crypt() in glibc/eglibc 2.17 now fails if passed
a salt that violates specs. On Linux, crypt() also fails with DES/MD5 salts in FIPS140 mode. Rather than exit() on NULL returns we send them back to the caller for appropriate handling.
This commit is contained in:
mancha
bubulle
@@ -73,6 +73,7 @@ int pw_auth (const char *cipher,
|
||||
char prompt[1024];
|
||||
char *clear = NULL;
|
||||
const char *cp;
|
||||
const char *encrypted;
|
||||
int retval;
|
||||
|
||||
#ifdef SKEY
|
||||
@@ -177,7 +178,11 @@ int pw_auth (const char *cipher,
|
||||
* the results there as well.
|
||||
*/
|
||||
|
||||
retval = strcmp (pw_encrypt (input, cipher), cipher);
|
||||
encrypted = pw_encrypt (input, cipher);
|
||||
if (encrypted!=NULL)
|
||||
retval = strcmp (encrypted, cipher);
|
||||
else
|
||||
retval = -1;
|
||||
|
||||
#ifdef SKEY
|
||||
/*
|
||||
|
||||
Reference in New Issue
Block a user