Kevin Day wrote:
>> - Linux-PAM (set passwords to blowfish as pam seems to handle them)
>> password = abcd
>> 4) abcd = pass
>> 5) abcde = pass
Maybe this piece of code from modules/pam_unix/support.c:709?
/*
* Note, we are comparing the bigcrypt of the password with
* the contents of the password field. If the latter was
* encrypted with regular crypt (and not bigcrypt) it will
* have been truncated for storage relative to the output
* of bigcrypt here. As such we need to compare only the
* stored string with the subset of bigcrypt's result.
* Bug 521314: The strncmp comparison is for legacy support.
*/
if (strncmp(pp, salt, salt_len) == 0) {
retval = PAM_SUCCESS;
} else {
retval = PAM_AUTH_ERR;
}
Investigate what exactly strncmp() gets and see if it's the problem.
fprintf(stderr, "BUGTRACK: strncmp(\"%s\", \"%s\", %i)\n",
pp, salt, salt_len);
if (strncmp(pp, salt, salt_len) == 0) {
...
Good luck...
--
http://linuxfromscratch.org/mailman/listinfo/hlfs-dev
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
