[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: solaris 2.6 PAM: things to beware of



>>> Derrick J Brashear wrote
> Started doing some investigating. After a while I realized Solaris has
> Kerberos, so I removed /usr/lib/libkrb.so, but that wasn't it. Then I
> realized, hey, where's des? Not in libc. Not in a libdes.
> Today's trivia answer: libnsl. The SimplePamApps passwd wasn't linked against
> libnsl.

Another thing to be careful of is that libnsl has it's own undocumented
MD5 routines, using the standard names. These do _not_ interoperate
with code that expects the normal MD5 code, as included in the RFC. I
raised this with Sun, and was essentially told to change my code to use
different names... :/

(I mention this because there are many places where a PAM module would
use MD5, eg RADIUS. (we spent something like 4 days tracking this problem
down)).

Anthony



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []