-------- Original Message -------- Subject: Re: Net-NIS-0.34 // Apache-AuthenNIS-0.11 - possible bug. Date: Wed, 04 Feb 2004 09:27:58 -0700 From: Ed Santiago <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] CC: [EMAIL PROTECTED], [EMAIL PROTECTED] References: <[EMAIL PROTECTED]>
Hmmm. I can't reproduce on my end, nor can I see any reason why it would fail: Apache::AuthenNIS 1.11 [1] doesn't use $sent_pwd in any context in which dollar-interpolation could take place, and Net::NIS doesn't even know there's a dollar sign in there.
[1] http://search.cpan.org/src/SPEEVES/Apache-AuthenNIS-0.11/AuthenNIS.pm
I suspect that the encrypted password is not what it seems. Here are some things to try:
* For a given user 'joebob', can you run 'ypmatch joebob passwd' and see the encrypted passwd entry in field 2? To make sure, here's a way to check: ypmatch joebob passwd|cut -d: -f2
* Is the encrypted password exactly 13 characters? Pipe the above command through "wc -c", and make sure it returns 14 (13 + newline). If it's anything else, crypt() won't work. You may have inadvertently set up MD5 passwords, or shadow passwords, or (if you hand-edit passwd) perhaps inadvertently gotten the passwd colon fields out of sequence.
* Are you sure the encrypted password is what it should be? Try the following, replacing $clear and $expect with your own values of the cleartext & encrypted password respectively:
perl -e '$clear=q{joebob$0}; $expect=q{ZRiRSCe67JKpY}; $result=crypt($clear,$expect); printf "%s %s\n",$result, ($result eq $expect ? "ok" : "MISMATCH!")'
(just in case it needs to be mentioned: don't muck with the quotes above - you don't want the shell to see the '$'s.)
* Who sets the password? Is it a human, or a script? If human, can you try setting it again (to check for typos)? If a script, perhaps there's dollar-interpolation happening somewhere before the password is encrypted?
* Perhaps stupid question: there aren't any colons in the username, are there? Just being thorough :-)
Best of luck, ^E -- Ed Santiago Maintainer, Net::NIS [EMAIL PROTECTED]
On Wed, 4 Feb 2004 16:54:07 +0100, [EMAIL PROTECTED] wrote:
>Hello, >
>I am using Apache::AuthenNIS for NIS authentification. I have found that it fails to authenticate a valid user (with a valid passwd) when the passwd contains the pattern: $0
>
>e.g. our standard user (default) passwd is user$99, user$00, ..., user$03, user$04 depending on what year the user is created. >
>We are using: >
>apache_1.3.28 / mod_perl-1.29 / Apache-AuthenNIS-0.11 / Net-NIS-0.34
>
>Can you help? >
>Phil >
>
>
-- Reporting bugs: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
