View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0007695||CentOS-7||crypto-utils||public||2014-10-14 17:03||2014-10-15 19:58|
|Platform||Centos 7||OS||3.10.0-123.8.1.el7.x86_64||OS Version|
|Target Version||Fixed in Version|
|Summary||0007695: Crypt bug|
this has been occupying me for 3 days trying to identify the problem...
when trying to use crypt with a fixed salt starting with a $, crypt crashes with an error 22 invalid argument
I'm not sure wether it's a bug or a wanted behaviour, but it used to work on CentOS6 !
The problem is that we made a LDAP replica running CentOS7 and all our user's passwords have been encrypted with a fixed $1 salt (very bad idea indeed, but the engineer who made this is gone...), so when a client try to authenticate against this replica, authentication fails due to incorrect credentials.
Thx for reading
|Steps To Reproduce||Make a little perl or C script using crypt and a \$1 salt. Try the same on a CentOS6...|
|Tags||No tags attached.|
salt is a two-character string chosen from the set [a–zA–Z0–9./]. The dollar sign is not included in that set.
edit: You may be using glibc extensions to crypt, which do allow more than those characters. See http://man7.org/linux/man-pages/man3/crypt.3.html