Date: Wed, 26 Nov 2003 04:33:42 -0800 From: Terry Lambert <tlambert2@mindspring.com> To: "sapdb@komadev.de" <kai@freshx.de> Cc: freebsd-hackers@freebsd.org Subject: Re: getpwnam with md5 encrypted passwds Message-ID: <3FC49DA6.54459AD6@mindspring.com> References: <1069810210.3fc40222e2bca@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
"sapdb@komadev.de" wrote:
> i am trying to validate a given user password against my local passwd-file with
> this piece of code :
>
> if (!( pwd = getpwnam ( user ))) {
> log(ERROR,"User %s not known",user);
> stat=NOUSER;
> }
> if (!strcmp( crypt(pass,pwd->pw_name), pwd->pw_passwd) ) {
> log(DEBUG|MISC,"HURRAY : %s authenticated\n", user);
> stat = AUTHED;
> }
I know you have the fix for the crypt of the wrong field, but the
proper thing to do is probably to use pan_authenticate() so that
you are insensitive to the athentication method being used, rather
than crypting and comparing it yourself.
-- Terry
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3FC49DA6.54459AD6>