Date: 28 Jun 1998 02:42:08 +0900 From: Just Another Perl Hacker <japh@gol.com> To: FreeBSD-bugs@FreeBSD.ORG Subject: Re: bin/7090: crypt(3) partially returns raw password when salt isn't null-terminated Message-ID: <oiulmvj0v.fsf@mew.gol.ad.jp> In-Reply-To: Poul-Henning Kamp's message of "Sat, 27 Jun 1998 09:20:01 -0700 (PDT)" References: <199806271620.JAA29831@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Poul-Henning Kamp <phk@critter.freebsd.dk> writes: > The following reply was made to PR bin/7090; it has been noted by GNATS. > > From: Poul-Henning Kamp <phk@critter.freebsd.dk> > To: japh@gol.com > Cc: FreeBSD-gnats-submit@FreeBSD.ORG > Subject: Re: bin/7090: crypt(3) partially returns raw password when salt isn't null-terminated > Date: Sat, 27 Jun 1998 18:10:57 +0200 > > > MD5 based crypt(3) in libcrypt.{a,so.maj.min} as distributed > > by FreeBSD returns a portion of the password in the clear, > > when the salt isn't terminated by a null character. > > > > Example: > > > > crypt("abcdefgh","YX") returns <$1$YXabcdef$.tHXoLufzR8OYyH4BBghm1 > > ^^^^^^ > > This problem surfaces when an application that assumes a salt > > is an array of two characters with no trailing null character > > calls crypt(3). Such an example is xlock(1), with USE_XLOCKRC > > defined in the compilation. > > Then xlock doesn't use the crypt API correctly and should be fixed. It does. The conventional crypt(3) expects a salt to have the length of two characters, with no trailing null character. Refer to the manpages of other operating systems, e.g. BSD/OS, Linux, Sun. It is therefore FreeBSD's fault in not expecting non-terminated salts, while providing a compatible API with an incompatible behaviour which results the blatantly wrong output. You missed my point. For the note: I have just discovered that des_cipher(3) does indeed take a salt as a 4 byte integer, although the API isn't a replacement of crypt(3). -- Junichi Kurokawa <japh@gol.com> Global Online Japan Corporation, Tokyo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?oiulmvj0v.fsf>