How to acknowledge a Password for a Daemon point of view ?
Kim Christian Madsen
kimcm at diku.dk
Mon Aug 27 09:06:08 AEST 1990
rickert at mp.cs.niu.edu (Neil Rickert) writes:
>In article <1990Aug25.025441.18302 at diku.dk> I wrote:
>>1) Read the encrypted password from the password file and store it in
>> a variable, store the user typed password in another variable and
>> use the function below:
>>
>> int authenticate(crypt_pw,typed_pw)
>> char *crypt_pw, *typed_pw;
>> {
>> char salt[2];
>> extern char *crypt();
>>
>> (void) strncpy(salt,crypt_pw,2);
>> return(strcmp(crypt_pw,crypt(typed_pw,salt)) == 0);
>> }
> What is wrong with skipping 'salt[2]' and the strncpy, and using:
> return(strcmp(crypt_pw,crypt(typed_pw,crypt_pw)) == 0);
Well, nothing is wrong with skipping the salt, except that I find your
solution confusing if you compare it with the manual entry for
crypt(3C) and the formal parameter declaration of crypt(). Granted, my
solution uses an extra function call, the strncpy(), and two extra
bytes on the stack, but if tight optimizing or conservation of stack
usage isn't called for I prefer to use more describing/understanable
code, instead of rigid optimized code. Incidently I think the most
terse code will result from:
return(!strcmp(crypt_pw,crypt(typed_pw,crypt_pw)));
As Always, Best Regards
Kim Chr. Madsen
kimcm at diku.dk
More information about the Comp.unix.wizards
mailing list