Feature Request: Support Modern Password Hashes
dr-waterstorm opened this issue · 1 comments
I'd like to use your GUI in combination with a modern LDAP setup. I've enabled Argon2 and PBKDF2 but sadly neither can be used with the ldap-user-manager at the moment.
I've checked your hashing function in the code and it only seems to supports the old LDAP standards and some {CRYPT} functions.
It would be awesome if you could implement Argon2 and PBKDF2.
I do not have much experience in PHP, but you could probably use the PHP password_hash
function for the job.
For example:
password_hash('somepassword', PASSWORD_ARGON2ID, ['memory_cost' => 2048, 'time_cost' => 4, 'threads' => 3]);
looks just like the LDAP hash generated with the LDAP command:
slappasswd -o module-load=/usr/lib/openldap/argon2.la -h '{ARGON2}'
so I'd assume it should work.
Thank you!
I tried implementing PBKDF2 as well, but I could not get the generated hash to look like the one the LDAP generates, so I did not implement this. However, ARGON2 was implemented, so I'll close my issue.