From owner-freebsd-questions  Mon Sep 20  2:28:51 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from atlrel1.hp.com (atlrel1.hp.com [156.153.255.210])
	by hub.freebsd.org (Postfix) with ESMTP id 8DCBB14FB8
	for <freebsd-questions@FreeBSD.ORG>; Mon, 20 Sep 1999 02:28:26 -0700 (PDT)
	(envelope-from steveroo@mothra.bri.hp.com)
Received: from mothra.bri.hp.com (steveroo@mothra.bri.hp.com [15.144.1.185])
	by atlrel1.hp.com (8.8.6 (PHNE_17135)/8.8.5tis) with ESMTP id FAA21448
	for <freebsd-questions@FreeBSD.ORG>; Mon, 20 Sep 1999 05:27:44 -0400 (EDT)
Received: from localhost (steveroo@localhost) by mothra.bri.hp.com with ESMTP (8.8.6 (PHNE_17135)/8.7.1) id KAA07711; Mon, 20 Sep 1999 10:26:59 +0100 (BST)
Date: Mon, 20 Sep 1999 10:26:59 +0100 (BST)
From: Stephen Roome <steveroo@mothra.bri.hp.com>
To: Darryl Okahata <darrylo@sr.hp.com>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: FreeBSD NIS client with HPUX NIS server. 
In-Reply-To: <199909181518.IAA25812@mina.sr.hp.com>
Message-ID: <Pine.HPX.4.10.9909201024220.20279-100000@mothra.bri.hp.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Sat, 18 Sep 1999, Darryl Okahata wrote:
> Stephen Roome <steveroo@mothra.bri.hp.com> wrote:
> 
> > Anyway, HP-UX's idea of a password is something like this :
> > 
> >               vvvv--- expiration data.
> > AIUSFas/asdis,O/.M
> > ^^^^^^^^^^^^^---- password
> 
>      I do have a patch that allows the expiration data to be ignored
> (not translated/used, but ignored) when logging on to FreeBSD.  However, 
> the issues with my patch are:
> 
> * It's only purpose is to make logins work.  It doesn't handle password
>   expiration, etc., as the password expiration data is IGNORED.
> 
> * Other commands, like passwd, are still broken.  I thought about trying 
>   to fix passwd, but I'm not sure how yypasswdd will react when it tries 
>   to send a password without aging to the HP-UX NIS server.
> 
> * I've only fixed login(1) (well, the unix PAM module, to be specific).
> 
> * It might be better to fix getpwent.c and friends, instead of trying to 
>   fix the various modules/commands (login, passwd, etc.).
> 
> * My patch doesn't check for/handle MD5 passwords, which is one reason
>   why I haven't submitted it.


I'd be interested in giving this patch a go if you could send it, I can
probably manage not to use MD5 as well.

Also, after thinking about this for a while, (and I know this is possibly a
horrid idea!), but I was thinking of modifying the libcrypt so that it would
just ignore the expiration data at the end of the password field.

I just don't know what else this would break though!

	Steve



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message