You are viewing a plain text version of this content. The canonical link for it is here.
Posted to modperl@perl.apache.org by Shannon Eric Peevey <sp...@unt.edu> on 2004/02/07 13:05:23 UTC
[Fwd: Re: Net-NIS-0.34 // Apache-AuthenNIS-0.11 - possible bug.]
-------- Original Message --------
Subject: Re: Net-NIS-0.34 // Apache-AuthenNIS-0.11 - possible bug.
Date: Wed, 04 Feb 2004 09:27:58 -0700
From: Ed Santiago <es...@pobox.com>
To: philip.ryan@web.de
CC: dep@media.mit.edu, speeves@unt.edu
References: <20...@mailgate5.cinetic.de>
Hmmm. I can't reproduce on my end, nor can I see any reason why
it would fail: Apache::AuthenNIS 1.11 [1] doesn't use $sent_pwd
in any context in which dollar-interpolation could take place,
and Net::NIS doesn't even know there's a dollar sign in there.
[1] http://search.cpan.org/src/SPEEVES/Apache-AuthenNIS-0.11/AuthenNIS.pm
I suspect that the encrypted password is not what it seems. Here
are some things to try:
* For a given user 'joebob', can you run 'ypmatch joebob passwd'
and see the encrypted passwd entry in field 2? To make sure,
here's a way to check: ypmatch joebob passwd|cut -d: -f2
* Is the encrypted password exactly 13 characters? Pipe the
above command through "wc -c", and make sure it returns 14
(13 + newline). If it's anything else, crypt() won't work.
You may have inadvertently set up MD5 passwords, or shadow
passwords, or (if you hand-edit passwd) perhaps inadvertently
gotten the passwd colon fields out of sequence.
* Are you sure the encrypted password is what it should be?
Try the following, replacing $clear and $expect with your
own values of the cleartext & encrypted password respectively:
perl -e '$clear=q{joebob$0}; $expect=q{ZRiRSCe67JKpY}; $result=crypt($clear,$expect); printf "%s %s\n",$result, ($result eq $expect ? "ok" : "MISMATCH!")'
(just in case it needs to be mentioned: don't muck with the
quotes above - you don't want the shell to see the '$'s.)
* Who sets the password? Is it a human, or a script? If human,
can you try setting it again (to check for typos)? If a script,
perhaps there's dollar-interpolation happening somewhere before
the password is encrypted?
* Perhaps stupid question: there aren't any colons in the username,
are there? Just being thorough :-)
Best of luck,
^E
--
Ed Santiago Maintainer, Net::NIS esm@pobox.com
On Wed, 4 Feb 2004 16:54:07 +0100, philip.ryan@web.de wrote:
>Hello,
>
>I am using Apache::AuthenNIS for NIS authentification. I have found that it fails to authenticate a valid user (with a valid passwd) when the passwd contains the pattern: $0
>
>e.g. our standard user (default) passwd is user$99, user$00, ..., user$03, user$04 depending on what year the user is created.
>
>We are using:
>
>apache_1.3.28 / mod_perl-1.29 / Apache-AuthenNIS-0.11 / Net-NIS-0.34
>
>Can you help?
>
>Phil
>
>
>
--
Reporting bugs: http://perl.apache.org/bugs/
Mail list info: http://perl.apache.org/maillist/modperl.html
List etiquette: http://perl.apache.org/maillist/email-etiquette.html