Bug 4074 - byte ordering problem with pam_pwd crypt_md5()
byte ordering problem with pam_pwd crypt_md5()
Status: CLOSED DUPLICATE of bug 3898
Product: Red Hat Linux
Classification: Retired
Component: pam (Show other bugs)
sparc Linux
medium Severity medium
: ---
: ---
Assigned To: Cristian Gafton
Depends On:
  Show dependency treegraph
Reported: 1999-07-16 10:19 EDT by Matthew Galgoci
Modified: 2008-05-01 11:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 1999-08-02 19:53:30 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Matthew Galgoci 1999-07-16 10:19:10 EDT
This bug was reported by Andrew V. Nikulin

I have the patch file saved in my home directory. The
tarball is called pam_patch.tgz --MJG

Andrew writes:

"I discovered a serious enough bug in pwdb and pam packages.

So, yesterday I've killed the entire day trying to
understand why sshd2 doesn't work correctly on my Ultra
SPARC box, but it works fine on Intel (both under RedHat
Linux 6.0). After a few sessions with ltrace, gdb and other
tools I've finally understood that a problem appears only
when MD5 hashes are enabled in pam_pwdb module.

Digging sources of pam_pwdb, pwdb and sshd2 I've got next
thing: pwdb and pam use their own routine crypt_md5() for
MD5 calculation, but sshd2 uses standart crypt() from GLIBC
for such purpose.

I wrote a short test program, which simply encrypts the
phrase "magic_word" with salt "$1$xx", calling GLIBC crypt()
and pam_pwdb crypt_md5(). After running this program on SUN
and Intel I've got the following results:


pam_pwdb crypt_md5():   $1$xx$ipOG9IJsAo23Ba44.YOUd1
GLIBC crypt():          $1$xx$ipOG9IJsAo23Ba44.YOUd1


pam_pwdb crypt_md5():   $1$xx$tcVZsr28tzKG890dmISsL/
GLIBC crypt():          $1$xx$ipOG9IJsAo23Ba44.YOUd1

My God! - pam_pwdb crypt_md5() makes different hashes
depending on hardware platform.

Finally, I've got that the problem lies in an incorrect
detection of a byte order for the
architecture. Please, look at
pam-0.66/modules/pam_pwdb/md5.c:22, here is an
attempt to understand the byte order by checking the
presence of HIGHFIRST definition.  I had simply replaced
that string with


and included an appropriate file endiand.h. Such changes I
had applied to pam-0.66/modules/pam_radius/md5.c and
pwdb-0.58/libpwdb/radius/md5.c too.  After rebuilding and
reinstalling packages everything works fine on both
Ultra SPARC and Intel."
Comment 1 Jeff Johnson 1999-07-16 11:49:59 EDT
Matt, can you reply to this message with tar ball attached? TIA
Comment 2 Jeff Johnson 1999-07-16 14:46:59 EDT
*** This bug has been marked as a duplicate of 3777 ***
Comment 3 Jeff Johnson 1999-07-16 14:47:59 EDT
Matt, can you reply to this message with tar ball attached? TIA
Comment 4 Kostas Georgiou 1999-07-22 09:44:59 EDT
BUG #3898 is a duplicate of the same problem, i think the severity of
this one is HIGH, imagine people with a few hundred md5 passwords in
Comment 5 Cristian Gafton 1999-08-02 19:53:59 EDT
*** This bug has been marked as a duplicate of 3898 ***

Note You need to log in before you can comment on or make changes to this bug.