getpwnam with md5 encrypted passwds

Terry Lambert tlambert2 at mindspring.com
Wed Nov 26 04:35:51 PST 2003


"sapdb at komadev.de" wrote:
> i am trying to validate a given user password against my local passwd-file with
> this piece of code :
> 
>         if (!( pwd = getpwnam ( user ))) {
>                 log(ERROR,"User %s not known",user);
>                 stat=NOUSER;
>         }
>         if (!strcmp( crypt(pass,pwd->pw_name), pwd->pw_passwd) ) {
>                 log(DEBUG|MISC,"HURRAY : %s authenticated\n", user);
>                 stat = AUTHED;
>                 }

I know you have the fix for the crypt of the wrong field, but the
proper thing to do is probably to use pan_authenticate() so that
you are insensitive to the athentication method being used, rather
than crypting and comparing it yourself.

-- Terry


More information about the freebsd-hackers mailing list