[Date Prev][Date Next]
Adding crypt(3) salt format (ITS#1202)
Full_Name: Jeff Costlow
OS: RH linux 6.2
Submission from: (NULL) (184.108.40.206)
See this thread:
But here's the gist of it anyway:
>Other than to use adaptive code (such as code which calls
>crypt_get_format(3) or like functions) [which is likely a rat
>hole], a single configuration option might resolve this.
> crypt-salt-format "%.2s"
> crypt-salt-format "%.8s" (default)
> crypt-salt-format "_abcd%.4s"
> crypt-salt-format "$1$%.8s"
>I suggest a quick hack initially. Add a static (local to file)
>variable to liblutil/passwd.c which holds a point to a format
>string (default to NULL) and then code to check if the generate
>crypt() password function. If NULL, do what we do today. Otherwise,
>generate a 16 character long, base64 salt string and snprintf it
>into the salt to be passed to crypt using the specified format. And
>an access function which sets the static variable.
>In slapd, hack config.c to have an directive which sets the
>format via an access function.
This patch is:
Copyright 2001, F5 Networks, Inc, All rights reserved.
This software is not subject to any license of F5 Networks.
This is free software; you can redistribute and use it
under the same terms as OpenLDAP itself.
(Note the license is different than the license with which I submitted the last
patch. The OpenLDAP project has permission to use the code without crediting F5