[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: cvs with xinetd
From: |
Peter Ajamian |
Subject: |
Re: cvs with xinetd |
Date: |
Sat, 05 May 2001 11:16:20 -0700 |
Larry Jones wrote:
>
> Then it would appear that RedHat and/or Linux in general implemented MD5
> passwords in a less than desirable fashion. What they should have done
> is enhance crypt(3) to do MD5 based on the first character(s) of the
> salt;
They did (see below).
> Presumably, they've patched all of those that come with the
> system, which was undoubtedly a whole lot more work than doing it right
> would have been.
There really is no way to implement MD5 into crypt without patching all
the apps anyways because of the differences between MD5 and DES, if you
tried to implement it transparently into crypt() you'd end up with buffer
overruns in apps that use a static buffer initialized to a length of 14
(13 characters in DES plus terminating NUL), hence you'd break a lot of
apps. Following is a few snippets from an info page I dug up on my
system...
File: libc.info, Node: crypt
<snip>
- Function: char * crypt (const char * KEY, const char * SALT)
<snip>
The SALT parameter does two things. Firstly, it selects which
algorithm is used, the MD5-based one or the DES-based one.
<snip>
For the MD5-based algorithm, the SALT should consist of the string
`$1$', followed by up to 8 characters, terminated by either
another `$' or the end of the string. The result of `crypt' will
be the SALT, followed by a `$' if the salt didn't end with one,
followed by 22 characters from the alphabet `./0-9A-Za-z', up to
34 characters total. Every character in the KEY is significant.
<snip>
Regards, Peter
- RE: cvs with xinetd, (continued)
- Re: cvs with xinetd, Larry Jones, 2001/05/03
- RE: cvs with xinetd, adam_montville, 2001/05/03
- Re: cvs with xinetd, Larry Jones, 2001/05/03
- RE: cvs with xinetd, Adam W. Montville, 2001/05/03
- Re: cvs with xinetd, Larry Jones, 2001/05/04
- Re: cvs with xinetd,
Peter Ajamian <=
- Re: cvs with xinetd, Larry Jones, 2001/05/05
- Re: cvs with xinetd, Peter Ajamian, 2001/05/05
- Re: cvs with xinetd, Peter Ajamian, 2001/05/05
- RE: cvs with xinetd, Gianni Mariani, 2001/05/06
RE: cvs with xinetd, USENBINZ, 2001/05/04