[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pserver login fails on 9 char passwords
From: |
Derek Robert Price |
Subject: |
Re: pserver login fails on 9 char passwords |
Date: |
Mon, 29 Mar 2004 12:26:42 -0500 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark D. Baushke wrote:
> Mäkeläinen Juha <juha.makelainen@osuuspankki.fi> writes:
>
> >This problem was found when using cvs-1.11.11 server on HP-UX and
> >wincvs client.
> >
> >If user password is 9 chars long, the crypted password from client is
> >13 characters but password got from HP-UX secure password system is 24
> >characters. The server.c module can not handle that.
>
> The HP/UX passwords have been problems in the past. There was a hack
> that stuck a NUL byte at the first comma in the found_passwd because of
> extra glop that the HP/UX system added.
Actually, as near as I can tell, the CVS server has been dealing with
that problem, inserting the NUL at the comma, since 1.11.7. Why is
Mäkeläinen still experiencing a problem?
Not that that is really the correct fix - to quote the comment in server.c:
/* Allow for dain bramaged HPUX passwd aging
* - Basically, HPUX adds a comma and some data
* about whether the passwd has expired or not
* on the end of the passwd field.
* - This code replaces the ',' with '\0'.
*
* FIXME - our workaround is brain damaged too. I'm
* guessing that HPUX WANTED other systems to think the
* password was wrong so logins would fail if the
* system didn't handle expired passwds and the passwd
* might be expired. I think the way to go here
* is with PAM.
*/
Patches pensively perused,
Derek
- --
*8^)
Email: derek@ximbiot.com
Get CVS support at <http://ximbiot.com>!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Netscape - http://enigmail.mozdev.org
iD8DBQFAaFxRLD1OTBfyMaQRAuLlAKDee7Qzp6TGao1j8D4xLz0TnnqbhACg3U94
PIaFtw/9LoXfr66WblIpoVg=
=ruXt
-----END PGP SIGNATURE-----