On Tue, Jan 10, 2006 at 02:11:37PM -0500, Matthew Closson wrote:
> On Tue, 10 Jan 2006, Matthew Closson wrote:
>
> >Hello,
> >
> >I'm trying to get sockd (A SOCKS4/5 proxy from the
> >/usr/ports/security/dante port) working with BSD username/password
> >authentication. Currently it is saying userauthentication failed. I have
> >made sure it is not something simple like wrong password. Here is the
> >relevant info:
> After looking at the source a bit it seems that this is comparing the
> socks password to the encrypted hash in /etc/passwd using crypt() - DES.
> Obviously this won't work for OpenBSD being blowfish and using
> /etc/master.passwd. Does anyone have a patch already to make it use the
> proper facility and blowfish hash? If I don't get any replies I'll try to
> write one for it. Thanks,
I don't claim to know anything about sockd, but search the manpage of
crypt() for 'Blowfish' before trying anything too fancy. If you are
really sure that this is the problem, you'll most likely also want to
talk to the maintainer.
BTW, there appear to be a host of better-suited functions, that, for
example, will still work if the password is not hashed with Blowfish
(but with, say, MD5). Start your search with auth_userokay(3), and keep
following references until you are satisfied with both what the
functions will allow users to do, and what it will not.
Joachim
Joachim
