Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Digest::MD5 help

Status
Not open for further replies.

dwhalen

Programmer
Feb 22, 2002
105
CA
Hello,

I work on a web application that uses md5_hex to store and verify passwords. I needed to write a perl program that can be run from the command line and connects up to the database but the user must pass in a username and password. I made the authentication pretty much exactly the same as how the web application uses it. This all works fine on my development server. However, when I take the code over to the production server at another site the password authentication fails from the command line but passes on the web. I print out what the password is md5_hexed into and it is clearly different than what it is on the development server (the password is hardcoded right now just for testing).

I find this very baffling, especially since the web authentication on the production server works fine (through apache and mod_perl). Could the command line program be using a different version of Digest::MD5 than the web?

How can I force it to use the latest version? This is how I use the Digest::MD5

Code:
use Digest::MD5 qw(md5_hex);

sub verify
{
my ($passSentIn,$storedPass) = @_;

my $md5pass = md5_hex("$passSentIn");

if($md5pass eq $storedPass)
{
#do stuff

}

This is a very simplifed version of it of course.

Thanks for the help.

Later
 
A simplified version ... I hope so

Do an environment check to make sure you're seeing the same libs as the web user

As Duncan points out, could it be a newline character ... how far does it match, or does it match at all

What are you testing on OS-wise, and the production environment?

--Paul

It's important in life to always strike a happy medium, so if you see someone with a crystal ball, and a smile on their face ...
 
A simplified version ... I hope so

hehehe...yeah, I just wanted to give an idea of how I was comparing and where it was failing.

As for the new line character, well I have thought of that but I dismissed it because the password is hardcoded on both the dev system and the production system in a file that is called from cron. For example:
Code:
my $orderid = 1000;
my $username = "devin";
my $password = "password";

#system call to perl program passing in my variables
system(./perlProgram.pl $orderid $username $pass);

Again, this is very simplified just to show you what I mean about being hardcode and passed to a perl program.

Both production and dev server are running the same version of Red Hat which is 7.2.

Since you two are not the first to mention the new line character, I am going to test by adding a new line character on my dev system just to see what it says....worth a shot :).

So, could it be a different version of the Digest::MD5 that is causing the problem? Is there anyway to force the program to only use a certain version number?

Thanks for your help....really appreciate it.

Later
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top