Riccardo Bini wrote:
Alle 05:58, martedì 21 marzo 2006, Tom Collins ha scritto:
Actually, this patch is incorrect.  vadduser() takes the plaintext
password, regardless of whether CLEAR_PASS is defined.

The current code behaves as it should.

#define MAX_PW_PASS         40
#define MAX_PW_CLEAR_PASSWD 16

With CLEAR_PASS password limits is 16 and not 40. What is the difference from MAX_PW_PASS and MAX_PW_CLEAR_PASSWD?

Thank you.
Rick

Hi,


MAX_PW_PASS is the encrypted password
MAX_PW_CLEAR_PASSWD is the clear text password.

A 16 byte clear text password could become a 40 byte encrypted hash depending on the method used to encrypt it.

Regards,

Rick

Reply via email to