Re: [HACKERS] crypt password authentication does not work in cross platform env

At 8:42 AM 98.6.24 +0100, Peter Mount wrote:
>On Wed, 24 Jun 1998 t-ishii@sra.co.jp wrote:
>
>> I'm living in outside US and am running the export version of FreeBSD
>> coming without DES. Problem is that if I enable the crypt password
>> authentication, the FE on any platform other than FreeBSD will not
>> talk to the BE on the FreeBSD box (Of course FreeBSD can talk to
>> FreeBSD). The export version of FreeBSD's crypt() is implemented using
>> MD5, and it does not compatible with the traditional crypt(). This is
>> the source of the problem, I guess. I have looked into backend/libpq
>> and interfaces/libpq, but I couldn't find any portable solution for
>> that so far.
>
>I thought there was only one implementation of crypt()?
>
>When I added crypt support into the JDBC driver, I used an existing java
>implementation as a baseline.
>
>Now this works for postgres running on Linux() (& java running on Linux &
>Win95), but I haven't heared of a problem with it on other Unixes.

Linux's crypt() is fine. Only FreeBSD has that problem (I'm not sure
about other BSDish boxes, though). Anyway, I will check the JDBC driver with
crypt authentication enabled next week (sorry, I'm too busy on the
"real world" work this week:-)

>> As far as I know, there are at least 2 workarounds:
>>
>> 1. install "des" package
>>    (ftp://ftp.internat.freebsd.org/pub/FreeBSD/2.2.6-RELEASE/des/)
>>
>> 2. link the BE with libcrypt.a coming with SSLeay
>>    (see http://www.psy.uq.oz.au/~ftp/Crypto/ for more info about SSLeay)
>>
>> Should we document these in somewhere?
>
>How accessible is the source, and is it in C?

Sure, they are free and are written in C.

>I'm asking this, because we would have to convert it into Java for the
>JDBC driver, and I know the ODBC guys would have to convert it as they
>don't use libpq either.

Does the Java crypt class call native crypt lib? or is that written in
100% pure Java?
--
Tatsuo Ishii
t-ishii@sra.co.jp