You are viewing a plain text version of this content. The canonical link for it is here.
Posted to bugs@apr.apache.org by bu...@apache.org on 2006/08/15 19:47:18 UTC
DO NOT REPLY [Bug 40256] New: - please don't use hpux getpass()
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40256>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40256
Summary: please don't use hpux getpass()
Product: APR
Version: 1.2.7
Platform: HP
OS/Version: HP-UX
Status: NEW
Severity: normal
Priority: P2
Component: APR
AssignedTo: bugs@apr.apache.org
ReportedBy: deckrider@gmail.com
On HP-UX B.11.23 ia64, apr 1.2.7 decides to use getpass(). This causes problems
when we use subversion, because our password system allows the password to be
longer than 8 characters. Thus, users with passwords longer than 8 cannot use
the subversion password prompt.
I've removed the check for getpass() in the configure script, forcing apr to use
its internal implementation, and this seems to work for us.
Of course, you will probably want to allow a better way of handling this that
what I've come up with.
This seems to be related to Bug 14701 which seems to be closed before Version
1.2.7 (but perhaps I'm not reading this right), which is why I opened this report.
Here is a quote from the hpux getpass() man:
getpass() reads up to a newline or EOF from the file /dev/tty, after
prompting on the standard error output with the null-terminated string
prompt and disabling echoing. A pointer is returned to a null-
terminated string of at most 8 characters.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 40256] - please don't use hpux getpass()
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40256>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40256
------- Additional Comments From jorton@redhat.com 2006-08-16 11:02 -------
Created an attachment (id=18719)
--> (http://issues.apache.org/bugzilla/attachment.cgi?id=18719&action=view)
don't use system getpass() if PASS_MAX is too small
It was fixed only really for Solaris which will use getpassphrase() instead; I
guess HP-UX doesn't have that. Does this patch work?
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 40256] - please don't use hpux getpass()
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40256>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40256
------- Additional Comments From rooneg@electricjellyfish.net 2006-08-17 22:43 -------
I believe the default for our internal implementation is 256, for what it's worth.
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 40256] - please don't use hpux getpass()
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40256>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40256
------- Additional Comments From deckrider@gmail.com 2006-08-17 22:37 -------
I guess my only other concern is what is the 'correct' max length that ought to
be supported?
We came upon this issue because we authenticate against an ldap server for
subversion. I'm guessing that a password to do this kind of bind/authentication
could easily be up to 128 characters (perhaps more), and if the password prompt
doesn't permit this, authentication fails.
A quick look at Solaris 10 shows a MAX_PASS of 256 [I suppose this is for
getpassphrase(), which is not available on HP-UX B.11.23 ia64].
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 40256] - please don't use hpux getpass()
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40256>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40256
------- Additional Comments From deckrider@gmail.com 2006-08-17 22:01 -------
Thanks for the clue Garrett ... it is here on HP-UX B.11.23 ia64:
/usr/include/limits.h:# define PASS_MAX 8
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 40256] - please don't use hpux getpass()
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40256>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40256
jorton@redhat.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
------- Additional Comments From jorton@redhat.com 2006-10-10 08:33 -------
Committed to trunk: http://svn.apache.org/viewvc?view=rev&rev=454774
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 40256] - please don't use hpux getpass()
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40256>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40256
------- Additional Comments From deckrider@gmail.com 2006-08-17 21:32 -------
The following returns nothing, so I'm mistified where PASS_MAX is set:
cd httpd-2.2.3
find . -type f | xargs grep PASS_MAX
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
DO NOT REPLY [Bug 40256] - please don't use hpux getpass()
Posted by bu...@apache.org.
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG�
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://issues.apache.org/bugzilla/show_bug.cgi?id=40256>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND�
INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40256
------- Additional Comments From rooneg@electricjellyfish.net 2006-08-17 21:39 -------
Is PASS_MAX supposed to be defined by some system header? Or does it just not
exist on hpux?
--
Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.