Issue 10399

Summary: pw-pbkdf2.so iterations parameter checks for wrong argc
Product: OpenLDAP Reporter: Jonas Jelten <jj+openldap>
Component: contribAssignee: OpenLDAP project <bugs>
Status: UNCONFIRMED ---    
Severity: normal CC: jj+openldap
Priority: ---    
Version: unspecified   
Target Milestone: 2.6.11   
Hardware: All   
OS: All   
Attachments: patch fixing this bug

Description Jonas Jelten 2025-10-08 14:42:33 UTC 
f602563bf4a9512885c8e3488d03b3f812cf42d9 introduced a pw-pbkdf2.so argument for specifying the number of hashing rounds.

this contains a bug since the argc is 1 instead of 2 when passing one argument to the module - so the custom iterations are never considered (except when passing a first bogus argument and the iterations as second :)


Background: We're integrating the pbkdf2-iteration configuration patch in Ubuntu https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/2125685


I've also just created an account on your gitlab instance - would be great if it was approved :)
Comment 1 Jonas Jelten 2025-10-08 14:45:00 UTC 
Created attachment 1087 [details]
patch fixing this bug
Comment 2 Quanah Gibson-Mount 2025-10-14 15:36:00 UTC 
gitlab account approved, thanks!