Hello all,
I compiled pw-argon2 for OpenLDAP 2.4.44 (running on CentOS 7) and configured
the directory to use the {ARGON2} password scheme. Everything works fine, only
it seems the parallelism remains 1 whatever parameter I give when I load the
module. Memory usage and number of iterations do follow the values I give at
module load.
Here's cn=module,cn=config:
dn: cn=module{0},cn=config
objectClass: olcModuleList
cn: module{0}
olcModulePath: /usr/lib64/openldap
olcModuleLoad: {0}ppolicy
olcModuleLoad: {1}syncprov
olcModuleLoad: {2}accesslog
olcModuleLoad: {3}pw-argon2 m=4096 t=8 p=8
And here's (the beginning of) a password which has been changed using
ldappasswd (base64 decoded value obtained with ldapsearch):
{ARGON2}$argon2id$v=19$m=4096,t=8,p=1$7KxBUtls1NNPDK4Q4f+.......
What am I missing?
I don't know if this is relevant, libsodium version is 1.0.18 and I compiled
pw-argon2 using the libraries provided by openldap-2.4.44-21.el7_6.src.rpm. Let
me know if I need to provide other configuration elements.
Two more points:
- the pw-argon2 man page (and README file of the module) examples seem to be
obtained using argon2i, while the module uses argon2id;
- what salt length is used?
Thanks for your help, best regards,
Manuela
