On Thu, Oct 19, 2000 at 10:57:56AM -0400, Joseph S D Yao wrote: > These "extensions" date back to the late 1970's and PWB Unix 1.0. They > relate to password aging. The passwords use regular crypt(). If your > getpw*() functions don't terminate at the comma, then you can either use > strncmp() or replace the commas with NULs in-line [but beware of any > other problems that may cause]. SunOS 4.x used to support this as well. It's really lame because the info that follows the comma is like a TTL and is validated against the local lastlog entry. I don't know much about Unix password hasing algorythms other than crypt(), so I can't say for sure, which is why you should make sure that there is no possibility of confusing crypt() passwords with, say, md5 hashed passwords. A decent heuristic for distinguishing crypt() passwords from others is to check the length of the string: 13 characters indicate it's crypt()ed. With this horrid password aging TTL scheme that heuristic is broken and so you'll have to work out a different heuristic or use none at all (i.e., try every hash algorythm supported). > It may be that there are other functions of which I'm unaware that > handle this transparently. I don't remember any such functions in SunOS. > -- > /*********************************************************************\ > ** > ** Joe Yao jsdy@tux.org - Joseph S. D. Yao > ** > \*********************************************************************/ Nico --
