[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Fwd: MD5 passwords]



Savochkin Andrey Vladimirovich wrote:
> that MD5 calculation code compiles with pam_pwdb module in a wrong way.
> The result is that hashes calculated big-endian systems are different from
> expected.
> 
> Last weekend I tried to solve the problem but it appeared to be not so easy as
> it might.  In my experiments pam_pwdb module with the correct MD5 routines
> failed too because the dynamic linker resolved references to another instance
> of MD5 routines in libpwdb.  Version of libpwdb which I used
> compiled MD5 code in a wrong way too :-(

Are you saying that

 1. on bigendian systems the md5 sources in pam_pwdb compiles
incorrectly
 2. pam_pwdb calls to md5 functions get linked with broken md5 code in
libpwdb
 3. both 1 and 2
 4. something else

Q. if 2 is part of the problem is this glibc (linker) specific?

> So we need to fix Makefiles both in pam_pwdb and libpwdb and implement a
> backward compatibility hack somewhere.

Yes, this seems like the right thing to do.

> Some time ago I used MD5 code in a PAM client agent (was in libpam_client)
> with the necessary endianess checks.  But as far as I remember the checks
> weren't cross-compile safe.

Anyone want to work out a patch?

Thanks

Andrew



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []