Bug#1030716: openldap: password/sha2 produces incorrect SHA256

Andreas Hasenack andreas at canonical.com
Mon Feb 6 18:06:50 GMT 2023


I wasn't able to determine that. If the module didn't change since
ubuntu 22.04, then it's a bug/feature in the compiler, which did
change:

Last one that worked (of the stable releases of ubuntu):
 openldap | 2.4.49+dfsg-2ubuntu1.9       | focal-updates   | source

Here is when it started to fail:
 openldap | 2.5.11+dfsg-1~exp1ubuntu3    | jammy           | source
 openldap | 2.5.11+dfsg-1~exp1ubuntu3.1  | jammy-security  | source
 openldap | 2.5.13+dfsg-0ubuntu0.22.04.1 | jammy-updates   | source
 openldap | 2.5.13+dfsg-1ubuntu1         | kinetic         | source
 openldap | 2.6.3+dfsg-1~exp1ubuntu1     | lunar           | source
 openldap | 2.6.3+dfsg-1~exp1ubuntu2     | lunar-proposed  | source

gcc:
Working build of password/sha2:
 gcc | 4:9.3.0-1ubuntu2   | focal

Not working build of password/sha2:
 gcc | 4:11.2.0-1ubuntu1  | jammy
 gcc | 4:12.2.0-1ubuntu1  | kinetic
 gcc | 4:12.2.0-1ubuntu1  | lunar

PR up at https://salsa.debian.org/openldap-team/openldap/-/merge_requests/7
with the build flag change and a DEP8 test.

On Mon, Feb 6, 2023 at 3:00 PM Ryan Tandy <ryan at nardis.ca> wrote:
>
> Hi Andreas. Thanks for forwarding the bug.
>
> Were you able to determine whether this is a bug in the module or in the
> compiler? -fno-strict-aliasing sounds like more of a workaround, is that
> correct?
>
> Thanks
> Ryan



More information about the Pkg-openldap-devel mailing list