[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Trouble with crypt(3) in pam module.


On Sun, Jun 6, 2010 at 3:19 PM, Anthony Iliopoulos <ailiop lsu edu> wrote:

On Sun, Jun 06, 2010 at 11:24:50AM +0200, Pedro Fortuny Ayuso wrote:
> Anthony,
> Yes, I did isolate the fault: it is the crypt() call for sure. Most probably
> it is the
> sshd thread context thing you mention (it is the only way I have tried to
> run it so far).
> As a matter of fact I tried to use also OpenSSL's BIOs and got another
> segfault when calling BIO_free() (all this in through sshd), which makes
> me think the thread context is the key to the problem.
> I shall try and use the crypt_r version. However, could you point me
> to some place where this thread context of sshd is explained? Is there a way

I don't believe there's any better explanation other than the source code,
see auth-pam.c in any openssh portable release tree.

> to replicate crypt() using OpenSSL?

There are several ways to replicate crypt() via OpenSSL, see
http://www.openssl.org/docs/crypto/des.html, I assume DES_fcrypt
is probably what you need.

> Thanks a lot,
> Pedro.

Hope that helps,


Well, it is nice to get this kind of help.

I have just checked the DES_  family's documentation and yes,

==DES_fcrypt: is a fast version of the Unix crypt(3) function.
==(...) This function is thread safe, unlike the normal crypt
(by the way, DES_crypt seems to do the trick as well)

About to read pam-auth.c in detail, but I guess my problems are solved
by now. I'll keep this thread posted anyway, for completeness.

Thanks a lot and all the best,


Pedro Fortuny Ayuso
Dpto de Matemáticas
Escuela Univ. de Ingeniería Técnica Industrial
Campus Universitario de Gijón (Viesques)
33203 Gijón (Asturias)

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]