<snip>
The way the samba port emulates passwd()/crypt() functionality against the
SYSUAF is wrong, you can't simply return a pointer to the VMS password
hash quadword as the passwd string. In traditional UNIX, the passwd()
function returns a pointer to a null-terminated encoding of the password
hash, the first 2 bytes of which are a 'salt' value. The crypt() function
takes the salt value and a candidate plain-text password to generate another encoded string for comparsion (using strcmp()) with the original encoded passwd string. The raw binary string returned by the emulation routines
can yield false positives if the hash has embedded zeros due to samba's
use of strcmp() for the comparison
I placed a pwd.c in http://www.er6.eng.ohio-state.edu/~jonesd/samba/pwd.zip that returns valid ASCIZ strings for the passwd and crypt functions. The string encodes an extended salt so you don't have to assume the crypt() call refers to the most recent data returned by passwd().
The FRONTPORT library used by the SAMBA 2.0.6 port does this correctly.
It does use the cached data from the last call to passwd() for the username information.
I did not think of encoding the extra information in the passwd() call. I will look at doing this.
The FRONTPORT library binaries, source and documentation can be found on the OpenVMS Freeware 5.0 CD-ROM.
The OpenVMS Freeware 5.0 CD-ROMs can be found on a link from the OpenVMS home page, http://www.openvms.compaq.com.
-John [EMAIL PROTECTED] Personal Opinion Only
PLEASE READ THIS IMPORTANT ETIQUETTE MESSAGE BEFORE POSTING:
http://www.catb.org/~esr/faqs/smart-questions.html
