Very Computer

Well, I finally made the jump from XFree86-2.1.1 to 3.1.2.
Got everything working, I think, except for xdm.
I was kind of surprised to find there wasn't a binary of xdm
included in the ELF distribution on tsx-11.  No big deal, I
thought.  I'll just go grab the sources and compile one myself.
Well, that went fine after I changed lib/X11/config/linux.cf
to indicate that I use shadow passwords.

Now xdm works - BUT HERE'S THE KICKER: it works as long as
the password length is 8 characters or less.  But I've compiled
my shadow stuff to support 'double-size' (up to 16 char.)
passwords.  This works fine at the text console, by the way.

Has anyone hacked up the xdm sources to support long passwords ?

Gary

[...]

Quote:>to indicate that I use shadow passwords.
>Now xdm works - BUT HERE'S THE KICKER: it works as long as
>the password length is 8 characters or less.  But I've compiled
>my shadow stuff to support 'double-size' (up to 16 char.)
>passwords.  This works fine at the text console, by the way.

There used to be two xdm binaries in most distributions - shadow and
non-shadow.
The only time I've seen this problem was a year or so ago with a
distribution that used shadow login utils (including long password
support) for non-shadow systems also.

Quote:>Has anyone hacked up the xdm sources to support long passwords ?

I did back then - not sure if I've still got the code around though -
but I dont see how it can solve the problem if you really are using
shadow passwords, because if you are then xdm shouldn't be able to get
the encrypted password at all (long or short) without extra shadow code.

ray

: [...]
: >to indicate that I use shadow passwords.
:
: >Now xdm works - BUT HERE'S THE KICKER: it works as long as
: >the password length is 8 characters or less.  But I've compiled
: >my shadow stuff to support 'double-size' (up to 16 char.)
: >passwords.  This works fine at the text console, by the way.
:
: There used to be two xdm binaries in most distributions - shadow and
: non-shadow.
: The only time I've seen this problem was a year or so ago with a
: distribution that used shadow login utils (including long password
: support) for non-shadow systems also.
:
: >Has anyone hacked up the xdm sources to support long passwords ?
:
: I did back then - not sure if I've still got the code around though -
: but I dont see how it can solve the problem if you really are using
: shadow passwords, because if you are then xdm shouldn't be able to get
: the encrypted password at all (long or short) without extra shadow code.
:
: ray

:

Hi Ray,
Thanks for the response.  Guess my original post was a little unclear. Sorry
about that.  I did finally solve the problem.  Here's basically what was
happening, and what I did.
I changed /usr/X11R6/lib/X11/config/linux.cf to indicate that my system uses
shadow passwords.  I grabbed the R6 xdm sources, did xmkmf -a to remake the
Makefile, and recompiled.  That xdm then recognized/used shadow passwords,
but _only_ if the password being input was 8 characters or less in length.
My whole shadow suit (i.e. login, libshadow, etc.) had been compiled to
use double-length (up to 16 characters in length) passwords.  Long passwords
(and short ones) worked just fine from the (non-X) console, but xdm wouldn't
deal with them.
Now, at the risk of starting a religious war here (and sincerely hoping it
doesn't), several conversations on the irc #linux and #linpeople channels
on the subject of long ( >8 characters) shadow passwords for xdm, and in the
shadow suite in general, indicated that compiling the shadow suite and
libshadow for double-length passwords made things less secure than compiling
for 'normal' length (8 char. or less) shadow passwords.
As a result, I decided to recompile the whole shadow suite for normal length
passwords, and recompiled xdm.  Works fine.

Gary