crypt() isn't generating a valid md5/shadow password

To: Debian user mailing list <debian-user@lists.debian.org>
Subject: crypt() isn't generating a valid md5/shadow password
From: Peter Jay Salzman <p@belial.ucdavis.edu>
Date: Wed, 18 Oct 2000 16:48:16 -0700 (PDT)
Message-id: <Pine.LNX.4.21.0010181643130.4179-100000@satan>
Reply-to: Peter Jay Salzman <p@belial.ucdavis.edu>

sorry, but i'm trying to write some tools for beowulf administration.

consider the program:

	#include<stdio.h>
	#include<string.h>
	#include<crypt.h>

	int main(int argc, char **argv)
	{
		char password[50];
		char salt[50];

		if (argc != 3) {
			printf("Usage: encrypt salt password\n\n");
			exit(1);
		} else if (strlen(argv[1]) != 8) {
			printf("Usage: encrypt salt password\n");
			printf("The salt must have 8 characters.\n\n");
			exit(1);
		} else if (strlen(argv[2]) < 5 || strlen(argv[2]) > 10) {
			printf("Usage: encrypt salt password\n");
			printf("The password must be 5-10 characters.\n\n");
			exit(1);
		}

		strncpy(salt, "$1$", 3);
		strncat(salt, argv[1], 46);
		strncpy(password, crypt(argv[1], salt), 49);
		printf("%s\n", password);
		return(0);
	}

here's an example:

	# ./a.out 12345678 mypassword
	$1$12345678$f8QoJuo0DpBRfQSD0vglc1

this is suspicious to begin with.  the salt appears in the encrypted
password?    ok, whatever.   i put it in /etc/shadow and try to log in using
a password of "mypassword"

	$ su testuser
	Password:
	su: incorrect password

i typed in the password correctly.   i was hoping this would give me
something i could use for /etc/shadow to create a new user.

what's going on with the password?  why isn't it working?

pete

Reply to:

Follow-Ups:
- Re: crypt() isn't generating a valid md5/shadow password
  - From: Chris Gray <cgray@tribsoft.com>

Prev by Date: ricochet
Next by Date: Re: Two Completley unrelated questioins
Previous by thread: Re: ricochet
Next by thread: Re: crypt() isn't generating a valid md5/shadow password
Index(es):
- Date
- Thread