Re: [MRBS-general] NIS auth
Brought to you by:
jberanek
From: John B. - M. D. <jbe...@us...> - 2009-03-31 20:24:32
|
John Beranek - MRBS Developer wrote: > Juan Grosso wrote: >> Hi everyone, >> I'm trying to use NIS login but it is not working. I have been doing >> some test with the code and I think the problem is when the crypt() >> function is called. I think the encryption is not the same. I'm using >> SUSE 10.2 and the passwd.byname has the passwords encrypted with >> blowfish as they starts with characters $2a$. >> The only modification I've done to the code is replace yp_match() by >> exec(ypmatch ...) because the PHP version installed (5.2.8) does not >> support that function. > >>From reading the crypt() documentation on php.net it appears that > auth_nis.inc has a faulty line. > > The line that reads: > > if ( $rs[1] == crypt ( $pass, substr ( $rs[1], 0, 2 ) ) ) > > should really be: > > if ( $rs[1] == crypt ( $pass, $rs[1] ) ) > > This should allow auth_nis.inc to support MD5/Blowfish or whatever your > system's crypt supports. I've now tested this fix on an openSUSE 11.1 server with a user that had a Blowfish encrypted password. (This was way more hassle than I expected, because I had to download the PHP 'yp' module from CVS, build and install it!). John. -- John Beranek To generalise is to be an idiot. http://redux.org.uk/ -- William Blake -- John Beranek - MRBS Developer <http://mrbs.sourceforge.net/> To generalise is to be an idiot. -- William Blake |