New Login: need crypt
Eamonn McManus
em at dce.ie
Wed Apr 3 07:52:30 AEST 1991
I have cut down the crossposting and directed followups to
comp.unix.sysv386.
jpm at logixwi.uucp (Jan-Piet Mens @ Logix GmbH, Wiesbaden) writes:
>I am writing a new login which should have a few extras (any ideas ?) for
>an SCO UNIX 3.2.2 machine.
>Apart from the set_auth* stuff which I have found (omegod :-), there is a
>crypt(3) routine in the shared library libc_s that only returns 13
>characters of encrypted password.
>SCO UNIX though, allows (and has) passwords with more than 13 encrypted
>characterns in the security database /tcb/files/auth/?/*.
There is an undocumented routine called bigcrypt() which is called in
essentially the same way as crypt(). It produces the same result as
crypt() for short passwords (<= 8 plaintext characters); for longer
passwords it apparently crypts each block of eight characters separately
and concatenates the results. Here is a relevant excerpt from my
replacement SCO su:
...
#if SecureWare
#include <sys/security.h>
#include <prot.h>
#endif
...
char *pass, *crpass, *realpass;
#if SecureWare
struct pr_passwd *ugh;
int origumask;
#endif
...
origumask = umask(0); (void) umask(origumask);
set_auth_parameters(argc, argv);
/* OBNOXIOUS MISFEATURE: above call sets the umask to 077. If I want
the umask to be changed, I'll ASK for it to be changed. Grrr. */
(void) umask(origumask);
if ((ugh = getprpwnam(user)) == NULL)
crash("get protected password", user);
if ((pass = getpasswd("Password:", AUTH_MAX_PASSWD_LENGTH)) == NULL)
crash("getpasswd", user);
/* Use the undocumented bigcrypt() routine which crypts a password
in pieces if it is longer than 8 characters. */
if ((crpass = bigcrypt(pass, ugh->ufld.fd_encrypt)) == NULL)
crash("crypt", user);
/* I don't think crypt can fail, but may as well test. */
...
,
Eamonn
More information about the Comp.unix.sysv386
mailing list