarily Argon2. Although in released versions of libsodium Argon2 is the only implemented backend, this may chane in the future. * multiply the 'memory' parameter by 1024 to align it with the libargon2 implementation. The objective is to have consistent configuration in OpenLDAP's pw-argon2 module no matter what backend implementation is used. Signed-off-by:Peter Marschall <peter@adpm.de>
-
Based on initial patch by Peter Marschall.
-
Add manual page slapd-pw-argon2.5 and make sure it gets installed. Signed-off-by: -
-
-
This change implements argon2, which won the Password Hashing Competition (https://password-hashing.net/) as a contrib-module in order to provide a modern password hashing alternative in openldap. The currently available password hashing algorithms are relatively old, and modern hardware, especially GPUs can compute quite a few (ranging from tens of thousands to millions) of hashes per second. Argon2 was designed to withstand such attacks. This implementation uses the default work factors used in the argon2 command line client, but the resulting hashes are stored in a way that would allow retroactive changes to these values, or even exposing them as configuration in the module.
-
- Feb 03, 2020
-
-
Quanah Gibson-Mount authored
Update config.guess and config.sub from official upstream project at https://savannah.gnu.org/projects/config/ Specifically in this case, commit 5256817ace8493502ec88501a19e4051c2e220b0 for the date Wed Jan 1 19:36:58 2020 +1100
-
- Jan 09, 2020
-
-
Quanah Gibson-Mount authored
-
- Jun 17, 2019
-
-
- Jan 14, 2019
-
-
Quanah Gibson-Mount authored
-
- Nov 08, 2018
-
-
- Mar 22, 2018
-
-
Quanah Gibson-Mount authored
-
- Oct 11, 2017
-
-
Quanah Gibson-Mount authored
-
- Mar 29, 2017
-
-
Quanah Gibson-Mount authored
-
- Jan 18, 2017
-
-
- Jan 03, 2017
-
-
Quanah Gibson-Mount authored
-
- Nov 29, 2016
-
-
OpenSSL removed old DES API which used des_* functions. https://github.com/openssl/openssl/commit/24956ca00f014a917fb181a8abc39b349f3f316f In order to link with libcrypto from recent OpenSSL releases, we need to replace the older API des_* functions by the newer API DES_* functions. Signed-off-by:
Emmanuel Dreyfus <manu@netbsd.org>
-
- Nov 04, 2016
-
-
- Oct 17, 2016
-
-
These were provided as part of the original ITS but not previously committed. Perl scripts to convert between Apache and OpenLDAP hash formats.
-
- Jan 29, 2016
-
-
Quanah Gibson-Mount authored
-
- Oct 29, 2015
-
-
- Sep 11, 2015
-
-
- Aug 31, 2015
-
-
Reserve #else for actual fallback cases.
-
OpenLDAP can be configured to be either built with OpenSSL or GnuTLS. This commit adds support for building pw-pbkbdf2 module without OpenSSL, by using PBKDF2 crypto primitives provided by libnettle. Closes hamano/openldap-pbkdf2#2 Signed-off-by:Luca Bruno <luca.bruno@rocket-internet.de>
-
Fixed asprintf return value check, in order to properly catch error conditions. This has been caught by clang -Wtautological-compare: pw-pbkdf2.c:132:17: warning: comparison of unsigned expression < 0 is always false if(msg->bv_len < 0){ ~~~~~~~~~~~ ^ ~ Signed-off-by:
-
- Jul 28, 2015
-
-
- Apr 17, 2015
-
-
-
This updates nssov for the protocol changes in nss-pam-ldapd commits 5f55781 and 6a74d8d. The protocol was changed to network byte order, uid_t and gid_t were changed to int32_t, and the READ_TYPE and WRITE_TYPE macros were removed. The PAM protocol was restructured to drop the DN field and to use a common basic set of fields for all requests.
-
-
- Mar 23, 2015
-
-
