View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0001024Rocky-Linux-8Generalpublic2022-11-21 18:542022-11-21 20:08
Reportersylvain guyot Assigned ToLouis Abel  
PrioritynormalSeveritymajorReproducibilityalways
Status acknowledgedResolutionopen 
Summary0001024: openldap rpm is not compiled with sha2 module as it is done in centos7 rpm
Descriptionopenldap rpm r8 (version 2.4.46) on rocky linux 8 is not compiled with sha2 module (as it is done in centos7 rpm)
https://git.rockylinux.org/staging/rpms/openldap/-/blob/r8/SPECS/openldap.spec

We are not able to hash password with SSHA512
The following command fails : slappasswd -h {SSHA512} -o module-path=/usr/lib64/openldap -o module-load=pw-sha2 -s password
Could you modify the rpm build of the version 2.4 (r8) to include the module pw-sha2 ?
Steps To ReproduceLaunch the command :
slappasswd -h {SSHA512} -o module-path=/usr/lib64/openldap -o module-load=pw-sha2 -s password
Additional InformationIn centos spec (https://git.centos.org/rpms/openldap/blob/c7/f/SPECS/openldap.spec) we have the following lines to compile the sha2 module :
# build sha2 with other overlays
ln -s ../../../contrib/slapd-modules/passwd/sha2/{sha2.{c,h},slapd-sha2.c} \
      servers/slapd/overlays
ls servers/slapd/overlays
mv contrib/slapd-modules/passwd/sha2/README{,.sha2}
TagsNo tags attached.

Activities

Louis Abel

Louis Abel

2022-11-21 20:08

administrator   ~0001156

Thank you for the report.

Unfortunately we avoid making changes like this to the packages that Red Hat releases to maintain compatibility with their product and packages. CentOS 7 was the same way. In your example, you can see pw-sha2 being patched in (and a reference to a private bug in the change log), so this was done by Red Hat (not by CentOS). In 8, this isn't the case. It also seems the Fedora OpenLDAP package doesn't have it patched in either. It's likely this is because Red Hat does not directly support nor maintain the openldap-servers package.

You may or may not get a response from red hat if you file a bug at bugzilla.redhat.com.

Issue History

Date Modified Username Field Change
2022-11-21 18:54 sylvain guyot New Issue
2022-11-21 20:08 Louis Abel Assigned To => Louis Abel
2022-11-21 20:08 Louis Abel Status new => acknowledged
2022-11-21 20:08 Louis Abel Note Added: 0001156