emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

* libmisc/salt.c: Make sure the salt string is terminated at the

Browse Source 
right place (either 8th, or 11th position).
 * NEWS, src/chgpasswd.c, src/chpasswd.c: The protocol + salt does
   not need 15 chars. No need for a temporary buffer.
   This change the fix committed on 2007-11-10. The salt provided to
   pw_encrypt could have been too long.
This commit is contained in:
nekral-guest
2007-11-16 19:02:00 +00:00
parent e163c5fe9c
commit 449f17385a
5 changed files with 30 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
libmisc/salt.c
View File

@ -62,11 +62,13 @@ char *crypt_make_salt (void)
{
struct timeval tv;
static char result[40];
int max_salt_len = 8;
result[0] = '\0';
#ifndef USE_PAM
if (getdef_bool ("MD5_CRYPT_ENAB")) {
strcpy (result, "$1$"); /* magic for the new MD5 crypt() */
max_salt_len += 3;
}
#endif
@ -77,8 +79,8 @@ char *crypt_make_salt (void)
strcat (result, l64a (tv.tv_usec));
strcat (result, l64a (tv.tv_sec + getpid () + clock ()));
if (strlen (result) > 3 + 8) /* magic+salt */
result[11] = '\0';
if (strlen (result) > max_salt_len) /* magic+salt */
result[max_salt_len] = '\0';
return result;
}