[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[screen-devel] [bug #32875] password login fail if the hashed password h
From: |
Sherif Nagy |
Subject: |
[screen-devel] [bug #32875] password login fail if the hashed password has more than 1 . or / |
Date: |
Tue, 22 Mar 2011 08:39:14 +0000 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110308 Fedora/3.6.15-1.fc14 Firefox/3.6.15 |
URL:
<http://savannah.gnu.org/bugs/?32875>
Summary: password login fail if the hashed password has more
than 1 . or /
Project: GNU Screen
Submitted by: sherif
Submitted on: Tue 22 Mar 2011 08:39:14 AM GMT
Category: None
Severity: 3 - Normal
Priority: 5 - Normal
Status: None
Privacy: Public
Assigned to: None
Open/Closed: Open
Discussion Lock: Any
Release: 4.0.3
Fixed Release: None
Planned Release: None
Work Required: None
_______________________________________________________
Details:
I used a simple python script to generate random salt for password encryption
using crypt python library, including password HASH in .screenrc sometime
works and some times don't, by observing the behaviour I find that if the hash
something like the follow:
$1$1F0JSWIG$8ehSYNV834hcaBM4KgJhG1 will not prompt for password
$1$YNMAB2D6$wYPhEaWGPM8zfi.HqySLL1 will give login failed
$1$H369GRQO$qKOS.WYJfmYza4qeHcIys/ will give login failed
$1$ISEZPQN4$6BpAWUkoTvBUH5FOmd8fr/ will work
NOTE: Password foobar
My guess is that the parsing for the password attribute uses delimiter "." or
"/" which in case 2 and 3 exits twice or once in the middle, so screen takes
half the hash "where the 1st delimiter found" and compare the input password,
in case 1 no delimiter found. Case 4 works perfectly
Thank You
Sherif
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/bugs/?32875>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [screen-devel] [bug #32875] password login fail if the hashed password has more than 1 . or /,
Sherif Nagy <=