Bug#1030716: openldap: password/sha2 produces incorrect SHA256
Ryan Tandy
ryan at nardis.ca
Tue Feb 7 04:32:37 GMT 2023
Thanks for the patch and info.
One additional data point: openldap 2.5.13 in bullseye-backports (gcc
10.2.1-6) seems to be OK.
I looked briefly at the assembly with/without -fno-strict-aliasing and
noted a difference somewhere around sha2.c:609. It doesn't look
obviously wrong to me -- buffer is an array of uint8_t, which AFAIK
should be aliasing-safe...
The freeze is near and I don't have time for further investigation right
now, so for now I'm just uploading your patch (with the autopkgtest
marked superficial). Thanks a lot for providing the patch.
Thanks
Ryan
More information about the Pkg-openldap-devel
mailing list