Because of my looking at my DB layout just now to check the UPGRADE
script, I just realized that there's another field that should probably be
changed: pw_clear_passwd is only 16 characters long, and while that's more
than sufficient for crypt (only the first 8 are significant anyway), it's
insufficient for MD5.  After digging the code, there's 2 places that this
would need to change: 1) MAX_PW_CLEAR_PASSWD is currently set to 16,
meaning that attmpts to set a larger password fail.  2) The column
pw_clear_passwd is CHAR(16), so larger passwords won't fit.  vgetpasswd()
uses 128 character buffers, so we should be able to increase the clear
password field to at least 64 without a problem.  I'm not sure it really
needs to go beyond 32, but I actually have been know to use passwords
larger than 16 characters...

Just a thought - feel free to overrule me on this one :)


Joshua Megerman
SJGames MIB #5273 - OGRE AI Testing Division
You can't win; You can't break even; You can't even quit the game.
  - Layman's translation of the Laws of Thermodynamics

Reply via email to