Look at this from the BSD/OS crypt() manual page:
The crypt function performs password encryption. It is derived from the
NBS Data Encryption Standard. Additional code has been added to deter
key search attempts. The first argument to crypt is a NUL-terminated
string (normally a password typed by a user). The second is a character
array, 9 bytes in length, consisting of an underscore (``_'') followed by
4 bytes of iteration count and 4 bytes of salt. Both the iteration count
and the salt are encoded with 6 bits per character, least significant
bits first. The values 0 to 63 are encoded by the characters ``./0-9A-
Za-z'', respectively.
...
For compatibility with historical versions of crypt(3), the setting may
consist of 2 bytes of salt, encoded as above, in which case an iteration
count of 25 is used, fewer perturbations of DES are available, at most 8
characters of key are used, and the returned value is a NUL-terminated
string 13 bytes in length.
It seems to say that the salt passed to crypt should be null-terminated, but
we call crypt from libpq as:
crypt_pwd = crypt(password, conn->salt);
and conn.salt is char[2]. Isn't this a problem?
--
Bruce Momjian | http://candle.pha.pa.us
[EMAIL PROTECTED] | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
---------------------------(end of broadcast)---------------------------
TIP 1: subscribe and unsubscribe commands go to [EMAIL PROTECTED]
