From owner-freebsd-security Sun Mar 3 15:36:38 2002 Delivered-To: freebsd-security@freebsd.org Received: from starbug.ugh.net.au (starbug.ugh.net.au [203.31.238.37]) by hub.freebsd.org (Postfix) with ESMTP id A201437B405 for ; Sun, 3 Mar 2002 15:36:34 -0800 (PST) Received: by starbug.ugh.net.au (Postfix, from userid 1000) id 3765DA809; Mon, 4 Mar 2002 10:36:33 +1100 (EST) Received: from localhost (localhost [127.0.0.1]) by starbug.ugh.net.au (Postfix) with ESMTP id 35E075426 for ; Mon, 4 Mar 2002 10:36:33 +1100 (EST) Date: Mon, 4 Mar 2002 10:36:33 +1100 (EST) From: Andrew To: freebsd-security@freebsd.org Subject: DES differences between Solaris and FreeBSD Message-ID: <20020304102730.L1953-100000@starbug.ugh.net.au> X-WonK: *wibble* MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, I am trying to sync passwords between Solaris and FreeBSD 4.5. For most users it works fine but certain users get authentication failures under FreeBSD. The encrypted passwords are the same on both OSs but crypt returns different results. Is this a bug? Is Solaris using something other than straight DES (I'm not a Solaris person so I'm not sure where to look for that)? The code I used to test is appended below. I've tried from C as well just to make sure it wasn't a perl bug (not to mention the users can't check their mail via POP etc). Thanks, Andrew -- #!/usr/bin/perl ($login, $spass, $uid) = getpwnam($ARGV[0]); print('Password: '); $upass = ; chomp($upass); print('System: ', $spass, "\n"); print('User: ', crypt($upass, $spass), "\n"); if (crypt($upass, $spass) eq $spass) { print("yes\n"); } else { print("no\n"); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message