Re: set-password extended operation encoding error

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Graham Barr <gb...@po...> wrote:
> On Tue, Jun 18, 2002 at 10:56:32AM -0400, Darryl C Price wrote:
>> 
>> Here is the hex dump of a ldappasswd request that succeeds:
>> 
>> 30 2c 02 01 02 77 27 80  17 31 2e 33 2e 36 2e 31   0,...w'..1.3.6.1  
>> 2e 34 2e 31 2e 34 32 30  33 2e 31 2e 31 31 2e 31   .4.1.4203.1.11.1  
>> 81 0c 30 0a 82 08 50 61  75 6c 30 30 30 35         ..0...Paul0005 
>> 
>> And here is one that fails from the extension method in Net::LDAP
>> 
>> 30 2D 02 01 02 77 28 80 17 31 2E 33 2E 36 2E 31 0-...w(..1.3.6.1
>> 2E 34 2E 31 2E 34 32 30 33 2E 31 2E 31 31 2E 31 .4.1.4203.1.11.1
>> 81 0D 30 0B 81 09 53 65 63 72 65 74 6D 64 35 __ ..0...Secretmd5
>> 
>> This does look like an encoding error to me.
> 
> You have used a different password in each case. In ldappasswd
> it has Paul0005 but in Net::LDAP it has Secretmd5

More than that: if you decode the PasswdModifyRequestValue in both you'll
spot that the first example (that succeeds) only sets the newPasswd field,
and the second example (that doesn't) only sets the oldPasswd field.

Cheers,

Chris