[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Encrypted password patch
From: |
Rick Macdonald |
Subject: |
Re: Encrypted password patch |
Date: |
Sun, 24 Jun 2001 12:34:43 -0600 (MDT) |
I haven't been following this thread very closely, but have a question.
If TkGnats is ever ported to GNATS v4, what does it need to support these
encrypted passwords? An externally compiled C program?
On 24 Jun 2001, Milan Zamazal wrote:
> >>>>> "YS" == Yngve Svendsen <address@hidden> writes:
>
> YS> The following patch against current version 4 CVS implements the
> YS> following password system:
>
> YS> - If the password in gnatsd.access is prefixed with $0$, the
> YS> password is assumed to be explicit plaintext. - If it is
> YS> prefixed with $1$, it is assumed to be in MD5 format. - If it
> YS> has no prefix, it is assumed to be in standard DES crypt format.
>
> YS> I have tested this both on Linux and Solaris, and it works just
> YS> as expected.
>
> Please note that patch breaks the compilation if the `crypt' function is
> not present. It should handle the situation reasonably, possibly by
> never matching passwords not starting with $0$; the code must be
> #ifdefed appropriately.
>
> YS> then write a Perl script to convert old password files.
>
> I wouldn't like to make GNATS installation dependent on Perl (despite
> this is only a small utility), so the script should be written in C or
> in sh using standard Unix tools (I'd think about awk, I think it's
> present on every Unix system).
>
> (If anything of the above is difficult for you, no problem -- just
> define the behavior and I'll do it.)
>
> Regards,
>
> Milan Zamazal
>
> --
> Free software is about freedom, not about free beer. If you care only about
> the latter, you'll end up with no freedom and no free beer.
>
...RickM...
Re: Encrypted password patch, Yngve Svendsen, 2001/06/26