On Fri, Mar 07, 2003 at 08:29:03PM -0600, Eric Estabrooks wrote:
> if you want to support md5passwords, which perl does if the system
> library does you want to change your salt generation and crypt to
> something more like this (the code snippet below also does a quick check
> to see if the system supports md5passwords or not).
>
> sub salt_gen {
> my $item = "";
> my $let =
> "abcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ.";
> for(my $i=0; $i < 8; $i++) {
> $item .= substr($let, rand(length($let)), 1);
> }
> return $item;
> }
>
> # check for md5 crypt support
> $random_thing = salt_gen();
> $var = '$1$'.$random_thing.'$';
> $check = crypt("bob", $var);
> if ($check eq "\$1Ai/bpypBusU") { # crypt doesn't support md5
> $var = $random_thing;
> }
> $crypt = crypt($ARGV[1], $var);
>
Eric:
Thanks for the heads-up. Manpage crypt(3) on my system says:
If the salt starts with $1$ an MD5 based password hashing algorithm
is applied. The salt should consist off $1$ followed with eight
characters.
It turns out my 2-character salt was causing crypt() to use the DES
crypt algo instead of MD5. I notice that ckpasswd works with
either--code changes are left as an exercise to the reader.
BTW, here's a more idiomatic salt generator:
my @a = (0..9,'A'..'Z','a'..'z',qw[. /]);
my $salt = join "", map $a[rand(@a)], 1..8; # or 1..2 for DES
--
trammell at el-swifto.com 9EC7 BC6D E688 A184 9F58 FD4C 2C12 CC14 8ABA 36F5
Twin Cities Linux Users Group (TCLUG) Minneapolis/St. Paul, Minnesota
_______________________________________________
Twin Cities Linux Users Group Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list