> -----Ursprüngliche Nachricht----- > Von: Terry Lambert [mailto:[EMAIL PROTECTED] > Gesendet: Mittwoch, 26. November 2003 13:34 > An: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Betreff: Re: getpwnam with md5 encrypted passwds > > "[EMAIL PROTECTED]" wrote: > > i am trying to validate a given user password against my local passwd- > file with > > this piece of code : > > > > if (!( pwd = getpwnam ( user ))) { > > log(ERROR,"User %s not known",user); > > stat=NOUSER; > > } > > if (!strcmp( crypt(pass,pwd->pw_name), pwd->pw_passwd) ) { > > log(DEBUG|MISC,"HURRAY : %s authenticated\n", user); > > stat = AUTHED; > > } > > I know you have the fix for the crypt of the wrong field, but the > proper thing to do is probably to use pan_authenticate() so that > you are insensitive to the athentication method being used, rather > than crypting and comparing it yourself. >
Looks interesting ... is this method also usable, when i dropped my privs ? cheers _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[EMAIL PROTECTED]"
