[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: md5 BSD passwd was [crypt MD5 passwords: invalid credentials]



On Wed, 28 Mar 2001, Paulo Matos wrote:

> wcoole> I can see why you'd think that.  It looks like OpenSSL 0.9.6 supports MD5
> wcoole> passwords now to; I see in the change log:
> wcoole>
> wcoole>  *) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
> wcoole>      [Bodo Moeller]
>
> 	This is indeed true, openssl-0.9.6 can generate '$1$.....' passwd.
> 	I think the problem is when you have to use function crypt(3), the
> salt where the 2 first chars, and now the salt is $1$.....$ (variable).

	I was wrong! It has an error on BSD-style MD5 passwd generation on
openssl-0.9.6! The explanation is bellow:

|
|[From openssl-users list]
|
|> Changes between 0.9.7 and 0.9.6 (from CVS)
|> *) Fix 'openssl passwd -1'.
|> [Bodo Moeller]
|>
|> Changes between 0.9.6 and 0.9.5a
|> *) Add BSD-style MD5-based passwords to 'openssl passwd' (option '-1').
|> [Bodo Moeller]
|>
|>       What was wrong?
|
|The version in OpenSSL 0.9.6 incorrectly assumed that the magic string
|was 4 bytes long (which is correct for the Apache variant ["apr1"],
|but not for the original scheme ["1"]).
|
|--
|Bodo Möller <moeller@cdc.informatik.tu-darmstadt.de>
|

	I tested 'openssl-0.9.6a-beta2' and the passwd is now working
correctly.

-- 
	Paulo Matos
 ----------------------------------- ----------------------------------
|Sys & Net Admin                    | Serviço de Informática           |
|Faculdade de Ciências e Tecnologia | Tel: +351-21-2941346             |
|Universidade Nova de Lisboa        | Fax: +351-21-2948548             |
|P-2825-114 Caparica                | e-Mail: pjsm@fct.unl.pt          |
 ----------------------------------- ----------------------------------