- Java generated password not working on LDIF file
I am trying a simple LDAP example using LDIF from here [LDIF example][1]. I was able to setup everything and run it correctly using the default user/pass.
However, I am trying to generate new users and I used the Java code below to generate passwords for "joe" but it doesn't seem to work :
import java.nio.charset.StandardCharsets;import java.security.MessageDigest;import java.security.NoSuchAlgorithmException;public String get_SHA_1_SecurePassword(String passwordToHash, String salt){String generatedPassword = null; try { MessageDigest md = MessageDigest.getInstance("SHA-1"); md.update(salt.getBytes(StandardCharsets.UTF_8)); byte[] bytes = md.digest(passwordToHash.getBytes(StandardCharsets.UTF_8)); StringBuilder sb = new StringBuilder(); for(int i=0; i< bytes.length ;i++){ sb.append(Integer.toString((bytes[i] & 0xff) + 0x100, 16).substring(1)); } generatedPassword = sb.toString(); } catch (NoSuchAlgorithmException e){ e.printStackTrace(); } return generatedPassword;}Code for checking password from the sample link above:
public void configure(AuthenticationManagerBuilder auth) throws Exception { auth .ldapAuthentication() .userDnPatterns("uid={0},ou=people") .groupSearchBase("ou=groups") .contextSource() .url("ldap://localhost:8389/dc=springframework,dc=org") .and() .passwordCompare() .passwordEncoder(new LdapShaPasswordEncoder()) .passwordAttribute("userPassword"); }Here is the LDIF file snippet with the passwords:
//working copy for ben from exampledn: uid=ben,ou=people,dc=springframework,dc=orgobjectclass: topobjectclass: personobjectclass: organizationalPersonobjectclass: inetOrgPersoncn: Ben Alexsn: Alexuid: benuserPassword: {SHA}60c6d277a8bd81de7fdde19201bf9c58a3df08f4//new user "joe"dn: uid=joe,ou=people,dc=springframework,dc=orgobjectclass: topobjectclass: personobjectclass: organizationalPersonobjectclass: inetOrgPersoncn: Joe Shsn: joeuid: joeuserPassword: {SHA}16a9a54ddf4259952e3c118c763138e83693d7fdThe password I used for joe is "joe" and I cant seem to get it accepted. Is the encryption different? I am using Windows by the way.
- php mysqli_connect: authentication method unknown to the client [caching_sha2_password]
I am using php
mysqli_connectfor login to a MySQL database (all on localhost)<?php//DEFINE ('DB_USER', 'user2');//DEFINE ('DB_PASSWORD', 'pass2');DEFINE ('DB_USER', 'user1');DEFINE ('DB_PASSWORD', 'pass1');DEFINE ('DB_HOST', '127.0.0.1');DEFINE ('DB_NAME', 'dbname');$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME);if(!$dbc){ die('error connecting to database'); }?>this is the mysql.user table:
MySQL Server ini File:
[mysqld]# The default authentication plugin to be used when connecting to the serverdefault_authentication_plugin=caching_sha2_password#default_authentication_plugin=mysql_native_passwordwith
caching_sha2_passwordin the MySQL Server ini file, it's not possible at all to login with user1 or user2;error: mysqli_connect(): The server requested authentication method unknown to the client [caching_sha2_password] in...
with
mysql_native_passwordin the MySQL Server ini file, it's possible to login with user1, but with user2, same error;how can I login using
caching_sha2_passwordon the mySql Server? - How can I Sign My Phonegap App Without Resetting the Security Signature?
I built and signed my android app made with phonegap, and I turned on App Signing from Google, but I'm not sure how to create updated apks without resetting the SHA signature. I am using phonegap/cordova not android studio and I signed using jarsigner so I would need to know how to do this through the Windows cmd prompt.
- How to build chrony with SHA hashes authentication?
I am trying to build chorny for an embedded linux system. I am able to compile, run and sync time currently. I can also enable authentication using MD5 and that works as well.
I can't figure out how to enable SHA hashes. Using it would be when build the package but there is no option in configure for that. Has anybody done this before?
