> > I used ldappasswd to create an md5 password in the userPassword field
>from
> > the cleartext word "secret":
> > userpassword={md5}WPa5t2Ahxs8Y0a3GSxLHpg==
> >
>This is not the coorect md5 base64 digest.
>Use the digest tool included with qmail-ldap.
Using the qmail-ldap digest tool to create the MD5, I was able to
successfully login.
>Try my posted Hash instead of the {md5}WPa5t2Ahxs8Y0a3GSxLHpg== one and it
>should work.
Where is your posted Hash?
> > If I cut/paste in the md5 password:
> > # /home/qmail/bin/qmail-popup localhost /home/qmail/bin/auth_pop pwd
> > +OK
> > user <user>
> > +OK
> > pass {md5}WPa5t2Ahxs8Y0a3GSxLHpg==
> > -ERR user record incorrect
> > check_ldap():password compare was not successful
> > check_ldap():authdata->s:{md5}WPa5t2Ahxs8Y0a3GSxLHpg==
> > check_ldap():extra[0].vals[0]->s:{md5}WPa5t2Ahxs8Y0a3GSxLHpg==
> >
>This MUST not work else you could enter your crypted password and get
>access. This is also why cleartext password storage is bad and disabled.
I was just experimenting since typing in the cleartext password had failed.
> > # python
> > Python 2.0 (#1, Apr 11 2001, 19:18:08)
> > [GCC 2.96 20000731 (Linux-Mandrake 8.0 2.96-0.48mdk)] on linux-i386
> > Type "copyright", "credits" or "license" for more information.
> > >>>import base64
> > >>>base64.decodestring('e01ENX1GNXJVWEd6aXk1ZlBFQ25pRWdSdWdRPT0=')
> > '{MD5}F5rUXGziy5fPECniEgRugQ=='
> > >>>
> >
>Funny, this hash is also incorrect, probably your script is bad.
This python example is directly copied from Eric's post. It was not intended
to show a match to my md5 hash. My point was that I didn't have the
"base64.decodestring" to type into python as ldappassword only showed the
final md5 output.
_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com
