Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 28 Dec 2001 15:08:07 +0100
From:      "Roberto Ruffinengo" <r.ruffinengo@teoresi.it>
To:        freebsd-questions@FreeBSD.ORG
Subject:   crypted password length (crypt algorithm)
Message-ID:  <3C2C8AD7.25881.14F63B5@localhost>
next in thread | raw e-mail | index | archive | help 
Hi everybody,

I  am running a FreeBSD 4.3 box

and i think i have found something interesting.

On older version of FreeBSD I had a perl script to verify users login account 
that was working quite well.

I  moved it on my 4.3 release and it doesn't work at all.

In fact the perl crypt()  function generates a  crypted password  which is  13 
char long, while the password in /etc/master.passwd is  34 char long.

Here is the piece of code :

//first of all read from the user  $user and $pass 
(omissis)

//then  get the current crypted password
($encstring)=(getpwnam("$user"))[1];
$encpass=substr($encstring,2);

// take the salt
$salt=substr($encstring,0,2);

//crypt the password supplied by the user 
$newencpass = crypt ($pass,$salt);

 $encpass e $newencpass are never equal because crypt() will generate an 
encrypted password of 11 chars long ( + 2 chars for the salt) , while the 
$encpass will be of 32 char log ( +2 chars  for the salt)

I had already upgraded my perl release from 5.003 to 5.6.1 but the problem 
is the same.

I am sure this script is working well , and to be really sure I copied an entry 
from  /etc/master.passwd  using vipw from an old FreeBSD release and I 
pasted into my /etc/master.passwd file on my 4.3 box. Here everything is 
working well.


     

Any help will be really appreciated.



__________________________________________________________________________

Roberto Ruffinengo

Teoresi s.r.l.
Via Perugia, 24  -  10152 Torino (TO)
Tel. +39 (0)11 2408000
Fax. +39 (0)11 2408024
e-mail: r.ruffinengo@teoresi.it              URL: http://www.teoresi.it
__________________________________________________________________________


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C2C8AD7.25881.14F63B5>