I have an OpenLDAP user with SSHA password. I want to compare his SSHA encoded password with a password specified at php webform.
Unfortunately ldap_compare can only compare plain text passwords:
$check = ldap_compare($ldapconn, $dn, $ldap_password, $php_webform_password);
Is there any way to generate exactly the same SSHA password in PHP based on the plain text password to be able to compare the SSHA password in OpenLDAP ?
Or is there any secure way to compare it ?
I know the '{SSHA}' . base64_encode(pack('H*',sha1($php_webform_password))), but the salt is needed for encoding is random, so I can't generate the same with PHP.
Is there any solution for this ? I don't want to use plain text passwords in OpenLDAP as it is not secure.
Thank you for your help.