[LON-CAPA-dev] authentication

Guy Albertelli II lon-capa-dev@mail.lon-capa.org
Mon, 4 Apr 2005 19:36:26 -0400 (EDT)


Hi Mark,

> I just went to set someone to local authentication. We were still having 
> problems logging in as him. I found the password was being stored as clear 
> text in the passwd file.
> 
> What's the scoop? Have I broken something on this end or is this a bigtime 
> bug in 1.3.3?

I think it is likely to be something on your end.

lond around line 1737 ish has:

     if ($howpwd eq 'internal') {
         &Debug("internal auth");
	 my $salt=time;
	 $salt=substr($salt,6,2);
	 my $ncpass=crypt($npass,$salt);
	 if(&rewrite_password_file($udom, $uname, "internal:$ncpass")) {

Which looks good to me.

as does line 5474ish

   my $salt=time;
   $salt=substr($salt,6,2);
   my $ncpass=crypt($npass,$salt);
   {
       &Debug("Creating internal auth");
       my $pf = IO::File->new(">$passfilename");
       if($pf) {
	       print $pf "internal:$ncpass\n"; 


-- 
guy@albertelli.com  LON-CAPA Developer  0-7-2-9-