Closed Meheni closed 4 years ago
Seems interresting.
The patch provides a complete module we could include in the next distribution.
The module needs one dependency: libargon2-dev
(debian) / libargon2-devel
(epel)
For future references:
ftp://ftp.openldap.org/incoming/simon-levermann-170126.patch
@Meheni : do you know if OpenLDAP community intends to include it in their future 2.5 release?
There's a reference to argon2 developement in OpenLDAPs ticket system http://www.openldap.org/its/index.cgi/?findid=8575, namely that they've also produced a version that uses libsodium instead of libargon2. See also https://github.com/mistotebe/openldap/tree/its8575-argon Currently it's a contrib module that would need to be built seperately.
Argon2 is now included by default in OpenLDAP 2.4.50. LTB package is including it into contrib-overlay package
Done in release https://github.com/ltb-project/openldap-deb/releases/tag/v2.4.50
Hi,
The Argon2 hash algorithm seems absent in OpenLDAP 2.5.
Thanks for any info.
In 2.5, Argon2 is included in OpenLDAP core. If you have some evidence it is absent, please provide them.
Today, security advise to use the Argon2 hashing algorithm. SH2 and PBKDF2 are become deprecated and I think Argon2 should be the reference.