Date: Sun, 25 Feb 2001 00:07:47 +0900 (JST) From: sakukawa@bsdlab.net To: FreeBSD-gnats-submit@freebsd.org Subject: ports/25342: saint: user authentication fails in remote mode(-r) Message-ID: <200102241507.f1OF7lj84603@ns.bsdlab.net>
next in thread | raw e-mail | index | archive | help
>Number: 25342 >Category: ports >Synopsis: saint: user authentication fails in remote mode(-r) >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sat Feb 24 07:10:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: Tsuyoshi Sakukawa >Release: FreeBSD 3.5-RELEASE i386 >Organization: >Environment: FreeBSD ns.bsdlab.net 3.5-RELEASE FreeBSD 3.5-RELEASE #2: Sat Dec 23 20:25:23 JST 2000 jyotaro@ns.bsdlab.net:/usr/src/sys/compile/asuka i386 >Description: If saint uses in remote mode(-r option), user authentication(HTTP Basic Authentication) is always fail. >How-To-Repeat: 1. Install saint from ports.(ports/security/saint) 2. Run saint in remote mode. $PREFIX/saint/saint -r -h `allow host` 3. set "admin" and "saint" password. 4. Access to saint from remote machine. 5. User authentication is always fail though using above password. >Fix: --- html/auth/saint_auth_action.pl.orig Sat Feb 24 23:55:43 2001 +++ html/auth/saint_auth_action.pl Sat Feb 24 23:55:50 2001 @@ -15,7 +15,7 @@ if (/^$username:/) { $login_flag = 1; ($junk, $encr, $userid, $junk1) = split (/:/, $_, 4); - $salt = substr($encr, 0, 2); + $salt = substr($encr, 3, 4); if (crypt($password, $salt) eq $encr) { $authenticated{$peer} = $userid; $login_flag = 2; >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102241507.f1OF7lj84603>