Thanks
This is the output if i set the hash type in my chrony.keys file to SHA1:
root@gsdm:~# chronyd -d 2000-01-08T00:54:56Z chronyd version 2.2 starting (+CMDMON +NTP +REFCLOCK +RTC -PRIVDROP -SCFILTER -SECHASH +ASYNCDNS +IPV6 -DEBUG)2000-01-08T00:54:56Z Unknown hash function in key 122000-01-08T00:54:56Z Initial frequency 1.355 ppmWhen I run ./configure -h i get this:
`configure' configures this package to adapt to many kinds of systems.Usage: ./configure [OPTION]...Defaults for the options are specified in brackets.Configuration: -h, --help display this help and exitInstallation directories: --prefix=PREFIX install architecture-independent files in PREFIX [/usr/local] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX [PREFIX]By default, `make install' will install all the files in`/usr/local/bin', `/usr/local/lib' etc. You can specifyan installation prefix other than `/usr/local' using `--prefix',for instance `--prefix=/home/user'.For better control, use the options below. --disable-readline Disable line editing support --without-readline Don't use GNU readline even if it is available --without-editline Don't use editline even if it is available --readline-dir=DIR Specify parent of readline include and lib directories --readline-inc-dir=DIR Specify where readline include directory is --readline-lib-dir=DIR Specify where readline lib directory is --with-ncurses-library=DIR Specify where ncurses lib directory is --disable-sechash Disable support for hashes other than MD5 --without-nss Don't use NSS even if it is available --without-tomcrypt Don't use libtomcrypt even if it is available --disable-cmdmon Disable command and monitoring support --disable-ntp Disable NTP support --disable-refclock Disable reference clock support --disable-phc Disable PHC refclock driver --disable-pps Disable PPS refclock driver --disable-ipv6 Disable IPv6 support --disable-rtc Don't include RTC even on Linux --disable-privdrop Disable support for dropping root privileges --without-libcap Don't use libcap even if it is available --enable-scfilter Enable support for system call filtering --without-seccomp Don't use seccomp even if it is available --disable-asyncdns Disable asynchronous name resolving --disable-forcednsretry Don't retry on permanent DNS error --with-ntp-era=SECONDS Specify earliest assumed NTP time in seconds since 1970-01-01 [50*365 days ago] --with-user=USER Specify default chronyd user [root] --with-hwclockfile=PATH Specify default path to hwclock(8) adjtime file --with-sendmail=PATH Path to sendmail binary [/usr/lib/sendmail] --enable-debug Enable debugging supportFine tuning of the installation directories: --sysconfdir=DIR chrony.conf location [/etc] --bindir=DIR user executables [EPREFIX/bin] --sbindir=DIR system admin executables [EPREFIX/sbin] --datarootdir=DIR data root [PREFIX/share] --infodir=DIR info documentation [DATAROOTDIR/info] --mandir=DIR man documentation [DATAROOTDIR/man] --docdir=DIR documentation root [DATAROOTDIR/doc/chrony] --localstatedir=DIR modifiable single-machine data [/var] --chronysockdir=DIR location for chrony sockets [LOCALSTATEDIR/run/chrony] --chronyvardir=DIR location for chrony data [LOCALSTATEDIR/lib/chrony]Overriding system detection when cross-compiling: --host-system=OS Specify system name (uname -s) --host-release=REL Specify system release (uname -r) --host-machine=CPU Specify machine (uname -m)Some influential environment variables: CC C compiler command CFLAGS C compiler flags CPPFLAGS C preprocessor flags, e.g. -I<include dir> if you have headers in a nonstandard directory <include dir> LDFLAGS linker flags, e.g. -L<lib dir> if you have libraries in a nonstandard directory <lib dir>Use these variables to override the choices made by `configure' or to helpit to find libraries and programs with nonstandard names/locations. - How do I take the first 4 bytes of SHA256 in Rust?
How do I elegantly take first 4 bytes of SHA256 in Rust? Specifically from generic_array produced by:
sha2::Sha256::new().chain(b"blabla_93794926").result();(without using unsafe Rust)