sulogin and MD5 pwds

[Soeren Sonnenburg]

> Hi all!
>
> For security reasons I've switched to MD5_CRYPT + shadow pwd's.
> login seems to work fine, but sulogin refused to recognize my
root-password
>  that is much longer than 8 chars.
>
> Thanks,
> Soeren.
>
> ----
> we usually get what we want.

Its me quoting myself.
I've had a look at sulogin.c and discovered that the max. pass-string-length
is about 15 characters.
Is there anyone to patch that ? (I guess MD5 allows max. 127 characters) so
the only thing to do would be setting these:

Original getpasswd function:

/*
 *      Ask for the password. Note that there is no
 *      default timeout as we normally skip this during boot.
 */
char *getpasswd()
{
        struct termios old, tty;
        static char pass[16];
        char *ret = pass;
        int i;

        printf("Give root password for maintenance\n");
        printf("(or type Control-D for normal startup): ");
        fflush(stdout);

        tcgetattr(0, &old);
        tcgetattr(0, &tty);
        tty.c_iflag &= ~(IUCLC|IXON|IXOFF|IXANY);
        tty.c_lflag &= ~(ECHO|ECHOE|ECHOK|ECHONL|TOSTOP);
        tcsetattr(0, TCSANOW, &tty);

        pass[15] = 0;
        if (timeout) alarm(timeout);
        if (read(0, pass, 15) <= 0)
                ret = NULL;
        else {
                for(i = 0; i < 15; i++)
                        if (pass[i] == '\r' || pass[i] == '\n') {
                                pass[i] = 0;
                                break;
                        }
        }
        alarm(0);
        tcsetattr(0, TCSANOW, &old);
        printf("\n");

        return ret;
}

Changed should look like:

/*
 *      Ask for the password. Note that there is no
 *      default timeout as we normally skip this during boot.
 */
char *getpasswd()
{
        struct termios old, tty;
        static char pass[128];
        char *ret = pass;
        int i;

        printf("Give root password for maintenance\n");
        printf("(or type Control-D for normal startup): ");
        fflush(stdout);

        tcgetattr(0, &old);
        tcgetattr(0, &tty);
        tty.c_iflag &= ~(IUCLC|IXON|IXOFF|IXANY);
        tty.c_lflag &= ~(ECHO|ECHOE|ECHOK|ECHONL|TOSTOP);
        tcsetattr(0, TCSANOW, &tty);

        pass[127] = 0;
        if (timeout) alarm(timeout);
        if (read(0, pass, 127) <= 0)
                ret = NULL;
        else {
                for(i = 0; i < 127; i++)
                        if (pass[i] == '\r' || pass[i] == '\n') {
                                pass[i] = 0;
                                break;
                        }
        }
        alarm(0);
        tcsetattr(0, TCSANOW, &old);
        printf("\n");

        return ret;
}

I am not very sure wheter passwords with length=127 will work, maybe someone
will try.
Anyway it works for me now.

S.
----
Das Fluchen ist die Sprache, die alle Programmierer am besten verstehen.