Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 24 Sep 1997 18:25:42 -0600 (MDT)
From:      Brandon Gillespie <brandon@roguetrader.com>
To:        Terry Lambert <tlambert@primenet.com>
Cc:        freebsd-hackers@FreeBSD.ORG
Subject:   Re: crypt() returning an error...
Message-ID:  <Pine.BSF.3.96.970924181516.7506A-100000@roguetrader.com>
In-Reply-To: <199709242358.QAA29468@usr03.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, 24 Sep 1997, Terry Lambert wrote:
> > The man page on crypt() states that a NULL will be returned instead of a
> > pointer to a string, if an error occurred.  The MD5 crypt does not follow
> > this, however DES crypt does.  Furthermore, in the attempt to hunt out a
> > 'standard' for handling error codes, I have checked how other crypt()
> > implementations function.  OpenBSD for some unknown reason returns the
> > string:
> > 
> >       ":"
> > 
> > Where Digital Unix also returns a NULL, as does Unixware--however their
> > manual pages do not specify NULL as a valid return value.

Actually, I mislead you here..both of these crypt implementations will
always return a valid string--it simply may be zero-length if the salt is
bogus.. 

> Forget that; we want to know how you are making a straight MD5 hash
> cause an error in the first place...  8-) 8-).

Well, what should...

       crypt("", "$MD5$$")

return?

(er, make that $1$ with the current crypt)

> > With MD5 will actually return an encrypted value, with a zero-length salt.
> > After my changes, this will return a NULL instead.
> > 
> > Anybody forsee any problems with this?  I do not, but I figured I would
> > bring it up...
> 
> You should wrapper this; I don't know if "crypt" is enough of a wrapper.

hrm, wrapper for what purpose?  The code I have now crypt is actually
simply a wrapper for whichever algorithm is used.. it looks at the initial
token and calls another function specific to that algorithm, so all of the
following are valid results:

      $MD5$salt$passwd
      $SHS$salt$passwd
      $BLF$salt$XX$passwd

(des style results are also possible)

Some of the situations where an error should be raised is if somebody is
explicitly trying to use an algorithm that is recognized, but is not
enabled (such as using the Extended DES format).

-Brandon

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.970924181516.7506A-100000>