From: Yngve Svendsen <yngve.svendsen@clustra.com>
To: Milan Zamazal <pdm@zamazal.org>
Cc: gnats-devel@sources.redhat.com
Subject: Encrypted password patch
Date: Wed, 20 Jun 2001 15:24:00 -0000 [thread overview]
Message-ID: <5.1.0.14.2.20010621001542.00b41338@10.10.1.1> (raw)
The following patch against current version 4 CVS implements the following
password system:
- If the password in gnatsd.access is prefixed with $0$, the password is
assumed to be explicit plaintext.
- If it is prefixed with $1$, it is assumed to be in MD5 format.
- If it has no prefix, it is assumed to be in standard DES crypt format.
I have tested this both on Linux and Solaris, and it works just as expected.
I'll amend the manual tomorrow (I won't commit the changes to the manual
until the pending move of the manual in the directory tree is done) and
then write a Perl script to convert old password files.
Yngve Svendsen
Index: gnatsd.c
===================================================================
RCS file: /cvs/gnats/gnats/gnats/gnatsd.c,v
retrieving revision 1.41
diff -u -p -r1.41 gnatsd.c
--- gnatsd.c 2001/06/10 17:17:19 1.41
+++ gnatsd.c 2001/06/20 22:11:50
@@ -276,28 +276,18 @@ match (const char *line, const char *pat
static int
password_match (const char *password, const char *hash)
{
- /* TODO: document the facility in the manual */
-
if (! strncmp (hash, "$0$", 3))
{
/* explicit plain-text password */
return ! strcmp (password, hash+3);
}
- else if (! strncmp (hash, "$1$", 3))
+ else
{
- /* MD5 hash of the password */
-#ifdef HAVE_LIBCRYPT
+ /* DES or MD5 password. If crypt supports MD5, it uses MD5 when
+ the salt starts with $1$. If there's no prefix standard DES
+ is assumed */
char *encrypted = crypt (password, hash);
return encrypted && ! strcmp (encrypted, hash);
-#else
- /* TODO: log some warning */
- return FALSE;
-#endif
- }
- else
- {
- /* default password type is plain-text */
- return match (password, hash, TRUE);
}
}
next reply other threads:[~2001-06-20 15:24 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-06-20 15:24 Yngve Svendsen [this message]
2001-06-21 22:54 ` /etc/qnats-db.conf Margaret BRIERTON
2001-06-22 0:11 ` /etc/qnats-db.conf Yngve Svendsen
2001-06-24 11:26 ` Encrypted password patch Milan Zamazal
2001-06-24 11:34 ` Rick Macdonald
2001-06-24 12:06 ` Milan Zamazal
2001-06-24 12:33 ` Rick Macdonald
2001-06-24 15:19 ` Milan Zamazal
2001-06-24 15:05 ` Yngve Svendsen
2001-06-24 15:25 ` Milan Zamazal
2001-06-25 23:29 ` cgi_error Margaret BRIERTON
2001-06-26 1:06 ` cgi_error Yngve Svendsen
2001-06-26 6:13 ` Encrypted password patch Yngve Svendsen
2001-06-27 14:45 ` Milan Zamazal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5.1.0.14.2.20010621001542.00b41338@10.10.1.1 \
--to=yngve.svendsen@clustra.com \
--cc=gnats-devel@sources.redhat.com \
--cc=pdm@zamazal.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).