From owner-freebsd-ports  Thu May  8 12:30:04 1997
Return-Path: <owner-ports>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id MAA14512
          for ports-outgoing; Thu, 8 May 1997 12:30:04 -0700 (PDT)
Received: (from gnats@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id MAA14499;
          Thu, 8 May 1997 12:30:02 -0700 (PDT)
Date: Thu, 8 May 1997 12:30:02 -0700 (PDT)
Message-Id: <199705081930.MAA14499@hub.freebsd.org>
To: freebsd-ports
Cc: 
From: Narvi <narvi@haldjas.folklore.ee>
Subject: Re: ports/3540: sudo package don't accept passwords longer then 8 characters
Reply-To: Narvi <narvi@haldjas.folklore.ee>
Sender: owner-ports@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

The following reply was made to PR ports/3540; it has been noted by GNATS.

From: Narvi <narvi@haldjas.folklore.ee>
To: vova@folco.lms.ru
Cc: freebsd-gnats-submit@FreeBSD.ORG, GNATS Management <gnats@FreeBSD.ORG>,
        freebsd-ports@hub.freebsd.org
Subject: Re: ports/3540: sudo package don't accept passwords longer then 8 characters
Date: Thu, 8 May 1997 22:33:01 +0300 (EEST)

 On Thu, 8 May 1997 vova@folco.lms.ru wrote:
 
 > 
 > >Number:         3540
 > >Category:       ports
 > >Synopsis:       sudo package don't accept passwords longer then 8 characters
 > >Confidential:   no
 > >Severity:       non-critical
 > >Priority:       low
 > >Responsible:    freebsd-ports
 > >State:          open
 > >Class:          sw-bug
 > >Submitter-Id:   current-users
 > >Arrival-Date:   Thu May  8 02:00:01 PDT 1997
 > >Last-Modified:
 > >Originator:     Vladimr B. Grebenschikov
 > >Organization:
 > PlugCom
 > >Release:        2.2-RELEASE
 > >Environment:
 > FreeBSD folco.lms.ru 2.2-RELEASE FreeBSD 2.2-RELEASE #0: Thu Mar 27 15:11:35 MSK 1997     vova@folco.lms.ru:/usr/src/sys/compile/Folco  i386
 > 
 > >Description:
 > I can't do sudo with password longer 8 chars
 > sudo v1.5.3
 > 
 > >How-To-Repeat:
 > setup your password longer 8 chars, include yourself to sudoers file
 > run sudo
 > 
 > >Fix:
 > I fix it very stupid:
 > 
 > --- ports/security/sudo/work/sudo.v1.5.3/compat.h~   Thu Nov 14 05:37:21 1996
 > +++ ports/security/sudo/work/sudo.v1.5.3/compat.h    Thu May  8 12:45:06 1997
 > @@ -104,7 +104,7 @@
 >  #        if (SHADOW_TYPE != SPW_NONE)
 >  #          define _PASSWD_LEN  24
 >  #        else
 > -#          define _PASSWD_LEN  8
 > +#          define _PASSWD_LEN  24
 
 Hey! you just increased the value to 24 but didn't solve the problem -
 sudo shouldn't care, how long passwd I have, but cope with it without an
 overflow. Think of all the people who use sentences for their passwords.
 
 	Sander
 
 >  #        endif /* SHADOW_TYPE != SPW_NONE */
 >  #      endif /* PASS_MAX */
 >  #    endif /* !_PASSWD_LEN */
 > 
 > 
 > >Audit-Trail:
 > >Unformatted:
 >