[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
gnats/342: Access denied when DES crypt() format passwords used in gnats
|
From: |
Andrew . Gray |
|
Subject: |
gnats/342: Access denied when DES crypt() format passwords used in gnats.access |
|
Date: |
Thu, 14 Feb 2002 17:29:17 -0500 |
>Number: 342
>Category: gnats
>Synopsis: Access denied when DES crypt() format passwords used in
>gnats.access
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: unassigned
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Feb 14 17:29:17 -0500 2002
>Originator: Andrew Gray
>Release: 3.999.1
>Organization:
>Environment:
Intel, Linux 2.4.2-1, RedHat 7.1 distribution, libcrypt 2.2.4
>Description:
When DES crypt() format passwords are used in the gnats.access file, access is
denied even when the correct password is given.
>How-To-Repeat:
Compile the attached crypt.c source file using:
gcc crypt.c -o crypt -lcrypt
Generate encrypt the password "sample":
./crypt sample
In my case the encrypted password was "dQADNeZKYriCU", the time-based salt will
change the result.
Edit the /usr/local/com/gnatsdb/gnats-adm/gnats.access file to include the
following line:
testuser:dQADNeZKYriCU:edit
Run the command:
query-pr -H localhost -v testuser -w sample 1
The output of the command is:
query-pr: access denied
The expected output is a summary of problem report 1.
>Fix:
Apply the following patch to gnatsd.c.
The documentation says that "passwords encrypted by crypt()" should have no
prefix, but the current code assumes that the default password format is plain
text. The patch changes the code so that passwords with no prefix are taken to
be encrypted by crypt().
Index: gnatsd.c
===================================================================
RCS file: /cvsroot/gnats/gnats/gnats/gnatsd.c,v
retrieving revision 1.45
diff -u -p -r1.45 gnatsd.c
--- gnatsd.c 23 Dec 2001 20:22:08 -0000 1.45
+++ gnatsd.c 14 Feb 2002 22:21:34 -0000
@@ -272,8 +272,14 @@ password_match (const char *password, co
}
else
{
- /* default password type is plain-text */
- return match (password, hash, TRUE);
+ /* default password type is DES crypt */
+#ifdef HAVE_LIBCRYPT
+ char *encrypted = crypt (password, hash);
+ return encrypted && ! strcmp (encrypted, hash);
+#else
+ /* TODO: log some warning */
+ return FALSE;
+#endif
}
}
>Unformatted:
----gnatsweb-attachment----
Content-Type: text/plain; name="crypt.c"
Content-Disposition: inline; filename="crypt.c"
/* $Id: crypt.c,v 1.2 2002/02/14 22:02:40 andrewg Exp $ */
/* Program to encrypt passwords using crypt function
* for use with GNATS.
* Compile with "gcc crypt.c -o crypt -lcrypt" on pindari
*/
#define _XOPEN_SOURCE
#include <stdio.h>
#include <unistd.h>
#include <sys/time.h>
main (int argc, char **argv)
{
char *result;
char salt[2];
struct timeval tv;
int i;
if (argc != 2 && argc != 3)
{
fprintf(stderr, "usage: %s password [ salt ]\n", argv[0]);
exit(2);
}
if (argc == 3)
result = crypt(argv[1], argv[2]);
else
{
if (gettimeofday(&tv, (struct timezone *)0))
{
perror("gettimeofday");
exit(2);
}
salt[0] = tv.tv_usec & 0x3F;
salt[1] = tv.tv_sec & 0x3F;
for (i = 0; i < 2; i++)
{
salt[i] += 46;
if (salt[i] > 57)
{
salt[i] += 7;
if (salt[i] > 90)
salt[i] += 6;
}
}
result = crypt(argv[1], salt);
}
printf("%s\n", result);
}
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- gnats/342: Access denied when DES crypt() format passwords used in gnats.access,
Andrew . Gray <=