directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sean Kelly (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (DIRSERVER-1734) ads-certificatePassword syntax far too restrictive for actual passwords
Date Sat, 07 Jul 2012 01:58:34 GMT

    [ https://issues.apache.org/jira/browse/DIRSERVER-1734?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13408534#comment-13408534
] 

Sean Kelly commented on DIRSERVER-1734:
---------------------------------------

Thanks for giving my issue a second chance.

I'm somewhat tempted to ask for karma on your project, but then again, the way of LDAP is
also the way of madness—or some say.

You have my sincere thanks and best wishes.
                
> ads-certificatePassword syntax far too restrictive for actual passwords
> -----------------------------------------------------------------------
>
>                 Key: DIRSERVER-1734
>                 URL: https://issues.apache.org/jira/browse/DIRSERVER-1734
>             Project: Directory ApacheDS
>          Issue Type: Bug
>          Components: core
>    Affects Versions: 2.0.0-M7
>         Environment: CP/M-86 Java 7 on PDP-11
>            Reporter: Sean Kelly
>            Assignee: Emmanuel Lecharny
>             Fix For: 2.0.0-RC1
>
>
> The password for my keystore happens to be "ec7!J>;;x".
> However, specifying that value in my config.ldif as {{ads-certificatePassword: ec7!J>;;x}}
results in a startup failure:
> {noformat}
> [18:08:12] WARN [org.apache.directory.shared.ldap.model.entry.DefaultEntry] - The attribute
'ads-certificatepassword' cannot be stored
> org.apache.directory.shared.ldap.model.exception.LdapOtherException: ERR_04447_CANNOT_NORMALIZE_VALUE
Cannot normalize the wrapped value ERR_04473_NOT_VALID_VALUE Not a valid value 'ec7!J>;;x'
for the AttributeType 'ATTRIBUTE_TYPE ( 1.3.6.1.4.1.18060.0.4.1.2.309
>  NAME 'ads-certificatePassword'
>  DESC The certificate passord
>  EQUALITY caseExactMatch
>  ORDERING caseExactOrderingMatch
>  SUBSTR caseExactSubstringsMatch
>  SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
>  SINGLE-VALUE
>  USAGE userApplications
>  )
> '
> 	at org.apache.directory.server.core.api.partition.AbstractPartition.initialize(AbstractPartition.java:77)
> 	at org.apache.directory.server.ApacheDsService.initConfigPartition(ApacheDsService.java:284)
> 	at org.apache.directory.server.ApacheDsService.start(ApacheDsService.java:166)
> 	at org.apache.directory.server.UberjarMain.main(UberjarMain.java:58)
> {noformat}
> Apparently the {{ads-certificatePassword}} property's syntax is 1.3.6.1.4.1.1466.115.121.1.44,
which, sadly, is far too restrictive for actual in-use passwords.
> I recommend changing the syntax to something a bit more permissive.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

       

Mime
View raw message