John Daily <[EMAIL PROTECTED]> writes:
> I've not mucked with MD5 passwords, but a google search led me to the
> Linux-PAM code. I'll keep poking around to see if I can find anything more
> explicit.
>
> It can be downloaded from:
> http://www.us.kernel.org/pub/linux/libs/pam/pre/library/Linux-PAM-0.66.tar.gz
> (or a closer mirror of kernel.org).
>
> In modules/pam_pwdb/md5_crypt.c you can see how that string is generated.
Thanks, I'll look into that. But right now I'm a little confused; at
first I suspected that md5 was supported only by PAM but not by libc,
and that's why the good old crypt()-based verification didn't work.
But reading the glibc documentation, plain crypt() *should* handle
md5, so I guess I'm doing something stupid. Perhaps I have to
NUL-terminate the salt argument after the $ that terminates the salt?
I currently pass the pw_passwd-field as salt, without any
modifications. That used to work, and it has the advantage that I
don't need to know about the internals of encrypted passwords: in
particular I don't need to know where the salt ends.
/Niels
