[Date Prev][Date Next] [Chronological] [Thread] [Top]

md5 BSD passwd was [crypt MD5 passwords: invalid credentials]



On Thu, 8 Mar 2001, Wil Cooley wrote:

wcoole> Thus spake Kurt D. Zeilenga:
wcoole>
wcoole> > I believe there was an OpenLDAP ITS filed and closed.  It's not really
wcoole> > an OpenLDAP issue.  We just use the crypt(3) the linker provides (based
wcoole> > upon user provided configuration information).  Other than avoiding
wcoole> > {crypt} passwords (which are not portable) as crypt(3) differs widely
wcoole> > from system to system, I suggest modifying OpenSSL not to provide
wcoole> > crypt(3) on systems which provide one themselves.
wcoole>
wcoole> I can see why you'd think that.  It looks like OpenSSL 0.9.6 supports MD5
wcoole> passwords now to; I see in the change log:
wcoole>
wcoole>  *) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
wcoole>      [Bodo Moeller]

	This is indeed true, openssl-0.9.6 can generate '$1$.....' passwd.
	I think the problem is when you have to use function crypt(3), the
salt where the 2 first chars, and now the salt is $1$.....$ (variable).

	Can you tell me where in openldap-2.0.7 is specific code to do
password crypt and compare, kurt? So if can figure out what's happening?

	Thanks in advance,

-- 
	Paulo Matos
 ----------------------------------- ----------------------------------
|Sys & Net Admin                    | Serviço de Informática           |
|Faculdade de Ciências e Tecnologia | Tel: +351-21-2941346             |
|Universidade Nova de Lisboa        | Fax: +351-21-2948548             |
|P-2825-114 Caparica                | e-Mail: pjsm@fct.unl.pt          |
 ----------------------------------- ----------------------------------