View Issue Details

IDProjectCategoryView StatusLast Update
0007695CentOS-7crypto-utilspublic2014-10-15 19:58
Reporternpk06 
PrioritynormalSeveritymajorReproducibilityalways
Status newResolutionopen 
PlatformCentos 7OS3.10.0-123.8.1.el7.x86_64OS Version
Product Version7.0-1406 
Target VersionFixed in Version 
Summary0007695: Crypt bug
DescriptionHello,

this has been occupying me for 3 days trying to identify the problem...

when trying to use crypt with a fixed salt starting with a $, crypt crashes with an error 22 invalid argument

I'm not sure wether it's a bug or a wanted behaviour, but it used to work on CentOS6 !

The problem is that we made a LDAP replica running CentOS7 and all our user's passwords have been encrypted with a fixed $1 salt (very bad idea indeed, but the engineer who made this is gone...), so when a client try to authenticate against this replica, authentication fails due to incorrect credentials.

Thx for reading
Steps To ReproduceMake a little perl or C script using crypt and a \$1 salt. Try the same on a CentOS6...
TagsNo tags attached.
abrt_hash
URL

Activities

avij

avij

2014-10-15 19:53

updater   ~0021156

Last edited: 2014-10-15 19:58

View 2 revisions

salt is a two-character string chosen from the set [a–zA–Z0–9./]. The dollar sign is not included in that set.

edit: You may be using glibc extensions to crypt, which do allow more than those characters. See http://man7.org/linux/man-pages/man3/crypt.3.html

Issue History

Date Modified Username Field Change
2014-10-14 17:03 npk06 New Issue
2014-10-15 19:53 avij Note Added: 0021156
2014-10-15 19:58 avij Note Edited: 0021156 View Revisions